Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 1 is already weaponised in the wild — see the Exploited section.
HOTFIX-BA-2022:0002: kernel-hotfix bugfix update (Important)
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel-hotfix-7776300-23.al7 | affected | Alibaba Cloud | kernel-hotfix-7776300-23.al7 | — |
HOTFIX-BA-2022:0003: kernel-hotfix bugfix update (Important)
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel-hotfix-7776300-24.1.al7 | affected | Alibaba Cloud | kernel-hotfix-7776300-24.1.al7 | — |
HOTFIX-BA-2022:0004: kernel-hotfix bugfix update (Important)
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel-hotfix-7776300-24.al7 | affected | Alibaba Cloud | kernel-hotfix-7776300-24.al7 | — |
HOTFIX-BA-2022:0005: kernel-hotfix bugfix update (Important)
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel-hotfix-7776300-25.1.al7 | affected | Alibaba Cloud | kernel-hotfix-7776300-25.1.al7 | — |
HOTFIX-BA-2022:0006: kernel-hotfix bugfix update (Important)
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel-hotfix-7776300-22.2.al7 | affected | Alibaba Cloud | kernel-hotfix-7776300-22.2.al7 | — |
ALINUX2-SA-2022:0014: python-pillow security update (Important)
CVEs:CVE-2022-22816CVE-2022-22817
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| python-pillow | affected | Alibaba Cloud | python-pillow | — |
ALINUX2-SA-2022:0015: cyrus-sasl security update (Important)
CVEs:CVE-2022-24407
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| cyrus-sasl | affected | Alibaba Cloud | cyrus-sasl | — |
ALINUX2-SA-2022:0013: openldap security update (Moderate)
CVEs:CVE-2020-25709CVE-2020-25710
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| openldap | affected | Alibaba Cloud | openldap | — |
ALINUX2-SA-2022:0012: 389-ds-base security and bug fix update (Low)
CVEs:CVE-2021-4091
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| 389-ds-base | affected | Alibaba Cloud | 389-ds-base | — |
ALINUX2-SA-2022:0011: aide security update (Important)
CVEs:CVE-2021-45417
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| aide | affected | Alibaba Cloud | aide | — |
ALINUX2-SA-2022:0010: log4j security update (Important)
CVEs:CVE-2022-23302CVE-2022-23305CVE-2022-23307
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| log4j | affected | Alibaba Cloud | log4j | — |
ALINUX2-SA-2022:0009: samba security and bug fix update (Critical)
CVEs:CVE-2021-44142
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| samba | affected | Alibaba Cloud | samba | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.