AWS Security Advisories — November 2021 — AWS Security Advisories

ALAS-2021-1550

ALAS · AL1Medium2021-11-18

ALAS-2021-1550: docker (medium)

CVEs:CVE-2021-21284 CVE-2021-21285

Affected products

Product	Status	Vendor	Package	Ecosystem
docker	affected	Amazon	docker	—

Upstream advisory

ALAS-2021-1551

ALAS · AL1Medium2021-11-18

ALAS-2021-1551: containerd, docker (medium)

CVEs:CVE-2021-41190

Affected products

Product	Status	Vendor	Package	Ecosystem
containerd, docker	affected	Amazon	containerd, docker	—

Upstream advisory

GHSA-rrc9-gqf8-8rwg

AWS SDKHIGH2021-11-16

Prototype Pollution via file load in aws-sdk and @aws-sdk/shared-ini-file-loader

CVEs:GHSA-rrc9-gqf8-8rwg

Upstream advisory

ALAS-2021-1547

ALAS · AL1Important2021-11-15

ALAS-2021-1547: tomcat8 (important)

CVEs:CVE-2021-33037 CVE-2021-41079 CVE-2024-21733

Affected products

Product	Status	Vendor	Package	Ecosystem
tomcat8	affected	Amazon	tomcat8	—

Upstream advisory

ALAS-2021-1549

ALAS · AL1Medium2021-11-15

ALAS-2021-1549: curl (medium)

CVEs:CVE-2021-22946 CVE-2021-22947

Affected products

Product	Status	Vendor	Package	Ecosystem
curl	affected	Amazon	curl	—

Upstream advisory

ALAS-2021-1544

ALAS · AL1Medium2021-11-04

ALAS-2021-1544: mysql57 (medium)

CVEs:CVE-2021-2342 CVE-2021-2356 CVE-2021-2372 CVE-2021-2385

Affected products

Product	Status	Vendor	Package	Ecosystem
mysql57	affected	Amazon	mysql57	—

Upstream advisory

ALAS-2021-1545

ALAS · AL1Medium2021-11-04

ALAS-2021-1545: c-ares (medium)

CVEs:CVE-2021-3672

Affected products

Product	Status	Vendor	Package	Ecosystem
c-ares	affected	Amazon	c-ares	—

Upstream advisory

ALAS-2021-1546

ALAS · AL1Important2021-11-04

ALAS-2021-1546: tomcat8 (important)

CVEs:CVE-2021-42340

Affected products

Product	Status	Vendor	Package	Ecosystem
tomcat8	affected	Amazon	tomcat8	—

Upstream advisory

Advisories

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Need live exploit intelligence?