Vigiles User Guide
Apart from this demo, you can view our full Vigiles User Guide to learn more about Vigiles features and how to use them.
Apart from this demo, you can view our full Vigiles User Guide to learn more about Vigiles features and how to use them.
Yocto Manifest
Description:
Demo
Image: core-image-sato
Machine: qemux86
Distro: warrior (2.7.1)
Manifest Uploaded: 03/18/20 05:41 PM UTC
Scan Performed: 03/18/20 07:36 PM UTC
BSP Lifecycle Maintenance
Kernel patches are included in our BSP Lifecycle Maintenance service.
The Timesys BSP Lifecycle Maintenance and Timesys TRST teams have the expertise to maintain the security of your BSP, on your custom hardware, allowing your team to focus on improving products to expand your customer base.
Learn More
NOTE: The owner of this report has applied filters.
- Kernel config based filtering: on
Summary
-
131Unfixed79User space52Kernel
-
73Fixed73User space0Kernel
-
76High/Critical CVSS (Unfixed)47User space29Kernel
Unfixed CVE Count by Severity
Packages with Known CVEs
Show Unfixed Only
Package | Version | License | Unfixed | Fixed | Whitelisted |
---|---|---|---|---|---|
avahi | 0.7 | GPLv2+ & LGPLv2.1+ |
|
1 | 0 |
bash | 4.4.18 | GPLv3+ |
|
0 | 0 |
binutils | 2.32 | GPLv3 |
|
9 | 0 |
bluez5 | 5.50 | GPLv2+ & LGPLv2.1+ |
|
1 | 0 |
busybox | 1.30.1 | GPLv2 & bzip2 |
|
0 | 0 |
bzip2 | 1.0.6 | bzip2 |
|
2 | 0 |
cairo | 1.16.0 | MPL-1 & LGPLv2.1 & GPLv3+ |
|
4 | 0 |
curl | 7.64.1 | MIT |
|
3 | 0 |
db | 11.2.5.3.28 | Sleepycat |
|
0 | 0 |
dbus | 1.12.12 | AFL-2 | GPLv2+ |
|
0 | 0 |
expat | 2.2.6 | MIT |
|
1 | 0 |
file | 5.36 | BSD |
|
0 | 0 |
flac | 1.3.2 | GFDL-1.2 & GPLv2+ & LGPLv2.1+ & BSD |
|
1 | 0 |
gcc-runtime | 8.3.0 | GPL-3.0-with-GCC-exception |
|
0 | 0 |
glib-2.0 | 2.58.3 | LGPLv2.1+ & BSD & PD |
|
1 | 1 |
glibc | 2.29 | GPLv2 & LGPLv2.1 |
|
3 | 0 |
gnupg | 2.2.13 | GPLv3 & LGPLv3 |
|
0 | 0 |
gstreamer1.0 | 1.14.4 | LGPLv2+ |
|
0 | 0 |
libarchive | 3.3.3 | BSD |
|
6 | 0 |
libcroco | 0.6.12 | LGPLv2 & LGPLv2.1 |
|
2 | 0 |
libexif | 0.6.21 | LGPLv2.1 |
|
2 | 0 |
libgcrypt | 1.8.4 | GPLv2+ & LGPLv2.1+ & GPLv3+ |
|
0 | 0 |
libice | 1.0.9 | MIT-style |
|
1 | 0 |
libidn2 | 2.0.5 | (GPLv2+ | LGPLv3) & GPLv3+ |
|
0 | 0 |
libjpeg-turbo | 2.0.2 | BSD-3-Clause |
|
0 | 0 |
libpcre | 8.43 | BSD |
|
0 | 0 |
libpcre2 | 10.32 | BSD |
|
0 | 0 |
libpng | 1.6.36 | Libpng |
|
1 | 0 |
librsvg | 2.40.20 | LGPLv2+ |
|
0 | 0 |
libsndfile1 | 1.0.28 | LGPLv2.1 |
|
15 | 0 |
libsolv | 0.7.3 | BSD-3-Clause |
|
0 | 0 |
libvorbis | 1.3.6 | BSD |
|
3 | 0 |
libxml2 | 2.9.8 | MIT |
|
4 | 0 |
linux-yocto | 5.0.19 | GPLv2 |
|
0 | 0 |
ncurses | 6.1.20181013 | MIT |
|
0 | 0 |
nss | 3.42.1 | MPL-2.0 | (MPL-2.0 & GPL-2.0+) | (MPL-2.0 & LGPL-2.1+) |
|
0 | 0 |
openssl | 1.1.1b | openssl |
|
1 | 0 |
pango | 1.42.4 | LGPLv2.0+ |
|
1 | 0 |
python3 | 3.7.4 | PSFv2 |
|
0 | 0 |
shadow | 4.6 | BSD | Artistic-1.0 |
|
0 | 0 |
sqlite3 | 3.27.2 | PD |
|
2 | 0 |
sudo | 1.8.27 | ISC & BSD & Zlib |
|
0 | 0 |
taglib | 1.11.1 | LGPLv2.1 | MPL-1 |
|
2 | 0 |
wpa-supplicant | 2.7 | BSD |
|
7 | 0 |
acl | 2.2.52 | LGPLv2.1+ & GPLv2+ |
|
0 | 0 |
adwaita-icon-theme | 3.30.1 | LGPL-3.0 | CC-BY-SA-3.0 |
|
0 | 0 |
alsa-lib | 1.1.8 | LGPLv2.1 & GPLv2+ |
|
0 | 0 |
alsa-plugins | 1.1.8 | LGPLv2.1 & GPLv2+ |
|
0 | 0 |
alsa-state | 0.2.0 | MIT |
|
0 | 0 |
alsa-utils | 1.1.8 | GPLv2+ |
|
0 | 0 |
at-spi2-atk | 2.30.0 | LGPLv2 |
|
0 | 0 |
at-spi2-core | 2.30.0 | LGPLv2 |
|
0 | 0 |
atk | 2.30.0 | GPLv2+ & LGPLv2+ |
|
0 | 0 |
attr | 2.4.47 | LGPLv2.1+ & GPLv2+ |
|
0 | 0 |
base-files | 3.0.14 | GPLv2 |
|
0 | 0 |
base-passwd | 3.5.29 | GPLv2+ |
|
0 | 0 |
ca-certificates | 20190110 | GPL-2.0+ & MPL-2.0 |
|
0 | 0 |
connman | 1.36 | GPLv2 |
|
0 | 0 |
connman-conf | 1.0 | GPLv2 |
|
0 | 0 |
connman-gnome | 0.7 | GPLv2 & LGPLv2.1 |
|
0 | 0 |
consolekit | 0.4.6 | GPLv2+ |
|
0 | 0 |
dbus-glib | 0.110 | AFL-2 | GPLv2+ |
|
0 | 0 |
dbus-wait | 0.1 | GPLv2 |
|
0 | 0 |
distcc | 3.3.2 | GPLv2 |
|
0 | 0 |
distcc-config | 1.0 | MIT |
|
0 | 0 |
dnf | 4.1.0 | GPLv2 |
|
0 | 0 |
dropbear_ssh | 2019.78 | MIT & BSD-3-Clause & BSD-2-Clause & PD |
|
0 | 0 |
elfutils | 0.176 | GPLv2 & LGPLv3+ & GPLv3+ |
|
0 | 0 |
eudev | 3.2.7 | GPLv2.0+ & LGPL-2.1+ |
|
0 | 0 |
fontconfig | 2.12.6 | MIT-style & MIT & PD |
|
0 | 0 |
formfactor | 0.0 | MIT |
|
0 | 0 |
freetype | 2.9.1 | FreeType | GPLv2+ |
|
0 | 0 |
gconf | 3.2.6 | LGPLv2+ |
|
0 | 0 |
gdk-pixbuf | 2.38.0 | LGPLv2.1 |
|
0 | 0 |
glib-networking | 2.60.1 | LGPLv2.1 |
|
0 | 0 |
gmp | 6.1.2 | GPLv2+ | LGPLv3+ |
|
0 | 0 |
gnu_fribidi | 1.0.5 | LGPLv2.1+ |
|
0 | 0 |
gnutls | 3.6.7 | GPLv3+ & LGPLv2.1+ |
|
0 | 0 |
gpgme | 1.12.0 | GPLv2+ & LGPLv2.1+ |
|
0 | 0 |
gst-examples | 0.0.1 | LGPL-2.0+ |
|
0 | 0 |
gstreamer1.0-plugins-bad | 1.14.4 | GPLv2+ & LGPLv2+ & LGPLv2.1+ |
|
0 | 0 |
gstreamer1.0-plugins-base | 1.14.4 | GPLv2+ & LGPLv2+ |
|
0 | 0 |
gstreamer1.0-plugins-good | 1.14.4 | GPLv2+ & LGPLv2.1+ |
|
0 | 0 |
gtk+3 | 3.24.5 | LGPLv2 & LGPLv2+ & LGPLv2.1+ |
|
0 | 0 |
harfbuzz | 2.3.1 | MIT |
|
0 | 0 |
hicolor-icon-theme | 0.17 | GPLv2 |
|
0 | 0 |
init-ifupdown | 1.0 | GPLv2 |
|
0 | 0 |
initscripts | 1.0 | GPLv2 |
|
0 | 0 |
iptables | 1.6.2 | GPLv2+ |
|
0 | 0 |
iw | 4.14 | BSD |
|
0 | 0 |
json-c | 0.13.1 | MIT |
|
0 | 0 |
kmod | 26 | GPL-2.0+ & LGPL-2.1+ |
|
0 | 0 |
l3afpad | 0.8.18.1.11 | GPLv2+ |
|
0 | 0 |
lame | 3.100 | LGPLv2+ |
|
0 | 0 |
libassuan | 2.5.3 | GPLv3+ & LGPLv2.1+ |
|
0 | 0 |
libcap | 2.26 | BSD | GPLv2 |
|
0 | 0 |
libcomps | 0.1.10 | GPLv2 |
|
0 | 0 |
libdaemon | 0.14 | LGPLv2.1+ |
|
0 | 0 |
libdmx | 1.1.4 | MIT |
|
0 | 0 |
libdnf | 0.26.0 | LGPLv2.1 |
|
0 | 0 |
libdrm | 2.4.97 | MIT |
|
0 | 0 |
libepoxy | 1.5.3 | MIT |
|
0 | 0 |
liberation-fonts | 2.00.1 | OFL-1.1 |
|
0 | 0 |
libevdev | 1.6.0 | MIT-X |
|
0 | 0 |
libfakekey | 0.3 | LGPLv2+ |
|
0 | 0 |
libffi | 3.2.1 | MIT |
|
0 | 0 |
libfm | 1.3.1 | GPLv2+ & LGPLv2+ |
|
0 | 0 |
libfm-extra | 1.3.1 | LGPLv2+ |
|
0 | 0 |
libfontenc | 1.1.4 | MIT |
|
0 | 0 |
libgpg-error | 1.35 | GPLv2+ & LGPLv2.1+ |
|
0 | 0 |
libgudev | 232 | LGPLv2.1 |
|
0 | 0 |
libinput | 1.12.6 | MIT |
|
0 | 0 |
libksba | 1.3.5 | GPLv2+ | LGPLv3+ | GPLv3+ |
|
0 | 0 |
libmatchbox | 1.12 | LGPLv2+ & MIT |
|
0 | 0 |
libmodulemd | 2.1.0 | MIT |
|
0 | 0 |
libnl | 3.4.0 | LGPLv2.1 |
|
0 | 0 |
libnsl2 | 1.2.0 | LGPL-2.1 |
|
0 | 0 |
libnss-mdns | 0.10 | LGPLv2.1+ |
|
0 | 0 |
libogg | 1.3.3 | BSD |
|
0 | 0 |
libpciaccess | 0.14 | MIT & MIT-style |
|
0 | 0 |
libpsl | 0.20.2 | MIT |
|
0 | 0 |
librepo | 1.9.4 | LGPLv2.1 |
|
0 | 0 |
libsm | 1.2.3 | MIT-style |
|
0 | 0 |
libsoup-2.4 | 2.64.2 | LGPLv2 |
|
0 | 0 |
libtheora | 1.1.1 | BSD |
|
0 | 0 |
libtirpc | 1.0.3 | BSD |
|
0 | 0 |
libtool | 2.4.6 | GPLv2 & LGPLv2.1 |
|
0 | 0 |
libunistring | 0.9.10 | LGPLv3+ | GPLv2 |
|
0 | 0 |
libusb1 | 1.0.22 | LGPLv2.1+ |
|
0 | 0 |
libwebp | 1.0.2 | BSD |
|
0 | 0 |
libx11 | 1.6.7 | MIT & MIT-style & BSD |
|
0 | 0 |
libxau | 1.0.9 | MIT-style |
|
0 | 0 |
libxcb | 1.13.1 | MIT |
|
0 | 0 |
libxcomposite | 0.4.5 | MIT-style |
|
0 | 0 |
libxcrypt | 4.4.2 | LGPLv2.1 |
|
0 | 0 |
libxcursor | 1.2.0 | MIT-style |
|
0 | 0 |
libxdamage | 1.1.5 | MIT |
|
0 | 0 |
libxdmcp | 1.1.2 | MIT-style |
|
0 | 0 |
libxext | 1.3.3 | MIT-style |
|
0 | 0 |
libxfixes | 5.0.3 | MIT-style |
|
0 | 0 |
libxfont2 | 2.0.3 | MIT & MIT-style & BSD |
|
0 | 0 |
libxft | 2.3.2 | MIT |
|
0 | 0 |
libxi | 1.7.9 | MIT & MIT-style |
|
0 | 0 |
libxinerama | 1.1.4 | MIT |
|
0 | 0 |
libxkbcommon | 0.8.4 | MIT & MIT-style |
|
0 | 0 |
libxkbfile | 1.0.9 | MIT-style |
|
0 | 0 |
libxmu | 1.1.2 | MIT & MIT-style |
|
0 | 0 |
libxrandr | 1.5.1 | MIT-style |
|
0 | 0 |
libxrender | 0.9.10 | MIT-style |
|
0 | 0 |
libxshmfence | 1.3 | MIT-style |
|
0 | 0 |
libxtst | 1.2.3 | MIT-style |
|
0 | 0 |
libxv | 1.0.11 | MIT-style |
|
0 | 0 |
libxxf86dga | 1.1.4 | MIT-X |
|
0 | 0 |
libxxf86misc | 1.0.4 | MIT |
|
0 | 0 |
libxxf86vm | 1.1.4 | MIT |
|
0 | 0 |
libyaml | 0.2.1 | MIT |
|
0 | 0 |
lzo | 2.10 | GPLv2+ |
|
0 | 0 |
matchbox-config-gtk | 0.2 | GPLv2+ |
|
0 | 0 |
matchbox-desktop | 2.2 | GPLv2+ & LGPLv2+ |
|
0 | 0 |
matchbox-keyboard | 0.1.1 | LGPLv2.1 |
|
0 | 0 |
matchbox-panel-2 | 2.11 | GPLv2+ |
|
0 | 0 |
matchbox-session | 0.1 | GPLv2 |
|
0 | 0 |
matchbox-session-sato | 0.1 | GPLv2.0+ |
|
0 | 0 |
matchbox-terminal | 0.2 | GPLv2+ |
|
0 | 0 |
matchbox-theme-sato | 0.2 | CC-BY-SA-3.0 |
|
0 | 0 |
matchbox-wm | 1.2.2 | GPLv2+ |
|
0 | 0 |
menu-cache | 1.1.0 | LGPLv2.1+ |
|
0 | 0 |
mesa | 19.0.8 | MIT |
|
0 | 0 |
mini-x-session | 0.1 | GPLv2 |
|
0 | 0 |
mobile-broadband-provider-info | 20190116 | PD |
|
0 | 0 |
modutils-initscripts | 1.0 | PD |
|
0 | 0 |
mpg123 | 1.25.10 | LGPLv2.1 |
|
0 | 0 |
mtdev | 1.1.5 | MIT |
|
0 | 0 |
netbase | 5.6 | GPLv2 |
|
0 | 0 |
netscape_portable_runtime | 4.21 | GPL-2.0 | MPL-2.0 | LGPL-2.1 |
|
0 | 0 |
nettle | 3.4.1 | LGPLv3+ | GPLv2+ |
|
0 | 0 |
nfs-export-root | 1.0 | MIT |
|
0 | 0 |
nfs-utils | 2.3.3 | MIT & GPLv2+ & BSD |
|
0 | 0 |
npth | 1.6 | LGPLv2+ |
|
0 | 0 |
ofono | 1.25 | GPLv2 |
|
0 | 0 |
opkg-utils | 0.4.0 | GPLv2+ |
|
0 | 0 |
orc | 0.4.28 | BSD-2-Clause & BSD-3-Clause |
|
0 | 0 |
packagegroup-base | 1.0 | MIT |
|
0 | 0 |
packagegroup-core-boot | 1.0 | MIT |
|
0 | 0 |
packagegroup-core-device-devel | 1.0 | MIT |
|
0 | 0 |
packagegroup-core-nfs | 1.0 | MIT |
|
0 | 0 |
packagegroup-core-ssh-dropbear | 1.0 | MIT |
|
0 | 0 |
packagegroup-core-x11 | 1.0 | MIT |
|
0 | 0 |
packagegroup-core-x11-base | 1.0 | MIT |
|
0 | 0 |
packagegroup-core-x11-sato | 1.0 | MIT |
|
0 | 0 |
packagegroup-core-x11-xserver | 1.0 | MIT |
|
0 | 0 |
pciutils | 3.6.2 | GPLv2+ |
|
0 | 0 |
