ALAS-2018-1137
ALAS · AL1Important2018-12-20
ALAS-2018-1137: ghostscript (important)
CVEs:CVE-2018-16509
Affected products
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| ghostscript | affected | Amazon | ghostscript | — |
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity).
ALAS-2018-1137: ghostscript (important)
CVEs:CVE-2018-16509
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| ghostscript | affected | Amazon | ghostscript | — |
ALAS-2018-1136: git (important)
CVEs:CVE-2018-19486
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| git | affected | Amazon | git | — |
ALAS-2018-1133: kernel (medium)
CVEs:CVE-2018-16862CVE-2018-18710CVE-2018-19407
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2018-1132: python34, python36 (medium)
CVEs:CVE-2018-14647
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| python34, python36 | affected | Amazon | python34, python36 | — |
ALAS-2018-1130: golang (important)
CVEs:CVE-2018-16873CVE-2018-16874CVE-2018-16875
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| golang | affected | Amazon | golang | — |
ALAS-2018-1104: httpd24 (medium)
CVEs:CVE-2018-11763
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| httpd24 | affected | Amazon | httpd24 | — |
ALAS-2018-1125: nginx (medium)
CVEs:CVE-2018-16843CVE-2018-16844
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| nginx | affected | Amazon | nginx | — |
Recommended update for aws-cli, python-boto3, python-botocore, python-s3transfer
CVEs:SUSE-RU-2018:4074-1
ALAS-2018-1119: postgresql96 (important)
CVEs:CVE-2018-10915CVE-2018-10925CVE-2018-1115
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| postgresql96 | affected | Amazon | postgresql96 | — |
ALAS-2018-1118: postgresql95 (important)
CVEs:CVE-2018-10915CVE-2018-10925
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| postgresql95 | affected | Amazon | postgresql95 | — |
ALAS-2018-1117: postgresql93, postgresql94 (important)
CVEs:CVE-2018-10915
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| postgresql93, postgresql94 | affected | Amazon | postgresql93, postgresql94 | — |
ALAS-2018-1116: mysql55 (medium)
CVEs:CVE-2016-9843CVE-2018-3133CVE-2018-3174CVE-2018-3282
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mysql55 | affected | Amazon | mysql55 | — |
ALAS-2018-1115: mysql56 (medium)
CVEs:CVE-2016-9843CVE-2018-3133CVE-2018-3143CVE-2018-3156CVE-2018-3174CVE-2018-3247CVE-2018-3251CVE-2018-3276CVE-2018-3278CVE-2018-3282
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mysql56 | affected | Amazon | mysql56 | — |
ALAS-2018-1114: mysql57 (medium)
CVEs:CVE-2016-9843CVE-2018-3133CVE-2018-3143CVE-2018-3144CVE-2018-3155CVE-2018-3156CVE-2018-3161CVE-2018-3162CVE-2018-3171CVE-2018-3173CVE-2018-3174CVE-2018-3185CVE-2018-3187CVE-2018-3200CVE-2018-3247CVE-2018-3251CVE-2018-3276CVE-2018-3277CVE-2018-3278CVE-2018-3282CVE-2018-3283CVE-2018-3284
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mysql57 | affected | Amazon | mysql57 | — |
ALAS-2018-1113: ruby23, ruby24 (important)
CVEs:CVE-2018-16395CVE-2018-16396
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| ruby23, ruby24 | affected | Amazon | ruby23, ruby24 | — |
ALAS-2018-1112: curl (low)
CVEs:CVE-2018-14618
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| curl | affected | Amazon | curl | — |
ALAS-2018-1111: java-1.7.0-openjdk (critical)
CVEs:CVE-2018-3136CVE-2018-3139CVE-2018-3149CVE-2018-3169CVE-2018-3180CVE-2018-3214
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| java-1.7.0-openjdk | affected | Amazon | java-1.7.0-openjdk | — |
ALAS-2018-1110: poppler (low)
CVEs:CVE-2017-18267CVE-2018-10768CVE-2018-13988
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| poppler | affected | Amazon | poppler | — |
ALAS-2018-1109: glibc (medium)
CVEs:CVE-2017-16997CVE-2018-11236CVE-2018-11237CVE-2018-6485
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| glibc | affected | Amazon | glibc | — |
ALAS-2018-1108: python27 (medium)
CVEs:CVE-2018-1060CVE-2018-1061
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| python27 | affected | Amazon | python27 | — |
ALAS-2018-1107: zsh (medium)
CVEs:CVE-2014-10071CVE-2014-10072CVE-2017-18205CVE-2017-18206CVE-2018-1071CVE-2018-1083CVE-2018-1100CVE-2018-7549
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| zsh | affected | Amazon | zsh | — |
ALAS-2018-1106: 389-ds-base (medium)
CVEs:CVE-2018-14648
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| 389-ds-base | affected | Amazon | 389-ds-base | — |
ALAS-2018-1102: openssl (medium)
CVEs:CVE-2017-3735CVE-2018-0495CVE-2018-0739
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| openssl | affected | Amazon | openssl | — |
Kubernetes Security Issue (CVE-2018-1002105)
CVEs:CVE-2018-1002105
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.