ALAS-2014-419
ALAS · AL1ExploitedImportant2014-09-24
ALAS-2014-419: bash (important)
CVEs:CVE-2014-7169CVE-2014-7186CVE-2014-7187
Affected products
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| bash | affected | Amazon | bash | — |
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 2 are already weaponised in the wild — see the Exploited section.
ALAS-2014-419: bash (important)
CVEs:CVE-2014-7169CVE-2014-7186CVE-2014-7187
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| bash | affected | Amazon | bash | — |
ALAS-2014-418: bash (critical)
CVEs:CVE-2014-6271
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| bash | affected | Amazon | bash | — |
ALAS-2014-416: json-c (medium)
CVEs:CVE-2013-6370CVE-2013-6371
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| json-c | affected | Amazon | json-c | — |
ALAS-2014-417: kernel (medium)
CVEs:CVE-2014-5206CVE-2014-5207
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2014-415: php55 (medium)
CVEs:CVE-2012-1571CVE-2014-2497CVE-2014-3587CVE-2014-5120
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| php55 | affected | Amazon | php55 | — |
ALAS-2014-413: subversion (medium)
CVEs:CVE-2014-3522
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| subversion | affected | Amazon | subversion | — |
ALAS-2014-414: httpd (low)
CVEs:CVE-2013-5704
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| httpd | affected | Amazon | httpd | — |
ALAS-2014-410: jakarta-commons-httpclient (important)
CVEs:CVE-2012-5783CVE-2012-6153CVE-2014-3577
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| jakarta-commons-httpclient | affected | Amazon | jakarta-commons-httpclient | — |
ALAS-2014-411: squid (important)
CVEs:CVE-2013-4115CVE-2014-3609
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| squid | affected | Amazon | squid | — |
ALAS-2014-412: axis (important)
CVEs:CVE-2014-3596
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| axis | affected | Amazon | axis | — |
ALAS-2014-408: procmail (important)
CVEs:CVE-2014-3618
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| procmail | affected | Amazon | procmail | — |
ALAS-2014-409: fwsnort (medium)
CVEs:CVE-2014-0039
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| fwsnort | affected | Amazon | fwsnort | — |
ALAS-2014-405: libxcb (medium)
CVEs:CVE-2013-2064
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libxcb | affected | Amazon | libxcb | — |
ALAS-2014-406: libXtst (medium)
CVEs:CVE-2013-2063
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libXtst | affected | Amazon | libXtst | — |
ALAS-2014-407: curl (medium)
CVEs:CVE-2014-3613CVE-2014-3620
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| curl | affected | Amazon | curl | — |
ALAS-2014-402: lua (medium)
CVEs:CVE-2014-5461
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| lua | affected | Amazon | lua | — |
ALAS-2014-403: libXext (medium)
CVEs:CVE-2013-1982
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libXext | affected | Amazon | libXext | — |
ALAS-2014-404: libXfont (medium)
CVEs:CVE-2014-0209CVE-2014-0210CVE-2014-0211
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libXfont | affected | Amazon | libXfont | — |
ALAS-2014-400: glibc (medium)
CVEs:CVE-2014-0475
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| glibc | affected | Amazon | glibc | — |
ALAS-2014-401: automake19 (low)
CVEs:CVE-2012-3386
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| automake19 | affected | Amazon | automake19 | — |
ALAS-2014-399: glibc (important)
CVEs:CVE-2014-5119
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| glibc | affected | Amazon | glibc | — |
ALAS-2014-398: file (medium)
CVEs:CVE-2014-3587
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| file | affected | Amazon | file | — |
ALAS-2014-397: libserf (medium)
CVEs:CVE-2014-3504
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libserf | affected | Amazon | libserf | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.