ALAS-2020-1458
ALAS · AL1Low2023-02-22
ALAS-2020-1458: dnsmasq (low)
CVEs:CVE-2019-14834
Affected products
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| dnsmasq | affected | Amazon | dnsmasq | — |
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 1 is already weaponised in the wild — see the Exploited section.
ALAS-2020-1458: dnsmasq (low)
CVEs:CVE-2019-14834
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| dnsmasq | affected | Amazon | dnsmasq | — |
ALAS-2023-1685: golang (medium)
CVEs:CVE-2022-23772CVE-2022-23773CVE-2022-23806
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| golang | affected | Amazon | golang | — |
ALAS-2023-1686: mysql57 (medium)
CVEs:CVE-2021-2180CVE-2023-21840CVE-2023-21963
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mysql57 | affected | Amazon | mysql57 | — |
ALAS-2023-1687: squid (medium)
CVEs:CVE-2021-28651CVE-2021-28652CVE-2021-31806CVE-2021-31807CVE-2021-31808CVE-2021-33620CVE-2022-41317
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| squid | affected | Amazon | squid | — |
ALAS-2023-1688: kernel (important)
CVEs:CVE-2021-20322CVE-2021-28711CVE-2021-28712CVE-2021-28713CVE-2021-28714CVE-2021-28715CVE-2021-3772CVE-2021-3923CVE-2021-4002CVE-2021-4155
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2023-1689: xorg-x11-server (important)
CVEs:CVE-2022-2320CVE-2022-4283CVE-2022-46340CVE-2022-46341CVE-2022-46342CVE-2022-46343CVE-2022-46344
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| xorg-x11-server | affected | Amazon | xorg-x11-server | — |
ALAS-2023-1690: ca-certificates (important)
CVEs:CVE-2022-23491
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| ca-certificates | affected | Amazon | ca-certificates | — |
ALAS-2023-1692: libconfuse (important)
CVEs:CVE-2022-40320
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libconfuse | affected | Amazon | libconfuse | — |
ALAS-2023-1693: libXpm (important)
CVEs:CVE-2022-44617CVE-2022-46285CVE-2022-4883
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libXpm | affected | Amazon | libXpm | — |
ALAS-2023-1694: clamav (critical)
CVEs:CVE-2023-20032CVE-2023-20052
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| clamav | affected | Amazon | clamav | — |
ALAS-2023-1684: apr-util (medium)
CVEs:CVE-2022-25147
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| apr-util | affected | Amazon | apr-util | — |
ALAS-2023-1683: openssl (important)
CVEs:CVE-2022-4304CVE-2023-0215CVE-2023-0286
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| openssl | affected | Amazon | openssl | — |
ALAS-2023-1676: protobuf (medium)
CVEs:CVE-2021-22570
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| protobuf | affected | Amazon | protobuf | — |
ALAS-2023-1677: squid (important)
CVEs:CVE-2021-46784CVE-2022-41318
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| squid | affected | Amazon | squid | — |
ALAS-2023-1678: java-1.8.0-openjdk (medium)
CVEs:CVE-2022-21619CVE-2022-21624CVE-2022-21626CVE-2022-21628
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| java-1.8.0-openjdk | affected | Amazon | java-1.8.0-openjdk | — |
ALAS-2023-1679: git (important)
CVEs:CVE-2022-23521CVE-2022-41903
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| git | affected | Amazon | git | — |
ALAS-2023-1680: krb5 (important)
CVEs:CVE-2022-42898
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| krb5 | affected | Amazon | krb5 | — |
ALAS-2023-1681: vim (medium)
CVEs:CVE-2022-4292CVE-2023-0049
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| vim | affected | Amazon | vim | — |
ALAS-2023-1682: sudo (important)
CVEs:CVE-2023-22809
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| sudo | affected | Amazon | sudo | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.