ALAS-2019-1300
ALAS · AL1Medium2019-09-30
ALAS-2019-1300: mod24_auth_openidc (medium)
CVEs:CVE-2017-6059CVE-2017-6413
Affected products
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mod24_auth_openidc | affected | Amazon | mod24_auth_openidc | — |
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity).
ALAS-2019-1300: mod24_auth_openidc (medium)
CVEs:CVE-2017-6059CVE-2017-6413
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mod24_auth_openidc | affected | Amazon | mod24_auth_openidc | — |
ALAS-2019-1299: nginx (important)
CVEs:CVE-2019-9511CVE-2019-9513CVE-2019-9516
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| nginx | affected | Amazon | nginx | — |
ALAS-2019-1298: nghttp2 (important)
CVEs:CVE-2019-9511CVE-2019-9513
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| nghttp2 | affected | Amazon | nghttp2 | — |
ALAS-2019-1297: mysql57 (medium)
CVEs:CVE-2019-2740CVE-2019-2805CVE-2019-3822
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mysql57 | affected | Amazon | mysql57 | — |
ALAS-2019-1296: mysql56 (medium)
CVEs:CVE-2019-2739CVE-2019-2740CVE-2019-2819
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mysql56 | affected | Amazon | mysql56 | — |
ALAS-2019-1295: oniguruma (medium)
CVEs:CVE-2019-13224CVE-2019-13225
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| oniguruma | affected | Amazon | oniguruma | — |
ALAS-2019-1294: curl (medium)
CVEs:CVE-2019-5481CVE-2019-5482
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| curl | affected | Amazon | curl | — |
Xen Security Advisory 208 (XSA-208)
Xen Security Advisory 209 (XSA-209)
Xen Security Advisory 211 (XSA-211)
Xen Security Advisory 212 (XSA-212)
Xen Security Advisories - May 2017
Microsoft Security Bulletin MS17-010 Advisory
Linux Security Advisories - June 2017
Xen Security Advisories - June 2017
Xen Security Advisories - August 2017
Xen Security Advisories - September 2017
Xen Security Advisories - October 2017
ROBOT TLS security issue
Processor Speculative Execution Research Disclosure
Xen Security Advisories 260-262 (XSA-260, XSA-261, XSA-262)
CVEs:CVE-2018-8897
Additional Processor Speculative Execution Research Disclosures
CVEs:CVE-2018-3639
Redis Security Advisory
Kubernetes Security Issues (CVE-2019-1002101 and CVE-2019-9946)
Linux Kernel TCP SACK Denial of Service Issues
ALAS-2019-1293: kernel (important)
CVEs:CVE-2019-14821CVE-2019-14835
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2019-1287: perl-Archive-Tar (medium)
CVEs:CVE-2018-12015
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| perl-Archive-Tar | affected | Amazon | perl-Archive-Tar | — |
ALAS-2019-1286: libjpeg-turbo (medium)
CVEs:CVE-2016-3616CVE-2018-11212CVE-2018-11213CVE-2018-11214CVE-2018-11813CVE-2018-14498
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libjpeg-turbo | affected | Amazon | libjpeg-turbo | — |
ALAS-2019-1285: zsh (medium)
CVEs:CVE-2018-13259
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| zsh | affected | Amazon | zsh | — |
ALAS-2019-1284: php72 (low)
CVEs:CVE-2019-11041CVE-2019-11042
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| php72 | affected | Amazon | php72 | — |
ALAS-2019-1283: php71, php73 (low)
CVEs:CVE-2019-11041CVE-2019-11042CVE-2019-13224
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| php71, php73 | affected | Amazon | php71, php73 | — |
ALAS-2019-1282: php71, php72, php73 (medium)
CVEs:CVE-2019-9637CVE-2019-9640
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| php71, php72, php73 | affected | Amazon | php71, php72, php73 | — |
ALAS-2019-1281: kernel (medium)
CVEs:CVE-2019-15538CVE-2019-15902
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2019-1280: kernel (medium)
CVEs:CVE-2018-15594CVE-2018-9363
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2019-1278: kernel (low)
CVEs:CVE-2018-9516
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2019-1279: kernel (low)
CVEs:CVE-2018-7755
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
Kubernetes Security Issue (CVE-2019-11249)
ALAS-2019-1277: exim (critical)
CVEs:CVE-2019-15846
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| exim | affected | Amazon | exim | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.