🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-728 Related CVEs: CVE-2024-40897 Upstream summary: Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-739 Related CVEs: CVE-2023-29483 Upstream summary: eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-703 Related CVEs: CVE-2024-29040 CVE-2023-22745 Upstream summary: tpm2-tss: arbitrary quote data may go undetected by Fapi_VerifyQuote (CVE-2024-29040) Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-690 Related CVEs: CVE-2024-34062 Upstream summary: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. `–delim`, `–buf-size`, `–manpath`) are passed through python's […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-684 Related CVEs: CVE-2024-38517 Upstream summary: Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-693 Related CVEs: CVE-2024-29038 CVE-2024-29039 Upstream summary: tpm2-tools: arbitrary quote data may go undetected by tpm2_checkquote (CVE-2024-29038) tpm2-tools: pcr selection value is not compared with the attest (CVE-2024-29039) Table of […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-652 Related CVEs: CVE-2024-5742 Upstream summary: nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-657 Related CVEs: CVE-2024-38428 CVE-2021-31879 Upstream summary: url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-641 Related CVEs: CVE-2024-1013 Upstream summary: An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2023 📖 ~4 min read • Source: Amazon Linux advisory ALAS2023-2024-633 Related CVEs: CVE-2022-48682 Upstream summary: In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink. (CVE-2022-48682) Table of contents Symptom & Impact […]
Progressive Robot: Your Gateway to Comprehensive IT Solutions — Specializing in Web Development, Mobile App Development, and Expert IT Services.
© All Copyright by Progressiverobot.com
VAT Number ( 506152326 )
