AWS Security Advisories — June 2022 — AWS Security Advisories

ALAS-2022-1601

ALAS · AL1Important2022-06-15

ALAS-2022-1601: log4j-cve-2021-44228-hotpatch (important)

CVEs:CVE-2022-33915

Affected products

Product	Status	Vendor	Package	Ecosystem
log4j-cve-2021-44228-hotpatch	affected	Amazon	log4j-cve-2021-44228-hotpatch	—

Upstream advisory

ALAS-2022-1587

ALAS · AL1Important2022-06-09

ALAS-2022-1587: aide (important)

CVEs:CVE-2021-45417

Affected products

Product	Status	Vendor	Package	Ecosystem
aide	affected	Amazon	aide	—

Upstream advisory

ALAS-2022-1588

ALAS · AL1Medium2022-06-09

ALAS-2022-1588: expat (medium)

CVEs:CVE-2021-45960

Affected products

Product	Status	Vendor	Package	Ecosystem
expat	affected	Amazon	expat	—

Upstream advisory

ALAS-2022-1589

ALAS · AL1Medium2022-06-09

ALAS-2022-1589: git (medium)

CVEs:CVE-2022-24765

Affected products

Product	Status	Vendor	Package	Ecosystem
git	affected	Amazon	git	—

Upstream advisory

ALAS-2022-1590

ALAS · AL1Important2022-06-09

ALAS-2022-1590: gzip (important)

CVEs:CVE-2022-1271

Affected products

Product	Status	Vendor	Package	Ecosystem
gzip	affected	Amazon	gzip	—

Upstream advisory

ALAS-2022-1591

ALAS · AL1Important2022-06-09

ALAS-2022-1591: kernel (important)

CVEs:CVE-2022-0854 CVE-2022-1011 CVE-2022-1353 CVE-2022-1516 CVE-2022-1729 CVE-2022-2639 CVE-2022-28389 CVE-2022-28390 CVE-2022-29581 CVE-2022-2977 CVE-2022-30594 CVE-2022-41858 CVE-2022-49058 CVE-2022-49085 CVE-2022-49114 CVE-2022-49287 CVE-2023-1637 CVE-2023-4387 CVE-2023-4459

Affected products

Product	Status	Vendor	Package	Ecosystem
kernel	affected	Amazon	kernel	—

Upstream advisory

ALAS-2022-1592

ALAS · AL1Important2022-06-09

ALAS-2022-1592: python-twisted-conch (important)

CVEs:CVE-2022-21716

Affected products

Product	Status	Vendor	Package	Ecosystem
python-twisted-conch	affected	Amazon	python-twisted-conch	—

Upstream advisory

ALAS-2022-1593

ALAS · AL1Medium2022-06-09

ALAS-2022-1593: python27 (medium)

CVEs:CVE-2020-27619 CVE-2021-23336 CVE-2021-3733 CVE-2021-3737 CVE-2021-4189 CVE-2022-0391

Affected products

Product	Status	Vendor	Package	Ecosystem
python27	affected	Amazon	python27	—

Upstream advisory

ALAS-2022-1594

ALAS · AL1Important2022-06-09

ALAS-2022-1594: rsyslog (important)

CVEs:CVE-2014-3634 CVE-2022-24903

Affected products

Product	Status	Vendor	Package	Ecosystem
rsyslog	affected	Amazon	rsyslog	—

Upstream advisory

ALAS-2022-1595

ALAS · AL1Important2022-06-09

ALAS-2022-1595: rubygem-nokogiri, rubygem18-nokogiri (important)

CVEs:CVE-2022-24836

Affected products

Product	Status	Vendor	Package	Ecosystem
rubygem-nokogiri, rubygem18-nokogiri	affected	Amazon	rubygem-nokogiri, rubygem18-nokogiri	—

Upstream advisory

ALAS-2022-1597

ALAS · AL1Important2022-06-09

ALAS-2022-1597: vim (important)

CVEs:CVE-2022-0261 CVE-2022-0318 CVE-2022-0359 CVE-2022-0361 CVE-2022-0392 CVE-2022-0413 CVE-2022-0572 CVE-2022-0943 CVE-2022-1154 CVE-2022-1160 CVE-2022-1381 CVE-2022-1420

Affected products

Product	Status	Vendor	Package	Ecosystem
vim	affected	Amazon	vim	—

Upstream advisory

ALAS-2022-1598

ALAS · AL1Important2022-06-09

ALAS-2022-1598: xz (important)

CVEs:CVE-2022-1271

Affected products

Product	Status	Vendor	Package	Ecosystem
xz	affected	Amazon	xz	—

Upstream advisory

ALAS-2022-1600

ALAS · AL1Medium2022-06-09

ALAS-2022-1600: containerd (medium)

CVEs:CVE-2022-31030

Affected products

Product	Status	Vendor	Package	Ecosystem
containerd	affected	Amazon	containerd	—

Upstream advisory

Advisories

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Need live exploit intelligence?