CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition.

Compare

Choose a tag to compare

**Amazon SSM Agent - Release 3.1.1208.0 - 2022-04-04**

![@mmcgovs](https://avatars.githubusercontent.com/u/95885330?s=40&v=4) mmcgovs released this

· 7 commits to mainline since this release

3.1.1208.0

`b3a8f2b`

Compare

Choose a tag to compare

*   Updated ec2detector module to use Get-CmiInstance instead of wmic.exe
*   Fixed file creation mode of ssm-agent-users sudoer file

**Assets**2

*   Source code (zip)
*   Source code (tar.gz)

Headline

CVE-2022-29527: Release Amazon SSM Agent - Release 3.1.1208.0 - 2022-04-04 · aws/amazon-ssm-agent

CVE: Latest News