🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2023-2094 Related CVEs: CVE-2023-31486 Upstream summary: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2023-2086 Related CVEs: CVE-2022-40150 CVE-2022-45685 CVE-2022-45693 CVE-2023-1436 CVE-2022-40149 Upstream summary: Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2023-2071 Related CVEs: CVE-2023-26253 CVE-2018-10911 Upstream summary: In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read. (CVE-2023-26253) Table of contents Symptom & Impact Environment & Reproduction Root […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2023-2068 Related CVEs: CVE-2022-39377 CVE-2023-33204 Upstream summary: sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2023-2080 Related CVEs: CVE-2019-17570 CVE-2016-5003 CVE-2016-5002 Upstream summary: An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2LIVEPATCH-2023-127 Related CVEs: CVE-2022-4379 CVE-2023-32233 CVE-2023-1077 CVE-2023-28466 CVE-2023-1078 CVE-2023-26545 Upstream summary: A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2LIVEPATCH-2023-126 Related CVEs: CVE-2022-4379 CVE-2023-32233 CVE-2023-28466 Upstream summary: A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2023-2044 Related CVEs: CVE-2021-40145 CVE-2016-5766 Upstream summary: ** DISPUTED ** gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2023-2041 Related CVEs: CVE-2022-47629 CVE-2022-3515 Upstream summary: Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. (CVE-2022-47629) Table of contents Symptom & Impact Environment […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2023-2034 Related CVEs: CVE-2023-31484 CVE-2018-18311 CVE-2025-40909 CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 Upstream summary: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration […]
Progressive Robot: Your Gateway to Comprehensive IT Solutions — Specializing in Web Development, Mobile App Development, and Expert IT Services.
© All Copyright by Progressiverobot.com
VAT Number ( 506152326 )
