GHSA-fc67-c4hg-q653: Amazon ECS Container Agent (Windows) is vulnerable to Information Disclosure

May 7, 2026

Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. An issue exists where, under certain circumstances, improper input validation in the FSx Windows File Server volume mounting process allows command injection through specially crafted credentials.

References

github.com/advisories/GHSA-fc67-c4hg-q653
github.com/aws/amazon-ecs-agent
github.com/aws/amazon-ecs-agent/security/advisories/GHSA-fc67-c4hg-q653

Code Behaviors & Features

Detect and mitigate GHSA-fc67-c4hg-q653 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →