ALAS-2024-1949
ALAS · AL1Important2024-10-31
ALAS-2024-1949: httpd24 (important)
CVEs:CVE-2020-11984CVE-2020-11993CVE-2020-9490
Affected products
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| httpd24 | affected | Amazon | httpd24 | — |
Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity).
ALAS-2024-1949: httpd24 (important)
CVEs:CVE-2020-11984CVE-2020-11993CVE-2020-9490
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| httpd24 | affected | Amazon | httpd24 | — |
ALAS-2024-1950: microcode_ctl (important)
CVEs:CVE-2024-21820CVE-2024-23918CVE-2024-23984CVE-2024-24853CVE-2024-24968CVE-2024-24980
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| microcode_ctl | affected | Amazon | microcode_ctl | — |
ALAS-2024-1951: kernel (medium)
CVEs:CVE-2022-3566CVE-2022-3567
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
CVE-2024-10125 - missing JWT issuer and signer validation in aws-alb-identity-aspnetcore
CVEs:CVE-2024-10125
CVE-2024-8901 - missing JWT issuer and signer validation in aws-alb-route-directive-adapter-for-istio
CVEs:CVE-2024-8901
ALAS-2024-1947: kernel (important)
CVEs:CVE-2024-39494
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| kernel | affected | Amazon | kernel | — |
ALAS-2024-1948: amazon-ssm-agent (medium)
CVEs:CVE-2023-45288CVE-2024-24790
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| amazon-ssm-agent | affected | Amazon | amazon-ssm-agent | — |
Issue with NVIDIA Container Toolkit (CVE-2024-0132, CVE-2024-0133)
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.