AWS Security Advisories — November 2014 — AWS Security Advisories — Vulnetix

Try Vulnetix Request Demo

AWS Security Advisories · November 2014 — AWS Security Advisories

16 advisories 53 CVEs

Amazon Linux (AL1, AL2, AL2023), AWS Security Bulletins, and AWS SDK CVEs for 2014-11. Mirrored into Vulnetix VDB.

Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity).

Back to archive Open Console

Advisories

ALAS-2014-454

ALAS · AL1Critical2014-11-25

ALAS-2014-454: docker (critical)

CVEs:CVE-2014-6407 CVE-2014-6408

Affected products

Product	Status	Vendor	Package	Ecosystem
docker	affected	Amazon	docker	—

Upstream advisory

ALAS-2014-453

ALAS · AL1Medium2014-11-22

ALAS-2014-453: file (medium)

CVEs:CVE-2014-3710

Affected products

Product	Status	Vendor	Package	Ecosystem
file	affected	Amazon	file	—

Upstream advisory

ALAS-2014-452

ALAS · AL1Medium2014-11-22

ALAS-2014-452: libX11, libXcursor, libXfixes, libXi, libXrandr, libXrender, libXres, libXt, libXv, libXvMC, libXxf86dga, libXxf86vm, libdmx, xorg-x11-proto-devel (medium)

CVEs:CVE-2013-1981 CVE-2013-1982 CVE-2013-1983 CVE-2013-1984 CVE-2013-1985 CVE-2013-1986 CVE-2013-1987 CVE-2013-1988 CVE-2013-1989 CVE-2013-1990 CVE-2013-1991 CVE-2013-1995 CVE-2013-1997 CVE-2013-1998 CVE-2013-1999 CVE-2013-2000 CVE-2013-2001 CVE-2013-2002 CVE-2013-2003 CVE-2013-2004 CVE-2013-2005 CVE-2013-2062 CVE-2013-2064 CVE-2013-2066

Affected products

Product	Status	Vendor	Package	Ecosystem
libX11, libXcursor, libXfixes, libXi, libXrandr, libXrender, libXres, libXt, libXv, libXvMC, libXxf86dga, libXxf86vm, libdmx, xorg-x11-proto-devel	affected	Amazon	libX11, libXcursor, libXfixes, libXi, libXrandr, libXrender, libXres, libXt, libXv, libXvMC, libXxf86dga, libXxf86vm, libdmx, xorg-x11-proto-devel	—

Upstream advisory

ALAS-2014-450

ALAS · AL1Medium2014-11-22

ALAS-2014-450: php54 (medium)

CVEs:CVE-2014-3710

Affected products

Product	Status	Vendor	Package	Ecosystem
php54	affected	Amazon	php54	—

Upstream advisory

ALAS-2014-451

ALAS · AL1Medium2014-11-22

ALAS-2014-451: php55 (medium)

CVEs:CVE-2014-3710

Affected products

Product	Status	Vendor	Package	Ecosystem
php55	affected	Amazon	php55	—

Upstream advisory

ALAS-2014-448

ALAS · AL1Medium2014-11-13

ALAS-2014-448: ruby20 (medium)

CVEs:CVE-2014-8090

Affected products

Product	Status	Vendor	Package	Ecosystem
ruby20	affected	Amazon	ruby20	—

Upstream advisory

ALAS-2014-449

ALAS · AL1Medium2014-11-13

ALAS-2014-449: ruby21 (medium)

CVEs:CVE-2014-8090

Affected products

Product	Status	Vendor	Package	Ecosystem
ruby21	affected	Amazon	ruby21	—

Upstream advisory

ALAS-2014-447

ALAS · AL1Medium2014-11-13

ALAS-2014-447: ruby19 (medium)

CVEs:CVE-2014-8090

Affected products

Product	Status	Vendor	Package	Ecosystem
ruby19	affected	Amazon	ruby19	—

Upstream advisory

ALAS-2014-446

ALAS · AL1Medium2014-11-11

ALAS-2014-446: wireshark (medium)

CVEs:CVE-2014-6421 CVE-2014-6422 CVE-2014-6423 CVE-2014-6424 CVE-2014-6425 CVE-2014-6426 CVE-2014-6427 CVE-2014-6428 CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432

Affected products

Product	Status	Vendor	Package	Ecosystem
wireshark	affected	Amazon	wireshark	—

Upstream advisory

ALAS-2014-444

ALAS · AL1Medium2014-11-11

ALAS-2014-444: libxml2 (medium)

CVEs:CVE-2014-3660

Affected products

Product	Status	Vendor	Package	Ecosystem
libxml2	affected	Amazon	libxml2	—

Upstream advisory

ALAS-2014-445

ALAS · AL1Medium2014-11-11

ALAS-2014-445: rsyslog (medium)

CVEs:CVE-2014-3634

Affected products

Product	Status	Vendor	Package	Ecosystem
rsyslog	affected	Amazon	rsyslog	—

Upstream advisory

ALAS-2014-443

ALAS · AL1Medium2014-11-11

ALAS-2014-443: krb5 (medium)

CVEs:CVE-2013-1418 CVE-2013-6800 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345

Affected products

Product	Status	Vendor	Package	Ecosystem
krb5	affected	Amazon	krb5	—

Upstream advisory

ALAS-2014-442

ALAS · AL1Medium2014-11-05

ALAS-2014-442: wget (medium)

CVEs:CVE-2014-4877

Affected products

Product	Status	Vendor	Package	Ecosystem
wget	affected	Amazon	wget	—

Upstream advisory

ALAS-2014-441

ALAS · AL1Medium2014-11-05

ALAS-2014-441: ruby20 (medium)

CVEs:CVE-2014-8080

Affected products

Product	Status	Vendor	Package	Ecosystem
ruby20	affected	Amazon	ruby20	—

Upstream advisory

ALAS-2014-440

ALAS · AL1Medium2014-11-05

ALAS-2014-440: python27 (medium)

CVEs:CVE-2014-4650 CVE-2014-7185

Affected products

Product	Status	Vendor	Package	Ecosystem
python27	affected	Amazon	python27	—

Upstream advisory

ALAS-2014-439

ALAS · AL1Medium2014-11-05

ALAS-2014-439: ruby21 (medium)

CVEs:CVE-2014-8080

Affected products

Product	Status	Vendor	Package	Ecosystem
ruby21	affected	Amazon	ruby21	—

Upstream advisory

Need live exploit intelligence?

Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.

All months Open Console