ALAS-2023-1744
ALAS · AL1Medium2023-05-16
ALAS-2023-1744: kernel (medium)
CVEs:CVE-2023-2513CVE-2023-31436
Affected products
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 1 is already weaponised in the wild — see the Exploited section.
ALAS-2023-1744: kernel (medium)
CVEs:CVE-2023-2513CVE-2023-31436
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2023-1745: ImageMagick (medium)
CVEs:CVE-2023-1289
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| ImageMagick | affected | Amazon | ImageMagick | — |
ALAS-2023-1746: tigervnc (important)
CVEs:CVE-2023-0494
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| tigervnc | affected | Amazon | tigervnc | — |
ALAS-2023-1747: samba (important)
CVEs:CVE-2022-38023
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| samba | affected | Amazon | samba | — |
ALAS-2023-1748: libwebp (medium)
CVEs:CVE-2018-25013
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libwebp | affected | Amazon | libwebp | — |
ALAS-2023-1749: glib2 (important)
CVEs:CVE-2018-16429
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| glib2 | affected | Amazon | glib2 | — |
Reported GuardDuty Finding Issue
ALAS-2023-1734: ghostscript (important)
CVEs:CVE-2023-28879
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| ghostscript | affected | Amazon | ghostscript | — |
ALAS-2023-1735: kernel (important)
CVEs:CVE-2023-1838CVE-2023-2124CVE-2023-23454CVE-2023-33203
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2023-1736: nss (important)
CVEs:CVE-2023-0767
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| nss | affected | Amazon | nss | — |
ALAS-2023-1737: nasm (important)
CVEs:CVE-2022-44370
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| nasm | affected | Amazon | nasm | — |
ALAS-2023-1738: tomcat7 (important)
CVEs:CVE-2017-12616CVE-2022-4132CVE-2023-24998
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| tomcat7 | affected | Amazon | tomcat7 | — |
ALAS-2023-1739: privoxy (important)
CVEs:CVE-2021-20275CVE-2021-44540CVE-2021-44542
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| privoxy | affected | Amazon | privoxy | — |
ALAS-2023-1740: libwebp (medium)
CVEs:CVE-2020-36330CVE-2020-36331
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libwebp | affected | Amazon | libwebp | — |
ALAS-2023-1741: openldap (important)
CVEs:CVE-2019-13565CVE-2020-36221CVE-2020-36222CVE-2020-36223CVE-2020-36224CVE-2020-36225CVE-2020-36226CVE-2020-36227CVE-2020-36228CVE-2020-36229CVE-2020-36230CVE-2021-27212
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| openldap | affected | Amazon | openldap | — |
ALAS-2023-1742: glib2 (important)
CVEs:CVE-2018-16428CVE-2018-16429CVE-2019-13012CVE-2021-28153CVE-2021-3800CVE-2023-24593CVE-2023-25180
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| glib2 | affected | Amazon | glib2 | — |
ALAS-2023-1743: libxml2 (medium)
CVEs:CVE-2017-16931CVE-2020-24977CVE-2021-3516CVE-2021-3517CVE-2021-3518CVE-2021-3537CVE-2021-3541CVE-2022-23308CVE-2022-29824CVE-2022-40303CVE-2022-40304CVE-2023-28484CVE-2023-29469
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libxml2 | affected | Amazon | libxml2 | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.