ALAS-2023-1776
ALAS · AL1Important2023-06-29
ALAS-2023-1776: kernel (important)
CVEs:CVE-2023-1206
Affected products
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 2 are already weaponised in the wild — see the Exploited section.
ALAS-2023-1776: kernel (important)
CVEs:CVE-2023-1206
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2023-1770: c-ares (important)
CVEs:CVE-2023-32067
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| c-ares | affected | Amazon | c-ares | — |
ALAS-2023-1771: perl-HTTP-Tiny (important)
CVEs:CVE-2023-31486
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| perl-HTTP-Tiny | affected | Amazon | perl-HTTP-Tiny | — |
ALAS-2023-1772: mod24_security (medium)
CVEs:CVE-2022-48279
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mod24_security | affected | Amazon | mod24_security | — |
ALAS-2023-1773: kernel (important)
CVEs:CVE-2022-2586CVE-2022-34918CVE-2023-2269CVE-2023-28466CVE-2023-3111CVE-2023-34256CVE-2024-0775
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2023-1774: squid (important)
CVEs:CVE-2019-12526
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| squid | affected | Amazon | squid | — |
ALAS-2023-1775: glib2 (medium)
CVEs:CVE-2015-5073CVE-2015-8390CVE-2015-8394
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| glib2 | affected | Amazon | glib2 | — |
AWS CDK EKS overly permissive trust policies
CVEs:CVE-2023-35165
AWS CDK EKS overly permissive trust policies
CVEs:GHSA-rx28-r23p-2qc3
Issue with AWS Directory Service EnableRoleAccess
ALAS-2023-1768: mysql57 (important)
CVEs:CVE-2023-21912CVE-2023-21980CVE-2023-22007
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mysql57 | affected | Amazon | mysql57 | — |
ALAS-2023-1769: glib2 (medium)
CVEs:CVE-2015-8386
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| glib2 | affected | Amazon | glib2 | — |
ALAS-2023-1758: dnsmasq (medium)
CVEs:CVE-2023-28450
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| dnsmasq | affected | Amazon | dnsmasq | — |
ALAS-2023-1759: postgresql92 (important)
CVEs:CVE-2023-2454
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| postgresql92 | affected | Amazon | postgresql92 | — |
ALAS-2023-1760: golang (important)
CVEs:CVE-2023-24539CVE-2023-24540CVE-2023-29400
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| golang | affected | Amazon | golang | — |
ALAS-2023-1761: vim (important)
CVEs:CVE-2023-2426CVE-2023-2609CVE-2023-2610
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| vim | affected | Amazon | vim | — |
ALAS-2023-1762: openssl (medium)
CVEs:CVE-2023-0464CVE-2023-0465CVE-2023-0466CVE-2023-2650
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| openssl | affected | Amazon | openssl | — |
ALAS-2023-1763: mod_security (medium)
CVEs:CVE-2022-48279
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mod_security | affected | Amazon | mod_security | — |
ALAS-2023-1764: freetype (medium)
CVEs:CVE-2022-27406
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| freetype | affected | Amazon | freetype | — |
ALAS-2023-1765: mod24_auth_mellon (medium)
CVEs:CVE-2021-3639
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| mod24_auth_mellon | affected | Amazon | mod24_auth_mellon | — |
ALAS-2023-1766: squid (important)
CVEs:CVE-2016-10003CVE-2020-8517
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| squid | affected | Amazon | squid | — |
ALAS-2023-1767: pcre (medium)
CVEs:CVE-2015-5073CVE-2015-8390CVE-2015-8394
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| pcre | affected | Amazon | pcre | — |
ALAS-2023-1750: kernel (important)
CVEs:CVE-2023-32233
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2023-1751: perl (important)
CVEs:CVE-2023-31484
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| perl | affected | Amazon | perl | — |
ALAS-2023-1752: libksba (important)
CVEs:CVE-2022-47629
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libksba | affected | Amazon | libksba | — |
ALAS-2023-1753: exim (medium)
CVEs:CVE-2022-37451
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| exim | affected | Amazon | exim | — |
ALAS-2023-1754: squid (important)
CVEs:CVE-2020-14058
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| squid | affected | Amazon | squid | — |
ALAS-2023-1755: tar (medium)
CVEs:CVE-2019-9923
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| tar | affected | Amazon | tar | — |
ALAS-2023-1756: libssh2 (medium)
CVEs:CVE-2019-3859CVE-2019-3860
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| libssh2 | affected | Amazon | libssh2 | — |
ALAS-2023-1757: squid (important)
CVEs:CVE-2019-12523CVE-2019-18676
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| squid | affected | Amazon | squid | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.