'[OE-core] OE-core CVE metrics for langdale on Sun 30 Apr 2023 04:00:01 AM HST'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openembedded-core
Subject:    [OE-core] OE-core CVE metrics for langdale on Sun 30 Apr 2023 04:00:01 AM HST
From:       "Steve Sakoman" <steve () sakoman ! com>
Date:       2023-04-30 14:04:13
Message-ID: 20230430140413.B88A496061C () nuc ! router0800d9 ! com
[Download RAW message or body]

Branch: langdale

New this week: 5 CVEs
CVE-2022-3964 (CVSS3: 8.1 HIGH): ffmpeg \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3964 * CVE-2022-3965 \
(CVSS3: 8.1 HIGH): ffmpeg \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3965 * CVE-2023-2004 \
(CVSS3: 7.5 HIGH): freetype:freetype-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2004 * CVE-2023-27043 \
(CVSS3: 5.3 MEDIUM): python3:python3-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-29491 \
(CVSS3: 7.8 HIGH): ncurses:ncurses-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29491 *

Removed this week: 2 CVEs
CVE-2023-1393 (CVSS3: 7.8 HIGH): xserver-xorg \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1393 * CVE-2023-24626 \
(CVSS3: 6.5 MEDIUM): screen \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24626 *

Full list:  Found 45 unpatched CVEs
CVE-2020-10735 (CVSS3: 7.5 HIGH): python3:python3-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10735 * CVE-2022-3219 \
(CVSS3: 5.5 MEDIUM): gnupg:gnupg-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3219 * CVE-2022-3515 \
(CVSS3: 9.8 CRITICAL): gnupg:gnupg-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3515 * CVE-2022-37454 \
(CVSS3: 9.8 CRITICAL): python3:python3-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37454 * CVE-2022-3872 \
(CVSS3: 8.6 HIGH): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3872 * CVE-2022-3964 \
(CVSS3: 8.1 HIGH): ffmpeg \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3964 * CVE-2022-3965 \
(CVSS3: 8.1 HIGH): ffmpeg \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3965 * CVE-2022-42919 \
(CVSS3: 7.8 HIGH): python3:python3-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42919 * CVE-2022-44370 \
(CVSS3: 7.8 HIGH): nasm:nasm-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-44370 * CVE-2022-44617 \
(CVSS3: 7.5 HIGH): libxpm \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-44617 * CVE-2022-45061 \
(CVSS3: 7.5 HIGH): python3:python3-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-45061 * CVE-2022-46285 \
(CVSS3: 7.5 HIGH): libxpm \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46285 * CVE-2022-4645 \
(CVSS3: 5.5 MEDIUM): tiff \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4645 * CVE-2022-46908 \
(CVSS3: 7.3 HIGH): sqlite3:sqlite3-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46908 * CVE-2022-4743 \
(CVSS3: 7.5 HIGH): libsdl2:libsdl2-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4743 * CVE-2022-4883 \
(CVSS3: 8.8 HIGH): libxpm \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4883 * CVE-2023-0664 \
(CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-0664 * CVE-2023-1544 \
(CVSS3: 6.3 MEDIUM): qemu:qemu-native:qemu-system-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1544 * CVE-2023-1579 \
(CVSS3: 7.8 HIGH): binutils:binutils-cross-testsuite:binutils-cross-x86_64 \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1579 * CVE-2023-1916 \
(CVSS3: 6.1 MEDIUM): tiff \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1916 * CVE-2023-2004 \
(CVSS3: 7.5 HIGH): freetype:freetype-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2004 * CVE-2023-23914 \
(CVSS3: 9.1 CRITICAL): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23914 * CVE-2023-23915 \
(CVSS3: 6.5 MEDIUM): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23915 * CVE-2023-23916 \
(CVSS3: 6.5 MEDIUM): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-23916 * CVE-2023-24329 \
(CVSS3: 7.5 HIGH): python3:python3-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24329 * CVE-2023-24534 \
(CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24534 \
* CVE-2023-24536 (CVSS3: 7.5 HIGH): go \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24536 * CVE-2023-24537 \
(CVSS3: 7.5 HIGH): go https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24537 \
* CVE-2023-24538 (CVSS3: 9.8 CRITICAL): go \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-24538 * CVE-2023-25358 \
(CVSS3: 8.8 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25358 * CVE-2023-25360 \
(CVSS3: 8.8 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25360 * CVE-2023-25361 \
(CVSS3: 8.8 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25361 * CVE-2023-25362 \
(CVSS3: 8.8 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25362 * CVE-2023-25363 \
(CVSS3: 8.8 HIGH): webkitgtk \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-25363 * CVE-2023-27043 \
(CVSS3: 5.3 MEDIUM): python3:python3-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27043 * CVE-2023-27533 \
(CVSS3: 8.8 HIGH): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27533 * CVE-2023-27534 \
(CVSS3: 8.8 HIGH): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27534 * CVE-2023-27535 \
(CVSS3: 7.5 HIGH): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27535 * CVE-2023-27536 \
(CVSS3: 9.8 CRITICAL): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27536 * CVE-2023-27538 \
(CVSS3: 5.5 MEDIUM): curl:curl-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27538 * CVE-2023-28488 \
(CVSS3: 6.5 MEDIUM): connman \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28488 * CVE-2023-28531 \
(CVSS3: 9.8 CRITICAL): openssh \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28531 * CVE-2023-28879 \
(CVSS3: 9.8 CRITICAL): ghostscript:ghostscript-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-28879 * CVE-2023-29491 \
(CVSS3: 7.8 HIGH): ncurses:ncurses-native \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29491 * CVE-2023-30630 \
(CVSS3: 7.8 HIGH): dmidecode \
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30630 *

For further information see: \
https://autobuilder.yocto.io/pub/non-release/patchmetrics/



-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#180571): https://lists.openembedded.org/g/openembedded-core/message/180571
Mute This Topic: https://lists.openembedded.org/mt/98594329/4454766
Group Owner: openembedded-core+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [openembedded-core@marc.info]
-=-=-=-=-=-=-=-=-=-=-=-



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic