Alibaba Security Advisories — May 2022 — Alibaba Security Advisories

Alibaba Security Advisories · May 2022 — Alibaba Security Advisories

2 advisories 23 CVEs 1 EXPLOITED

Alibaba Cloud Linux 2 advisories and cross-source Alibaba/Aliyun CVEs for 2022-05. Mirrored into Vulnetix VDB.

Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 1 is already weaponised in the wild — see the Exploited section.

Back to archive Open Console

Advisories

ALINUX2-SA-2022:0028

ALINUX 2Exploited2022-05-24

ALINUX2-SA-2022:0028: cloud-kernel bugfix, enhancement and security update (Important)

CVEs:CVE-2019-19057 CVE-2019-19067 CVE-2019-19073 CVE-2019-19074 CVE-2019-20636 CVE-2020-11608 CVE-2020-11609 CVE-2020-11668 CVE-2020-12465 CVE-2021-4157 CVE-2021-4202 CVE-2021-4203 CVE-2021-45868 CVE-2022-0330 CVE-2022-0435 CVE-2022-0617 CVE-2022-0847 CVE-2022-0886 CVE-2022-1353 CVE-2022-1419 CVE-2022-22942 CVE-2022-29581

Affected products

Product	Status	Vendor	Package	Ecosystem
kernel	affected	Alibaba Cloud	kernel	—

Upstream advisory

ALINUX2-SA-2022:0023

ALINUX 22022-05-19

ALINUX2-SA-2022:0023: gzip security update (Important)

CVEs:CVE-2022-1271

Affected products

Product	Status	Vendor	Package	Ecosystem
gzip	affected	Alibaba Cloud	gzip	—

Upstream advisory

Need live exploit intelligence?

Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.

All months Open Console