• Docs
  • Vulnerability Notifications
  • Create a BSP
  • Register
  • Log in


Timesys Vigiles: Real-time security vulnerability monitoring for more secure products


With the increasing rate of security vulnerabilities (CVEs) and the unpredictability of discoveries, the manual process of keeping up with the newly discovered CVEs for your device software is not feasible. Timesys helps reduce the time and costs associated with maintaining software security through its automated Vigiles Security Monitoring and Notification Service.


LEARN HOW VIGILES WORKS COMPARE VIGILES VERSIONS START TODAY FOR FREE

Demo Notice

This is a sample version of a real Vigiles CVE Dashboard. Here you can get a feel for the dashboard, but you can not make any changes. To learn more read the FAQ below.

If you already have a LinuxLink account, log in to see your personal dashboard.
Vigiles User Guide

Apart from this demo, you can view our full Vigiles User Guide to learn more about Vigiles features and how to use them.

Yocto Manifest
Description: Demo
Image: core-image-sato
Machine: qemux86
Distro: warrior (2.7.1)
Manifest Uploaded: 03/18/20 05:41 PM UTC
Scan Performed: 03/18/20 07:36 PM UTC

BSP Lifecycle Maintenance

Kernel patches are included in our BSP Lifecycle Maintenance service.

The Timesys BSP Lifecycle Maintenance and Timesys TRST teams have the expertise to maintain the security of your BSP, on your custom hardware, allowing your team to focus on improving products to expand your customer base.

Learn More
NOTE: The owner of this report has applied filters.
  • Kernel config based filtering: on

Summary

  • 131
    Unfixed
    79
    User space
    52
    Kernel
  • 73
    Fixed
    73
    User space
    0
    Kernel
  • 76
    High/Critical CVSS (Unfixed)
    47
    User space
    29
    Kernel
Unfixed CVE Count by Severity
Packages with Known CVEs
Packages

Show Unfixed Only

Package Version License Unfixed Fixed Whitelisted
avahi 0.7 GPLv2+ & LGPLv2.1+
1 0
bash 4.4.18 GPLv3+
0 0
binutils 2.32 GPLv3
9 0
bluez5 5.50 GPLv2+ & LGPLv2.1+
1 0
busybox 1.30.1 GPLv2 & bzip2
0 0
bzip2 1.0.6 bzip2
2 0
cairo 1.16.0 MPL-1 & LGPLv2.1 & GPLv3+
4 0
curl 7.64.1 MIT
3 0
db 11.2.5.3.28 Sleepycat
0 0
dbus 1.12.12 AFL-2 | GPLv2+
0 0
expat 2.2.6 MIT
1 0
file 5.36 BSD
0 0
flac 1.3.2 GFDL-1.2 & GPLv2+ & LGPLv2.1+ & BSD
1 0
gcc-runtime 8.3.0 GPL-3.0-with-GCC-exception
0 0
glib-2.0 2.58.3 LGPLv2.1+ & BSD & PD
1 1
glibc 2.29 GPLv2 & LGPLv2.1
3 0
gnupg 2.2.13 GPLv3 & LGPLv3
0 0
gstreamer1.0 1.14.4 LGPLv2+
0 0
libarchive 3.3.3 BSD
6 0
libcroco 0.6.12 LGPLv2 & LGPLv2.1
2 0
libexif 0.6.21 LGPLv2.1
2 0
libgcrypt 1.8.4 GPLv2+ & LGPLv2.1+ & GPLv3+
0 0
libice 1.0.9 MIT-style
1 0
libidn2 2.0.5 (GPLv2+ | LGPLv3) & GPLv3+
0 0
libjpeg-turbo 2.0.2 BSD-3-Clause
0 0
libpcre 8.43 BSD
0 0
libpcre2 10.32 BSD
0 0
libpng 1.6.36 Libpng
1 0
librsvg 2.40.20 LGPLv2+
0 0
libsndfile1 1.0.28 LGPLv2.1
15 0
libsolv 0.7.3 BSD-3-Clause
0 0
libvorbis 1.3.6 BSD
3 0
libxml2 2.9.8 MIT
4 0
linux-yocto 5.0.19 GPLv2
0 0
ncurses 6.1.20181013 MIT
0 0
nss 3.42.1 MPL-2.0 | (MPL-2.0 & GPL-2.0+) | (MPL-2.0 & LGPL-2.1+)
0 0
openssl 1.1.1b openssl
1 0
pango 1.42.4 LGPLv2.0+
1 0
python3 3.7.4 PSFv2
0 0
shadow 4.6 BSD | Artistic-1.0
0 0
sqlite3 3.27.2 PD
2 0
sudo 1.8.27 ISC & BSD & Zlib
0 0
taglib 1.11.1 LGPLv2.1 | MPL-1
2 0
wpa-supplicant 2.7 BSD
7 0
acl 2.2.52 LGPLv2.1+ & GPLv2+
0  0 
adwaita-icon-theme 3.30.1 LGPL-3.0 | CC-BY-SA-3.0
0  0 
alsa-lib 1.1.8 LGPLv2.1 & GPLv2+
0  0 
alsa-plugins 1.1.8 LGPLv2.1 & GPLv2+
0  0 
alsa-state 0.2.0 MIT
0  0 
alsa-utils 1.1.8 GPLv2+
0  0 
at-spi2-atk 2.30.0 LGPLv2
0  0 
at-spi2-core 2.30.0 LGPLv2
0  0 
atk 2.30.0 GPLv2+ & LGPLv2+
0  0 
attr 2.4.47 LGPLv2.1+ & GPLv2+
0  0 
base-files 3.0.14 GPLv2
0  0 
base-passwd 3.5.29 GPLv2+
0  0 
ca-certificates 20190110 GPL-2.0+ & MPL-2.0
0  0 
connman 1.36 GPLv2
0  0 
connman-conf 1.0 GPLv2
0  0 
connman-gnome 0.7 GPLv2 & LGPLv2.1
0  0 
consolekit 0.4.6 GPLv2+
0  0 
dbus-glib 0.110 AFL-2 | GPLv2+
0  0 
dbus-wait 0.1 GPLv2
0  0 
distcc 3.3.2 GPLv2
0  0 
distcc-config 1.0 MIT
0  0 
dnf 4.1.0 GPLv2
0  0 
dropbear_ssh 2019.78 MIT & BSD-3-Clause & BSD-2-Clause & PD
0  0 
elfutils 0.176 GPLv2 & LGPLv3+ & GPLv3+
0  0 
eudev 3.2.7 GPLv2.0+ & LGPL-2.1+
0  0 
fontconfig 2.12.6 MIT-style & MIT & PD
0  0 
formfactor 0.0 MIT
0  0 
freetype 2.9.1 FreeType | GPLv2+
0  0 
gconf 3.2.6 LGPLv2+
0  0 
gdk-pixbuf 2.38.0 LGPLv2.1
0  0 
glib-networking 2.60.1 LGPLv2.1
0  0 
gmp 6.1.2 GPLv2+ | LGPLv3+
0  0 
gnu_fribidi 1.0.5 LGPLv2.1+
0  0 
gnutls 3.6.7 GPLv3+ & LGPLv2.1+
0  0 
gpgme 1.12.0 GPLv2+ & LGPLv2.1+
0  0 
gst-examples 0.0.1 LGPL-2.0+
0  0 
gstreamer1.0-plugins-bad 1.14.4 GPLv2+ & LGPLv2+ & LGPLv2.1+
0  0 
gstreamer1.0-plugins-base 1.14.4 GPLv2+ & LGPLv2+
0  0 
gstreamer1.0-plugins-good 1.14.4 GPLv2+ & LGPLv2.1+
0  0 
gtk+3 3.24.5 LGPLv2 & LGPLv2+ & LGPLv2.1+
0  0 
harfbuzz 2.3.1 MIT
0  0 
hicolor-icon-theme 0.17 GPLv2
0  0 
init-ifupdown 1.0 GPLv2
0  0 
initscripts 1.0 GPLv2
0  0 
iptables 1.6.2 GPLv2+
0  0 
iw 4.14 BSD
0  0 
json-c 0.13.1 MIT
0  0 
kmod 26 GPL-2.0+ & LGPL-2.1+
0  0 
l3afpad 0.8.18.1.11 GPLv2+
0  0 
lame 3.100 LGPLv2+
0  0 
libassuan 2.5.3 GPLv3+ & LGPLv2.1+
0  0 
libcap 2.26 BSD | GPLv2
0  0 
libcomps 0.1.10 GPLv2
0  0 
libdaemon 0.14 LGPLv2.1+
0  0 
libdmx 1.1.4 MIT
0  0 
libdnf 0.26.0 LGPLv2.1
0  0 
libdrm 2.4.97 MIT
0  0 
libepoxy 1.5.3 MIT
0  0 
liberation-fonts 2.00.1 OFL-1.1
0  0 
libevdev 1.6.0 MIT-X
0  0 
libfakekey 0.3 LGPLv2+
0  0 
libffi 3.2.1 MIT
0  0 
libfm 1.3.1 GPLv2+ & LGPLv2+
0  0 
libfm-extra 1.3.1 LGPLv2+
0  0 
libfontenc 1.1.4 MIT
0  0 
libgpg-error 1.35 GPLv2+ & LGPLv2.1+
0  0 
libgudev 232 LGPLv2.1
0  0 
libinput 1.12.6 MIT
0  0 
libksba 1.3.5 GPLv2+ | LGPLv3+ | GPLv3+
0  0 
libmatchbox 1.12 LGPLv2+ & MIT
0  0 
libmodulemd 2.1.0 MIT
0  0 
libnl 3.4.0 LGPLv2.1
0  0 
libnsl2 1.2.0 LGPL-2.1
0  0 
libnss-mdns 0.10 LGPLv2.1+
0  0 
libogg 1.3.3 BSD
0  0 
libpciaccess 0.14 MIT & MIT-style
0  0 
libpsl 0.20.2 MIT
0  0 
librepo 1.9.4 LGPLv2.1
0  0 
libsm 1.2.3 MIT-style
0  0 
libsoup-2.4 2.64.2 LGPLv2
0  0 
libtheora 1.1.1 BSD
0  0 
libtirpc 1.0.3 BSD
0  0 
libtool 2.4.6 GPLv2 & LGPLv2.1
0  0 
libunistring 0.9.10 LGPLv3+ | GPLv2
0  0 
libusb1 1.0.22 LGPLv2.1+
0  0 
libwebp 1.0.2 BSD
0  0 
libx11 1.6.7 MIT & MIT-style & BSD
0  0 
libxau 1.0.9 MIT-style
0  0 
libxcb 1.13.1 MIT
0  0 
libxcomposite 0.4.5 MIT-style
0  0 
libxcrypt 4.4.2 LGPLv2.1
0  0 
libxcursor 1.2.0 MIT-style
0  0 
libxdamage 1.1.5 MIT
0  0 
libxdmcp 1.1.2 MIT-style
0  0 
libxext 1.3.3 MIT-style
0  0 
libxfixes 5.0.3 MIT-style
0  0 
libxfont2 2.0.3 MIT & MIT-style & BSD
0  0 
libxft 2.3.2 MIT
0  0 
libxi 1.7.9 MIT & MIT-style
0  0 
libxinerama 1.1.4 MIT
0  0 
libxkbcommon 0.8.4 MIT & MIT-style
0  0 
libxkbfile 1.0.9 MIT-style
0  0 
libxmu 1.1.2 MIT & MIT-style
0  0 
libxrandr 1.5.1 MIT-style
0  0 
libxrender 0.9.10 MIT-style
0  0 
libxshmfence 1.3 MIT-style
0  0 
libxtst 1.2.3 MIT-style
0  0 
libxv 1.0.11 MIT-style
0  0 
libxxf86dga 1.1.4 MIT-X
0  0 
libxxf86misc 1.0.4 MIT
0  0 
libxxf86vm 1.1.4 MIT
0  0 
libyaml 0.2.1 MIT
0  0 
lzo 2.10 GPLv2+
0  0 
matchbox-config-gtk 0.2 GPLv2+
0  0 
matchbox-desktop 2.2 GPLv2+ & LGPLv2+
0  0 
matchbox-keyboard 0.1.1 LGPLv2.1
0  0 
matchbox-panel-2 2.11 GPLv2+
0  0 
matchbox-session 0.1 GPLv2
0  0 
matchbox-session-sato 0.1 GPLv2.0+
0  0 
matchbox-terminal 0.2 GPLv2+
0  0 
matchbox-theme-sato 0.2 CC-BY-SA-3.0
0  0 
matchbox-wm 1.2.2 GPLv2+
0  0 
menu-cache 1.1.0 LGPLv2.1+