pcmanfm | 1.3.1 | GPLv2 & GPLv2+ & LGPLv2.1+ |
|
0 | 0 |
perl | 5.28.1 | Artistic-1.0 | GPL-1.0+ |
|
0 | 0 |
pinentry | 1.1.0 | GPLv2 |
|
0 | 0 |
pixman | 0.38.0 | MIT & MIT-style & PD |
|
0 | 0 |
pointercal-xinput | 0.0 | MIT |
|
0 | 0 |
popt | 1.16 | MIT |
|
0 | 0 |
psplash | 0.1 | GPLv2+ |
|
0 | 0 |
pulseaudio | 12.2 | LGPLv2.1+ & MIT & BSD-3-Clause |
|
0 | 0 |
pulseaudio-client-conf-sato | 1 | MIT |
|
0 | 0 |
puzzles | 0.0 | MIT |
|
0 | 0 |
python3-iniparse | 0.4 | MIT & PSF |
|
0 | 0 |
python3-six | 1.12.0 | MIT |
|
0 | 0 |
readline | 8.0 | GPLv3+ |
|
0 | 0 |
rgb | 1.0.6 | MIT-X |
|
0 | 0 |
rpcbind | 1.2.5 | BSD |
|
0 | 0 |
rpm | 4.14.2.1 | GPL-2.0 |
|
0 | 0 |
run-postinsts | 1.0 | MIT |
|
0 | 0 |
sato-screenshot | 0.3 | GPLv2 & GPLv2+ |
|
0 | 0 |
sbc | 1.4 | GPLv2+ & LGPLv2.1+ |
|
0 | 0 |
settings-daemon | 0.0.2 | MIT-style |
|
0 | 0 |
shadow-securetty | 4.6 | MIT |
|
0 | 0 |
shared-mime-info | 1.10 | GPLv2 |
|
0 | 0 |
shutdown-desktop | 1.0 | MIT |
|
0 | 0 |
speex | 1.2.0 | BSD |
|
0 | 0 |
speexdsp | 1.2rc3 | BSD |
|
0 | 0 |
startup-notification | 0.12 | LGPLv2+ |
|
0 | 0 |
sysvinit | 2.88dsf | GPLv2+ |
|
0 | 0 |
sysvinit-inittab | 2.88dsf | GPLv2 |
|
0 | 0 |
tcp-wrappers | 7.6 | BSD |
|
0 | 0 |
udev-extraconf | 1.1 | MIT |
|
0 | 0 |
update-rc.d | 0.8 | GPLv2+ |
|
0 | 0 |
util-linux | 2.32.1 | GPLv2+ & LGPLv2.1+ & BSD |
|
0 | 0 |
v86d | 0.1.10 | GPLv2 |
|
0 | 0 |
vte | 0.52.2 | LGPLv2.1+ |
|
0 | 0 |
vulkan | 1.1.73.0 | Apache-2.0 |
|
0 | 0 |
wayland | 1.17.0 | MIT |
|
0 | 0 |
xauth | 1.0.10 | MIT-X |
|
0 | 0 |
xcb-util | 0.4.0 | MIT |
|
0 | 0 |
xcursor-transparent-theme | 0.1.1 | GPLv2 |
|
0 | 0 |
xdpyinfo | 1.3.2 | MIT-X |
|
0 | 0 |
xf86-input-libinput | 0.28.2 | MIT-X |
|
0 | 0 |
xf86-video-cirrus | 1.5.3 | MIT-X |
|
0 | 0 |
xf86-video-fbdev | 0.5.0 | MIT-X |
|
0 | 0 |
xf86-video-vmware | 13.3.0 | MIT-X |
|
0 | 0 |
xhost | 1.0.8 | MIT-X |
|
0 | 0 |
xinit | 1.4.1 | MIT-X |
|
0 | 0 |
xinput | 1.6.2 | MIT-X |
|
0 | 0 |
xinput-calibrator | 0.7.5 | MIT-X |
|
0 | 0 |
xkbcomp | 1.4.2 | MIT-X |
|
0 | 0 |
xkeyboard-config | 2.26 | MIT & MIT-style |
|
0 | 0 |
xmodmap | 1.0.10 | MIT |
|
0 | 0 |
xorg-server | 1.20.4 | MIT-X |
|
0 | 0 |
xrandr | 1.5.0 | MIT |
|
0 | 0 |
xserver-nodm-init | 3.0 | GPLv2 |
|
0 | 0 |
xserver-xf86-config | 0.1 | MIT-X |
|
0 | 0 |
xset | 1.2.4 | MIT |
|
0 | 0 |
xz | 5.2.4 | GPLv2+ & GPL-3.0-with-autoconf-exception & LGPLv2.1+ & PD |
|
0 | 0 |
zlib | 1.2.11 | Zlib |
|
0 | 0 |
CVEs
Filters
Package | CVE ID | Status | CVSSv3 | Attack Vector | Notes | Platform Arch | Platform OS | |||
---|---|---|---|---|---|---|---|---|---|---|
avahi | CVE-2017-6519 | Fixed |
|
NETWORK | ||||||
bash | CVE-2019-18276 | Unfixed |
|
LOCAL | ||||||
binutils | CVE-2019-17451 | Unfixed |
|
NETWORK | ||||||
binutils | CVE-2019-12972 | Fixed |
|
LOCAL | ||||||
binutils | CVE-2019-9075 | Fixed |
|
LOCAL | ||||||
binutils | CVE-2019-9070 | Fixed |
|
LOCAL | ||||||
binutils | CVE-2019-14250 | Fixed |
|
LOCAL | ||||||
binutils | CVE-2019-9072 | Unfixed |
|
LOCAL | ||||||
binutils | CVE-2019-14444 | Fixed |
|
LOCAL | ||||||
binutils | CVE-2019-9077 | Fixed |
|
LOCAL | ||||||
binutils | CVE-2019-9074 | Fixed |
|
LOCAL | ||||||
binutils | CVE-2019-9073 | Unfixed |
|
LOCAL | ||||||
binutils | CVE-2019-9071 | Fixed |
|
LOCAL | ||||||
binutils | CVE-2019-17450 | Unfixed |
|
NETWORK | ||||||
binutils | CVE-2019-9076 | Fixed |
|
LOCAL | ||||||
bluez5 | CVE-2020-0556 | Unfixed |
|
ADJACENT_NETWORK | ||||||
bluez5 | CVE-2018-10910 | Fixed |
|
LOCAL | ||||||
busybox | CVE-2019-5747 | Unfixed |
|
NETWORK | ||||||
bzip2 | CVE-2019-12900 | Fixed |
|
NETWORK | ||||||
bzip2 | CVE-2016-3189 | Fixed |
|
NETWORK | ||||||
cairo | CVE-2018-19876 | Fixed |
|
NETWORK | ||||||
cairo | CVE-2017-7475 | Fixed |
|
LOCAL | ||||||
cairo | CVE-2019-6461 | Fixed |
|
NETWORK | ||||||
cairo | CVE-2019-6462 | Fixed |
|
NETWORK | ||||||
curl | CVE-2019-15601 | Unfixed |
|
NETWORK | ||||||
curl | CVE-2019-5436 | Fixed |
|
LOCAL | ||||||
curl | CVE-2019-5481 | Unfixed |
|
NETWORK | ||||||
curl | CVE-2019-5482 | Fixed |
|
NETWORK | ||||||
curl | CVE-2019-5435 | Fixed |
|
NETWORK | ||||||
curl | CVE-2019-5443 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3615 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3613 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3614 | Unfixed |
|
LOCAL | ||||||
db | CVE-2016-3418 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3605 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3604 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3606 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3607 | Unfixed |
|
LOCAL | ||||||
db | CVE-2016-0682 | Unfixed |
|
LOCAL | ||||||
db | CVE-2016-0694 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3610 | Unfixed |
|
LOCAL | ||||||
db | CVE-2016-0692 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3611 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3612 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3616 | Unfixed |
|
LOCAL | ||||||
db | CVE-2016-0689 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3617 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3608 | Unfixed |
|
LOCAL | ||||||
db | CVE-2017-3609 | Unfixed |
|
LOCAL | ||||||
dbus | CVE-2019-12749 | Unfixed |
|
LOCAL | ||||||
expat | CVE-2019-15903 | Unfixed |
|
NETWORK | ||||||
expat | CVE-2018-20843 | Fixed |
|
NETWORK | ||||||
file | CVE-2019-18218 | Unfixed |
|
NETWORK | ||||||
flac | CVE-2017-6888 | Fixed |
|
LOCAL | ||||||
gcc-runtime | CVE-2019-15847 | Unfixed |
|
NETWORK | ||||||
glib-2.0 | CVE-2019-13012 | Fixed |
|
NETWORK | ||||||
glib-2.0 | CVE-2019-12450 | Whitelisted |
|
NETWORK | ||||||
glibc | CVE-2020-1751 | Unfixed |
|
None | ||||||
glibc | CVE-2019-19126 | Unfixed |
|
LOCAL | ||||||
glibc | CVE-2018-20796 | Fixed |
|
NETWORK | ||||||
glibc | CVE-2020-1752 | Unfixed |
|
None | ||||||
glibc | CVE-2019-9169 | Fixed |
|
NETWORK | ||||||
glibc | CVE-2019-7309 | Fixed |
|
LOCAL | ||||||
glibc | CVE-2020-10029 | Unfixed |
|
LOCAL | ||||||
glibc | CVE-2019-9192 | Unfixed |
|
NETWORK | ||||||
gnupg | CVE-2019-13050 | Unfixed |
|
NETWORK | ||||||
gnupg | CVE-2019-14855 | Unfixed |
|
None | ||||||
gstreamer1.0 | CVE-2019-9928 | Unfixed |
|
NETWORK | ||||||
libarchive | CVE-2018-1000879 | Fixed |
|
NETWORK | ||||||
libarchive | CVE-2019-1000020 | Fixed |
|
NETWORK | ||||||
libarchive | CVE-2018-1000880 | Fixed |
|
NETWORK | ||||||
libarchive | CVE-2019-18408 | Unfixed |
|
NETWORK | ||||||
libarchive | CVE-2018-1000878 | Fixed |
|
NETWORK | ||||||
libarchive | CVE-2019-1000019 | Fixed |
|
NETWORK | ||||||
libarchive | CVE-2018-1000877 | Fixed |
|
NETWORK | ||||||
libcroco | CVE-2017-8834 | Unfixed |
|
NETWORK | ||||||
libcroco | CVE-2017-8871 | Unfixed |
|
NETWORK | ||||||
libcroco | CVE-2017-7961 | Fixed |
|
LOCAL | ||||||
libcroco | CVE-2017-7960 | Fixed |
|
LOCAL | ||||||
libexif | CVE-2018-20030 | Fixed |
|
NETWORK | ||||||
libexif | CVE-2017-7544 | Fixed |
|
NETWORK | ||||||
libgcrypt | CVE-2019-13627 | Unfixed |
|
NETWORK | ||||||
libgcrypt | CVE-2019-12904 | Unfixed |
|
NETWORK | ||||||
libice | CVE-2017-2626 | Fixed |
|
LOCAL | ||||||
libidn2 | CVE-2019-12290 | Unfixed |
|
NETWORK | ||||||
libidn2 | CVE-2019-18224 | Unfixed |
|
NETWORK | ||||||
libjpeg-turbo | CVE-2019-13960 | Unfixed |
|
LOCAL | ||||||
libpcre | CVE-2017-11164 | Unfixed |
|
NETWORK | ||||||
libpcre2 | CVE-2019-20454 | Unfixed |
|
NETWORK | ||||||
libpng | CVE-2019-7317 | Fixed |
|
NETWORK | ||||||
libpng | CVE-2019-6129 | Unfixed |
|
NETWORK | ||||||
librsvg | CVE-2018-1000041 | Unfixed |
|
NETWORK | ||||||
librsvg | CVE-2019-20446 | Unfixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2017-8365 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2018-19432 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2017-8361 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2017-8362 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2017-8363 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2017-14634 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2017-12562 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2017-14245 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2017-14246 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2017-6892 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2018-19758 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2018-19662 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2018-19661 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2018-13139 | Fixed |
|
NETWORK | ||||||
libsndfile1 | CVE-2019-3832 | Fixed |
|
LOCAL | ||||||
libsolv | CVE-2019-20387 | Unfixed |
|
NETWORK | ||||||
libvorbis | CVE-2018-10393 | Fixed |
|
NETWORK | ||||||
libvorbis | CVE-2018-10392 | Fixed |
|
NETWORK | ||||||
libvorbis | CVE-2017-14160 | Fixed |
|
NETWORK | ||||||
libxml2 | CVE-2017-8872 | Fixed |
|
NETWORK | ||||||
libxml2 | CVE-2019-19956 | Unfixed |
|
NETWORK | ||||||
libxml2 | CVE-2018-14404 | Fixed |
|
NETWORK | ||||||
libxml2 | CVE-2018-9251 | Fixed |
|
NETWORK | ||||||
libxml2 | CVE-2018-14567 | Fixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-19966 | Unfixed |
|
PHYSICAL | ||||||
linux-yocto | CVE-2019-14899 | Unfixed |
|
ADJACENT_NETWORK | ||||||
linux-yocto | CVE-2019-19524 | Unfixed |
|
PHYSICAL | ||||||
linux-yocto | CVE-2019-16746 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-5108 | Unfixed |
|
ADJACENT_NETWORK | ||||||
linux-yocto | CVE-2019-19055 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-19058 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-13272 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-19527 | Unfixed |
|
PHYSICAL | ||||||
linux-yocto | CVE-2019-19059 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-19252 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-11477 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-11479 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-11478 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-19462 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-3874 | Unfixed |
|
ADJACENT_NETWORK | ||||||
linux-yocto | CVE-2019-18885 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-16089 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-19072 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-18282 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-18814 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-13233 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-15215 | Unfixed |
|
PHYSICAL | ||||||
linux-yocto | CVE-2019-15118 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-19922 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-19767 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-19769 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-12817 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-15117 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-19082 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-16234 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-17133 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-19768 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2019-15902 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2020-8428 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-16229 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2020-8649 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2020-8648 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2020-8647 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-12380 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-10220 | Unfixed |
|
NETWORK | ||||||
linux-yocto | CVE-2020-7053 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2020-1749 | Unfixed |
|
None | ||||||
linux-yocto | CVE-2020-9383 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-19037 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-19036 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2020-8832 | Unfixed |
|
None | ||||||
linux-yocto | CVE-2019-19532 | Unfixed |
|
PHYSICAL | ||||||
linux-yocto | CVE-2019-19537 | Unfixed |
|
PHYSICAL | ||||||
linux-yocto | CVE-2019-14284 | Unfixed |
|
LOCAL | ||||||
linux-yocto | CVE-2019-14283 | Unfixed |
|
PHYSICAL | ||||||
linux-yocto | CVE-2019-10638 | Unfixed |
|
NETWORK | ||||||
ncurses | CVE-2019-17594 | Unfixed |
|
LOCAL | ||||||
ncurses | CVE-2019-17595 | Unfixed |
|
NETWORK | ||||||
nss | CVE-2019-17006 | Unfixed |
|
None | ||||||
nss | CVE-2019-17007 | Unfixed |
|
None | ||||||
openssl | CVE-2019-1547 | Unfixed |
|
LOCAL | ||||||
openssl | CVE-2019-1563 | Unfixed |
|
NETWORK | ||||||
openssl | CVE-2019-1552 | Unfixed |
|
LOCAL | ||||||
openssl | CVE-2019-1549 | Unfixed |
|
NETWORK | ||||||
openssl | CVE-2019-1543 | Fixed |
|
NETWORK | ||||||
openssl | CVE-2019-1551 | Unfixed |
