ALINUX2-SA-2020:0023
ALINUX 22020-02-28
ALINUX2-SA-2020:0023: ksh security update (Important)
CVEs:CVE-2019-14868
Affected products
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| ksh | affected | Alibaba Cloud | ksh | — |
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 2 are already weaponised in the wild — see the Exploited section.
ALINUX2-SA-2020:0023: ksh security update (Important)
CVEs:CVE-2019-14868
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| ksh | affected | Alibaba Cloud | ksh | — |
ALINUX2-SA-2020:0024: python-pillow security update (Important)
CVEs:CVE-2019-16865CVE-2020-5312
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| python-pillow | affected | Alibaba Cloud | python-pillow | — |
ALINUX2-SA-2020:0022: openjpeg2 security update (Important)
CVEs:CVE-2020-8112
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| openjpeg2 | affected | Alibaba Cloud | openjpeg2 | — |
ALINUX2-SA-2020:0021: firefox security update (Important)
CVEs:CVE-2020-6796CVE-2020-6798CVE-2020-6800
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| firefox | affected | Alibaba Cloud | firefox | — |
ALINUX2-SA-2020:0019: sudo security update (Important)
CVEs:CVE-2019-18634
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| sudo | affected | Alibaba Cloud | sudo | — |
ALINUX2-SA-2020:0020: java-1.7.0-openjdk security update (Important)
CVEs:CVE-2020-2583CVE-2020-2590CVE-2020-2593CVE-2020-2601CVE-2020-2604CVE-2020-2654CVE-2020-2659
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| java-1.7.0-openjdk | affected | Alibaba Cloud | java-1.7.0-openjdk | — |
ALINUX2-SA-2020:0018: qemu-kvm security, bug fix, and enhancement update (Important)
CVEs:CVE-2019-11135CVE-2019-14378
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| qemu-kvm | affected | Alibaba Cloud | qemu-kvm | — |
ALINUX2-SA-2020:0016: firefox security update (Critical)
CVEs:CVE-2019-17016CVE-2019-17017CVE-2019-17022CVE-2019-17024CVE-2019-17026
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| firefox | affected | Alibaba Cloud | firefox | — |
ALINUX2-SA-2020:0017: thunderbird security update (Important)
CVEs:CVE-2019-17016CVE-2019-17017CVE-2019-17022CVE-2019-17024CVE-2019-17026
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| thunderbird | affected | Alibaba Cloud | thunderbird | — |
ALINUX2-SA-2020:0015: apache-commons-beanutils security update (Important)
CVEs:CVE-2019-10086
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| apache-commons-beanutils | affected | Alibaba Cloud | apache-commons-beanutils | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.