0  0 
mesa 19.0.8 MIT
0  0 
mini-x-session 0.1 GPLv2
0  0 
mobile-broadband-provider-info 20190116 PD
0  0 
modutils-initscripts 1.0 PD
0  0 
mpg123 1.25.10 LGPLv2.1
0  0 
mtdev 1.1.5 MIT
0  0 
netbase 5.6 GPLv2
0  0 
netscape_portable_runtime 4.21 GPL-2.0 | MPL-2.0 | LGPL-2.1
0  0 
nettle 3.4.1 LGPLv3+ | GPLv2+
0  0 
nfs-export-root 1.0 MIT
0  0 
nfs-utils 2.3.3 MIT & GPLv2+ & BSD
0  0 
npth 1.6 LGPLv2+
0  0 
ofono 1.25 GPLv2
0  0 
opkg-utils 0.4.0 GPLv2+
0  0 
orc 0.4.28 BSD-2-Clause & BSD-3-Clause
0  0 
packagegroup-base 1.0 MIT
0  0 
packagegroup-core-boot 1.0 MIT
0  0 
packagegroup-core-device-devel 1.0 MIT
0  0 
packagegroup-core-nfs 1.0 MIT
0  0 
packagegroup-core-ssh-dropbear 1.0 MIT
0  0 
packagegroup-core-x11 1.0 MIT
0  0 
packagegroup-core-x11-base 1.0 MIT
0  0 
packagegroup-core-x11-sato 1.0 MIT
0  0 
packagegroup-core-x11-xserver 1.0 MIT
0  0 
pciutils 3.6.2 GPLv2+
0  0 
pcmanfm 1.3.1 GPLv2 & GPLv2+ & LGPLv2.1+
0  0 
perl 5.28.1 Artistic-1.0 | GPL-1.0+
0  0 
pinentry 1.1.0 GPLv2
0  0 
pixman 0.38.0 MIT & MIT-style & PD
0  0 
pointercal-xinput 0.0 MIT
0  0 
popt 1.16 MIT
0  0 
psplash 0.1 GPLv2+
0  0 
pulseaudio 12.2 LGPLv2.1+ & MIT & BSD-3-Clause
0  0 
pulseaudio-client-conf-sato 1 MIT
0  0 
puzzles 0.0 MIT
0  0 
python3-iniparse 0.4 MIT & PSF
0  0 
python3-six 1.12.0 MIT
0  0 
readline 8.0 GPLv3+
0  0 
rgb 1.0.6 MIT-X
0  0 
rpcbind 1.2.5 BSD
0  0 
rpm 4.14.2.1 GPL-2.0
0  0 
run-postinsts 1.0 MIT
0  0 
sato-screenshot 0.3 GPLv2 & GPLv2+
0  0 
sbc 1.4 GPLv2+ & LGPLv2.1+
0  0 
settings-daemon 0.0.2 MIT-style
0  0 
shadow-securetty 4.6 MIT
0  0 
shared-mime-info 1.10 GPLv2
0  0 
shutdown-desktop 1.0 MIT
0  0 
speex 1.2.0 BSD
0  0 
speexdsp 1.2rc3 BSD
0  0 
startup-notification 0.12 LGPLv2+
0  0 
sysvinit 2.88dsf GPLv2+
0  0 
sysvinit-inittab 2.88dsf GPLv2
0  0 
tcp-wrappers 7.6 BSD
0  0 
udev-extraconf 1.1 MIT
0  0 
update-rc.d 0.8 GPLv2+
0  0 
util-linux 2.32.1 GPLv2+ & LGPLv2.1+ & BSD
0  0 
v86d 0.1.10 GPLv2
0  0 
vte 0.52.2 LGPLv2.1+
0  0 
vulkan 1.1.73.0 Apache-2.0
0  0 
wayland 1.17.0 MIT
0  0 
xauth 1.0.10 MIT-X
0  0 
xcb-util 0.4.0 MIT
0  0 
xcursor-transparent-theme 0.1.1 GPLv2
0  0 
xdpyinfo 1.3.2 MIT-X
0  0 
xf86-input-libinput 0.28.2 MIT-X
0  0 
xf86-video-cirrus 1.5.3 MIT-X
0  0 
xf86-video-fbdev 0.5.0 MIT-X
0  0 
xf86-video-vmware 13.3.0 MIT-X
0  0 
xhost 1.0.8 MIT-X
0  0 
xinit 1.4.1 MIT-X
0  0 
xinput 1.6.2 MIT-X
0  0 
xinput-calibrator 0.7.5 MIT-X
0  0 
xkbcomp 1.4.2 MIT-X
0  0 
xkeyboard-config 2.26 MIT & MIT-style
0  0 
xmodmap 1.0.10 MIT
0  0 
xorg-server 1.20.4 MIT-X
0  0 
xrandr 1.5.0 MIT
0  0 
xserver-nodm-init 3.0 GPLv2
0  0 
xserver-xf86-config 0.1 MIT-X
0  0 
xset 1.2.4 MIT
0  0 
xz 5.2.4 GPLv2+ & GPL-3.0-with-autoconf-exception & LGPLv2.1+ & PD
0  0 
zlib 1.2.11 Zlib
0  0 
CVEs