|
NETWORK | ||||||
pango | CVE-2019-1010238 | Fixed |
|
NETWORK | ||||||
python3 | CVE-2020-8492 | Unfixed |
|
NETWORK | ||||||
python3 | CVE-2020-8315 | Unfixed |
|
LOCAL | ||||||
python3 | CVE-2019-16056 | Unfixed |
|
NETWORK | ||||||
python3 | CVE-2019-16935 | Unfixed |
|
NETWORK | ||||||
python3 | CVE-2019-18348 | Unfixed |
|
NETWORK | ||||||
shadow | CVE-2013-4235 | Unfixed |
|
LOCAL | ||||||
sqlite3 | CVE-2019-8457 | Unfixed |
|
NETWORK | ||||||
sqlite3 | CVE-2019-16168 | Unfixed |
|
NETWORK | ||||||
sqlite3 | CVE-2019-9936 | Fixed |
|
NETWORK | ||||||
sqlite3 | CVE-2019-9937 | Fixed |
|
NETWORK | ||||||
sqlite3 | CVE-2019-5018 | Unfixed |
|
NETWORK | ||||||
sqlite3 | CVE-2019-19645 | Unfixed |
|
LOCAL | ||||||
sudo | CVE-2019-19234 | Unfixed |
|
NETWORK | ||||||
sudo | CVE-2019-19232 | Unfixed |
|
NETWORK | ||||||
sudo | CVE-2019-14287 | Unfixed |
|
NETWORK | ||||||
taglib | CVE-2017-12678 | Fixed |
|
NETWORK | ||||||
taglib | CVE-2018-11439 | Fixed |
|
NETWORK | ||||||
wpa-supplicant | CVE-2019-11555 | Fixed |
|
NETWORK | ||||||
wpa-supplicant | CVE-2019-9499 | Fixed |
|
NETWORK | ||||||
wpa-supplicant | CVE-2019-9498 | Fixed |
|
NETWORK | ||||||
wpa-supplicant | CVE-2019-16275 | Unfixed |
|
ADJACENT_NETWORK | ||||||
wpa-supplicant | CVE-2019-9497 | Fixed |
|
NETWORK | ||||||
wpa-supplicant | CVE-2019-9496 | Fixed |
|
NETWORK | ||||||
wpa-supplicant | CVE-2019-9495 | Fixed |
|
NETWORK | ||||||
wpa-supplicant | CVE-2019-9494 | Fixed |
|
NETWORK |
NOTES:
– CVSS columns highlighted in red have a high (7.0+) or critical (9.0+) CVSSv3 base score.
– Whitelisted packages or CVEs have been explicitly ignored by the build configuration.
– Toolchain packages may also be present in the root filesystem in some cases (such as when building on the target device is supported by the image).
– Notes and whitelist are applied to all reports in this product that contain the same CVE entry.
– CVSS columns highlighted in red have a high (7.0+) or critical (9.0+) CVSSv3 base score.
– Whitelisted packages or CVEs have been explicitly ignored by the build configuration.
– Toolchain packages may also be present in the root filesystem in some cases (such as when building on the target device is supported by the image).
– Notes and whitelist are applied to all reports in this product that contain the same CVE entry.
About the Vigiles CVE Dashboard
-
What is this page?
The Vigiles CVE Dashboard shows you all the CVEs affecting a specific manifest at the time the scan was performed. It allows you to filter, whitelist, and make notes about individual CVEs. You can also export the data, and download the manifest from this page. -
What is the Summary section, and what can I do with it?
Located at the top of the dashboard, the summary gives you an “at-a-glance” view of the number of CVEs in the scan results, and breaks the CVE counts down by status and severity. You can click the labels in each chart's legend to toggle what information is displayed. -
How can I learn more about a CVE?
For more details about any CVE, simply click on the associated CVE ID in the CVEs table to be directed to more information about the vulnerability.