Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 1 is already weaponised in the wild — see the Exploited section.
ALINUX2-SA-2020:0007: qemu-kvm-ma security and bug fix update (Moderate)
CVEs:CVE-2018-17963CVE-2019-6501
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| qemu-kvm-ma | affected | Alibaba Cloud | qemu-kvm-ma | — |
ALINUX2-SA-2020:0008: git security update (Important)
CVEs:CVE-2019-1387
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| git | affected | Alibaba Cloud | git | — |
ALINUX2-SA-2020:0009: openjpeg2 security update (Important)
CVEs:CVE-2020-6851
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| openjpeg2 | affected | Alibaba Cloud | openjpeg2 | — |
ALINUX2-SA-2020:0010: python-reportlab security update (Important)
CVEs:CVE-2019-17626
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| python-reportlab | affected | Alibaba Cloud | python-reportlab | — |
ALINUX2-SA-2020:0011: libarchive security update (Important)
CVEs:CVE-2019-18408
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libarchive | affected | Alibaba Cloud | libarchive | — |
ALINUX2-SA-2020:0012: sqlite security update (Important)
CVEs:CVE-2019-13734
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| sqlite | affected | Alibaba Cloud | sqlite | — |
ALINUX2-SA-2020:0013: java-1.8.0-openjdk security update (Important)
CVEs:CVE-2020-2583CVE-2020-2590CVE-2020-2593CVE-2020-2601CVE-2020-2604CVE-2020-2654CVE-2020-2659
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| java-1.8.0-openjdk | affected | Alibaba Cloud | java-1.8.0-openjdk | — |
ALINUX2-SA-2020:0014: java-11-openjdk security update (Important)
CVEs:CVE-2020-2583CVE-2020-2590CVE-2020-2593CVE-2020-2601CVE-2020-2604CVE-2020-2654CVE-2020-2655
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| java-11-openjdk | affected | Alibaba Cloud | java-11-openjdk | — |
ALINUX2-SA-2020:0006: SDL security update (Important)
CVEs:CVE-2019-14906
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| SDL | affected | Alibaba Cloud | SDL | — |
ALINUX2-SA-2020:0001: ghostscript security update (Important)
CVEs:CVE-2019-14869
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| ghostscript | affected | Alibaba Cloud | ghostscript | — |
ALINUX2-SA-2020:0002: tcpdump security update (Low)
CVEs:CVE-2018-19519
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| tcpdump | affected | Alibaba Cloud | tcpdump | — |
ALINUX2-SA-2020:0003: openslp security update (Critical)
CVEs:CVE-2019-5544
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| openslp | affected | Alibaba Cloud | openslp | — |
ALINUX2-SA-2020:0004: fribidi security update (Important)
CVEs:CVE-2019-18397
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| fribidi | affected | Alibaba Cloud | fribidi | — |
ALINUX2-SA-2020:0005: nss, nss-softokn, nss-util security update (Important)
CVEs:CVE-2019-11729CVE-2019-11745
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| nss | affected | Alibaba Cloud | nss | — |
| nss-softokn | affected | Alibaba Cloud | nss-softokn | — |
| nss-util | affected | Alibaba Cloud | nss-util | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.