AWS-2022-010
AWS Bulletin2022-12-09
Reported ECR Public Gallery Issue
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity).
Reported ECR Public Gallery Issue
ALAS-2022-1640: rsync (important)
CVEs:CVE-2018-25032
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| rsync | affected | Amazon | rsync | — |
ALAS-2022-1641: tcpdump (medium)
CVEs:CVE-2019-15167
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| tcpdump | affected | Amazon | tcpdump | — |
ALAS-2022-1642: samba (important)
CVEs:CVE-2020-17049CVE-2022-32742CVE-2022-32744CVE-2022-32745CVE-2022-32746
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| samba | affected | Amazon | samba | — |
ALAS-2022-1644: libtiff (important)
CVEs:CVE-2022-1355CVE-2022-3970
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libtiff | affected | Amazon | libtiff | — |
ALAS-2022-1645: kernel (important)
CVEs:CVE-2021-47103CVE-2022-20369CVE-2022-26373CVE-2022-2978CVE-2022-3542CVE-2022-3564CVE-2022-3565CVE-2022-3594CVE-2022-3621CVE-2022-3646CVE-2022-3649CVE-2022-39842CVE-2022-40768CVE-2022-41849CVE-2022-41850CVE-2022-43750CVE-2022-48651
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2022-1646: curl (medium)
CVEs:CVE-2022-22576CVE-2022-27774CVE-2022-27776CVE-2022-27781CVE-2022-27782CVE-2022-32206CVE-2022-32208CVE-2022-35252
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| curl | affected | Amazon | curl | — |
ALAS-2022-1647: libtiff (important)
CVEs:CVE-2022-2867
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libtiff | affected | Amazon | libtiff | — |
ALAS-2022-1648: rubygem-nokogiri (important)
CVEs:CVE-2022-29181
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| rubygem-nokogiri | affected | Amazon | rubygem-nokogiri | — |
ALAS-2022-1649: libksba (important)
CVEs:CVE-2022-3515
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libksba | affected | Amazon | libksba | — |
ALAS-2022-1650: zlib (medium)
CVEs:CVE-2022-37434
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| zlib | affected | Amazon | zlib | — |
ALAS-2022-1651: python38 (important)
CVEs:CVE-2022-37454
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| python38 | affected | Amazon | python38 | — |
ALAS-2022-1652: python36 (important)
CVEs:CVE-2022-37454
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| python36 | affected | Amazon | python36 | — |
ALAS-2022-1653: git (important)
CVEs:CVE-2022-39253CVE-2022-39260
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| git | affected | Amazon | git | — |
ALAS-2022-1654: expat (important)
CVEs:CVE-2022-40674
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| expat | affected | Amazon | expat | — |
ALAS-2022-1655: expat (important)
CVEs:CVE-2022-43680
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| expat | affected | Amazon | expat | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.