vulnerability
Amazon Linux AMI 2: CVE-2021-32840: Security patch for mono (ALASMONO-2023-001)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jan 26, 2022 | Sep 28, 2023 | Sep 28, 2023 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jan 26, 2022
Added
Sep 28, 2023
Modified
Sep 28, 2023
Description
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version 1.3.3.
Solution(s)
amazon-linux-ami-2-upgrade-ibm-data-db2amazon-linux-ami-2-upgrade-mono-completeamazon-linux-ami-2-upgrade-mono-coreamazon-linux-ami-2-upgrade-mono-dataamazon-linux-ami-2-upgrade-mono-data-oracleamazon-linux-ami-2-upgrade-mono-data-sqliteamazon-linux-ami-2-upgrade-mono-debuginfoamazon-linux-ami-2-upgrade-mono-develamazon-linux-ami-2-upgrade-mono-extrasamazon-linux-ami-2-upgrade-mono-locale-extrasamazon-linux-ami-2-upgrade-mono-mvcamazon-linux-ami-2-upgrade-mono-mvc-develamazon-linux-ami-2-upgrade-mono-reactiveamazon-linux-ami-2-upgrade-mono-reactive-develamazon-linux-ami-2-upgrade-mono-reactive-winformsamazon-linux-ami-2-upgrade-mono-wcfamazon-linux-ami-2-upgrade-mono-webamazon-linux-ami-2-upgrade-mono-web-develamazon-linux-ami-2-upgrade-mono-winformsamazon-linux-ami-2-upgrade-mono-winfxamazon-linux-ami-2-upgrade-monodocamazon-linux-ami-2-upgrade-monodoc-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.