[prev in list] [next in list] [prev in thread] [next in thread]
List: openembedded-core
Subject: [OE-core] OE-core CVE metrics for dunfell on Sun 31 Jul 2022 02:30:01 AM HST
From: "Steve Sakoman" <steve () sakoman ! com>
Date: 2022-07-31 12:33:27
Message-ID: 20220731123327.1D5829609AE () nuc ! router0800d9 ! com
[Download RAW message or body]
Branch: dunfell
New this week: 8 CVEs
CVE-2022-1920 (CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1920 * CVE-2022-1921 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1921 * CVE-2022-1922 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1922 * CVE-2022-1923 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1923 * CVE-2022-1924 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1924 * CVE-2022-1925 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1925 * CVE-2022-2122 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2122 * CVE-2022-2522 \
(CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2522 \
*
Removed this week: 6 CVEs
CVE-2019-12067 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067 * CVE-2020-18974 \
(CVSS3: 3.3 LOW): nasm:nasm-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18974 * CVE-2021-20255 \
(CVSS3: 5.5 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255 * CVE-2022-32206 \
(CVSS3: 6.5 MEDIUM): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32206 * CVE-2022-32207 \
(CVSS3: 9.8 CRITICAL): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32207 * CVE-2022-32208 \
(CVSS3: 5.9 MEDIUM): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32208 *
Full list: Found 91 unpatched CVEs
CVE-2020-13754 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13754 * CVE-2020-15469 \
(CVSS3: 2.3 LOW): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15469 * CVE-2020-15705 \
(CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-15859 \
(CVSS3: 3.3 LOW): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15859 * CVE-2020-17380 \
(CVSS3: 6.3 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17380 * CVE-2020-25742 \
(CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 * CVE-2020-25743 \
(CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 * CVE-2020-27661 \
(CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27661 * CVE-2020-27749 \
(CVSS3: 6.7 MEDIUM): grub:grub-efi:grub-efi-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27749 * CVE-2020-27821 \
(CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27821 * CVE-2020-29510 \
(CVSS3: 5.6 MEDIUM): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29510 * CVE-2020-29623 \
(CVSS3: 3.3 LOW): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 * CVE-2020-35503 \
(CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 * CVE-2020-35504 \
(CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35504 * CVE-2020-35505 \
(CVSS3: 4.4 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35505 * CVE-2020-35506 \
(CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 * CVE-2020-9948 \
(CVSS3: 8.8 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 * CVE-2020-9951 \
(CVSS3: 8.8 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 * CVE-2020-9952 \
(CVSS3: 7.1 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 * CVE-2021-1765 \
(CVSS3: 6.5 MEDIUM): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 * CVE-2021-1789 \
(CVSS3: 8.8 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 * CVE-2021-1799 \
(CVSS3: 6.5 MEDIUM): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 * CVE-2021-1801 \
(CVSS3: 6.5 MEDIUM): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 * CVE-2021-1870 \
(CVSS3: 9.8 CRITICAL): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 * CVE-2021-20225 \
(CVSS3: 6.7 MEDIUM): grub:grub-efi:grub-efi-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20225 * CVE-2021-20233 \
(CVSS3: 8.2 HIGH): grub:grub-efi:grub-efi-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20233 * CVE-2021-20295 \
(CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20295 * CVE-2021-27097 \
(CVSS3: 7.8 HIGH): u-boot \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 * CVE-2021-27138 \
(CVSS3: 7.8 HIGH): u-boot \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 * CVE-2021-27918 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27918 * CVE-2021-28544 \
(CVSS3: 4.3 MEDIUM): subversion \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28544 * CVE-2021-31879 \
(CVSS3: 6.1 MEDIUM): wget \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 * CVE-2021-33194 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33194 * CVE-2021-33195 \
(CVSS3: 7.3 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33195 * CVE-2021-33198 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33198 * CVE-2021-3409 \
(CVSS3: 5.7 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3409 * CVE-2021-3418 \
(CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 * CVE-2021-3445 \
(CVSS3: 7.5 HIGH): libdnf \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 * CVE-2021-3507 \
(CVSS3: 6.1 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3507 * CVE-2021-3611 \
(CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 * CVE-2021-36221 \
(CVSS3: 5.9 MEDIUM): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36221 * CVE-2021-3638 \
(CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3638 * CVE-2021-3713 \
(CVSS3: 7.4 HIGH): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3713 * CVE-2021-3748 \
(CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3748 * CVE-2021-3750 \
(CVSS3: 8.2 HIGH): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3750 * CVE-2021-39293 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-39293 * CVE-2021-3930 \
(CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3930 * CVE-2021-3947 \
(CVSS3: 5.5 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3947 * CVE-2021-41771 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41771 * CVE-2021-41772 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41772 * CVE-2021-4206 \
(CVSS3: 8.2 HIGH): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4206 * CVE-2021-4207 \
(CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4207 * CVE-2021-42762 \
(CVSS3: 5.3 MEDIUM): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 * CVE-2021-44716 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44716 * CVE-2021-45085 \
(CVSS3: 6.1 MEDIUM): epiphany \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 * CVE-2021-45086 \
(CVSS3: 6.1 MEDIUM): epiphany \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 * CVE-2021-45087 \
(CVSS3: 6.1 MEDIUM): epiphany \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 * CVE-2021-45088 \
(CVSS3: 6.1 MEDIUM): epiphany \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 * CVE-2021-45481 \
(CVSS3: 6.5 MEDIUM): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 * CVE-2021-45482 \
(CVSS3: 6.5 MEDIUM): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 * CVE-2021-45483 \
(CVSS3: 6.5 MEDIUM): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 * CVE-2021-45944 \
(CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45944 * CVE-2021-46822 \
(CVSS3: 5.5 MEDIUM): libjpeg-turbo:libjpeg-turbo-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46822 * CVE-2022-1050 \
(CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1050 * CVE-2022-1920 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1920 * CVE-2022-1921 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1921 * CVE-2022-1922 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1922 * CVE-2022-1923 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1923 * CVE-2022-1924 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1924 * CVE-2022-1925 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1925 * CVE-2022-2122 \
(CVSS3: 7.8 HIGH): gstreamer1.0 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2122 * CVE-2022-2288 \
(CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2288 \
* CVE-2022-2289 (CVSS3: 7.8 HIGH): vim \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2289 * CVE-2022-2304 \
(CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2304 \
* CVE-2022-2343 (CVSS3: 7.8 HIGH): vim \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2343 * CVE-2022-2344 \
(CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2344 \
* CVE-2022-2345 (CVSS3: 7.8 HIGH): vim \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2345 * CVE-2022-23773 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 * CVE-2022-24765 \
(CVSS3: 7.8 HIGH): git \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 * CVE-2022-24921 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24921 * CVE-2022-2522 \
(CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2522 \
* CVE-2022-26354 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26354 * CVE-2022-28327 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28327 * CVE-2022-29526 \
(CVSS3: 5.3 MEDIUM): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29526 * CVE-2022-29536 \
(CVSS3: 7.5 HIGH): epiphany \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29536 * CVE-2022-30293 \
(CVSS3: 7.5 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 * CVE-2022-30634 \
(CVSS3: 7.5 HIGH): go:go-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30634 * CVE-2022-30767 \
(CVSS3: 9.8 CRITICAL): u-boot \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30767 * CVE-2022-34835 \
(CVSS3: 9.8 CRITICAL): u-boot \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34835 * CVE-2022-34903 \
(CVSS3: 6.5 MEDIUM): gnupg:gnupg-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34903 * CVE-2022-35414 \
(CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35414 *
\nFor further information see: \
https://autobuilder.yocto.io/pub/non-release/patchmetrics/
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#168686): https://lists.openembedded.org/g/openembedded-core/message/168686
Mute This Topic: https://lists.openembedded.org/mt/92725971/4454766
Group Owner: openembedded-core+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [openembedded-core@marc.info]
-=-=-=-=-=-=-=-=-=-=-=-
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic