Amazon Firecracker
By the Year
In 2024 there have been 0 vulnerabilities in Amazon Firecracker . Firecracker did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 7.50 |
| 2019 | 1 | 9.80 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Firecracker vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Amazon Firecracker Security Vulnerabilities
In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer
CVE-2020-27174
7.5 - High
- October 16, 2020
In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input. This can result in a memory leak on the microVM emulation thread, possibly occupying more memory than intended on the host.
Buffer Overflow
Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0
CVE-2019-18960
9.8 - Critical
- December 11, 2019
Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes.
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Amazon Firecracker or by Amazon? Click the Watch button to subscribe.