 Filters 

Kernel Config Filter   applied

This filter limits the results in the report based on which options are enabled in the related kernel configuration.
Select a kernel config (not a defconfig) to upload:

Download Applied

U-Boot Config Filter

This filter limits the results in the report based on which options are enabled in the related u-boot configuration. This is an experimental feature.

Select a U-Boot config to upload:




Package Version CVE ID Status CVSSv3 Attack Vector Notes Platform Arch Platform OS
avahi 0.7 CVE-2017-6519 Fixed
NETWORK
bash 4.4.18 CVE-2019-18276 Unfixed
LOCAL
binutils 2.32 CVE-2019-17451 Unfixed
NETWORK
binutils 2.32 CVE-2019-12972 Fixed
LOCAL
binutils 2.32 CVE-2019-9075 Fixed
LOCAL
binutils 2.32 CVE-2019-9070 Fixed
LOCAL
binutils 2.32 CVE-2019-14250 Fixed
LOCAL
binutils 2.32 CVE-2019-9072 Unfixed
LOCAL
binutils 2.32 CVE-2019-14444 Fixed
LOCAL
binutils 2.32 CVE-2019-9077 Fixed
LOCAL
binutils 2.32 CVE-2019-9074 Fixed
LOCAL
binutils 2.32 CVE-2019-9073 Unfixed
LOCAL
binutils 2.32 CVE-2019-9071 Fixed
LOCAL
binutils 2.32 CVE-2019-17450 Unfixed
NETWORK
binutils 2.32 CVE-2019-9076 Fixed
LOCAL
bluez5 5.50 CVE-2020-0556 Unfixed
ADJACENT_NETWORK
bluez5 5.50 CVE-2018-10910 Fixed
LOCAL
busybox 1.30.1 CVE-2019-5747 Unfixed
NETWORK
bzip2 1.0.6 CVE-2019-12900 Fixed
NETWORK
bzip2 1.0.6 CVE-2016-3189 Fixed
NETWORK
cairo 1.16.0 CVE-2018-19876 Fixed
NETWORK
cairo 1.16.0 CVE-2017-7475 Fixed
LOCAL
cairo 1.16.0 CVE-2019-6461 Fixed
NETWORK
cairo 1.16.0 CVE-2019-6462 Fixed
NETWORK
curl 7.64.1 CVE-2019-15601 Unfixed
NETWORK
curl 7.64.1 CVE-2019-5436 Fixed
LOCAL
curl 7.64.1 CVE-2019-5481 Unfixed
NETWORK
curl 7.64.1 CVE-2019-5482 Fixed
NETWORK
curl 7.64.1 CVE-2019-5435 Fixed
NETWORK
curl 7.64.1 CVE-2019-5443 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3615 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3613 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3614 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2016-3418 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3605 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3604 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3606 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3607 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2016-0682 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2016-0694 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3610 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2016-0692 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3611 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3612 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3616 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2016-0689 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3617 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3608 Unfixed
LOCAL
db 11.2.5.3.28 CVE-2017-3609 Unfixed
LOCAL
dbus 1.12.12 CVE-2019-12749 Unfixed
LOCAL
expat 2.2.6 CVE-2019-15903 Unfixed
NETWORK
expat 2.2.6 CVE-2018-20843 Fixed
NETWORK
file 5.36 CVE-2019-18218 Unfixed
NETWORK
flac 1.3.2 CVE-2017-6888 Fixed
LOCAL
gcc-runtime 8.3.0 CVE-2019-15847 Unfixed
NETWORK
glib-2.0 2.58.3 CVE-2019-13012 Fixed
NETWORK
glib-2.0 2.58.3 CVE-2019-12450 Whitelisted
NETWORK
glibc 2.29 CVE-2020-1751 Unfixed
None
glibc 2.29 CVE-2019-19126 Unfixed
LOCAL
glibc 2.29 CVE-2018-20796 Fixed
NETWORK
glibc 2.29 CVE-2020-1752 Unfixed
None
glibc 2.29 CVE-2019-9169 Fixed
NETWORK
glibc 2.29 CVE-2019-7309 Fixed
LOCAL
glibc 2.29 CVE-2020-10029 Unfixed
LOCAL
glibc 2.29 CVE-2019-9192 Unfixed
NETWORK
gnupg 2.2.13 CVE-2019-13050 Unfixed
NETWORK
gnupg 2.2.13 CVE-2019-14855 Unfixed
None
gstreamer1.0 1.14.4 CVE-2019-9928 Unfixed
NETWORK
libarchive 3.3.3 CVE-2018-1000879 Fixed
NETWORK
libarchive 3.3.3 CVE-2019-1000020 Fixed
NETWORK
libarchive 3.3.3 CVE-2018-1000880 Fixed
NETWORK
libarchive 3.3.3 CVE-2019-18408 Unfixed
NETWORK
libarchive 3.3.3 CVE-2018-1000878 Fixed
NETWORK
libarchive 3.3.3 CVE-2019-1000019 Fixed
NETWORK
libarchive 3.3.3 CVE-2018-1000877 Fixed
NETWORK
libcroco 0.6.12 CVE-2017-8834 Unfixed
NETWORK
libcroco 0.6.12 CVE-2017-8871 Unfixed
NETWORK
libcroco 0.6.12 CVE-2017-7961 Fixed
LOCAL
libcroco 0.6.12 CVE-2017-7960 Fixed
LOCAL
libexif 0.6.21 CVE-2018-20030 Fixed
NETWORK
libexif 0.6.21 CVE-2017-7544 Fixed
NETWORK
libgcrypt 1.8.4 CVE-2019-13627 Unfixed
NETWORK
libgcrypt 1.8.4 CVE-2019-12904 Unfixed
NETWORK
libice 1.0.9 CVE-2017-2626 Fixed
LOCAL
libidn2 2.0.5 CVE-2019-12290 Unfixed
NETWORK
libidn2 2.0.5 CVE-2019-18224 Unfixed
NETWORK
libjpeg-turbo 2.0.2 CVE-2019-13960 Unfixed
LOCAL
libpcre 8.43 CVE-2017-11164 Unfixed
NETWORK
libpcre2 10.32 CVE-2019-20454 Unfixed
NETWORK
libpng 1.6.36 CVE-2019-7317 Fixed
NETWORK
libpng 1.6.36 CVE-2019-6129 Unfixed
NETWORK
librsvg 2.40.20 CVE-2018-1000041 Unfixed
NETWORK
librsvg 2.40.20 CVE-2019-20446 Unfixed
NETWORK
libsndfile1 1.0.28 CVE-2017-8365 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2018-19432 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2017-8361 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2017-8362 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2017-8363 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2017-14634 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2017-12562 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2017-14245 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2017-14246 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2017-6892 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2018-19758 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2018-19662 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2018-19661 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2018-13139 Fixed
NETWORK
libsndfile1 1.0.28 CVE-2019-3832 Fixed
LOCAL
libsolv 0.7.3 CVE-2019-20387 Unfixed
NETWORK
libvorbis 1.3.6 CVE-2018-10393 Fixed
NETWORK
libvorbis 1.3.6 CVE-2018-10392 Fixed
NETWORK
libvorbis 1.3.6 CVE-2017-14160 Fixed
NETWORK
libxml2 2.9.8 CVE-2017-8872 Fixed
NETWORK
libxml2 2.9.8 CVE-2019-19956 Unfixed
NETWORK
libxml2 2.9.8 CVE-2018-14404 Fixed
NETWORK
libxml2 2.9.8 CVE-2018-9251 Fixed
NETWORK
libxml2 2.9.8 CVE-2018-14567 Fixed
NETWORK
linux-yocto 5.0.19 CVE-2019-19966 Unfixed
PHYSICAL
linux-yocto 5.0.19 CVE-2019-14899 Unfixed
ADJACENT_NETWORK
linux-yocto 5.0.19 CVE-2019-19524 Unfixed
PHYSICAL
linux-yocto 5.0.19 CVE-2019-16746 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-5108 Unfixed
ADJACENT_NETWORK
linux-yocto 5.0.19 CVE-2019-19055 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-19058 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-13272 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-19527 Unfixed
PHYSICAL
linux-yocto 5.0.19 CVE-2019-19059 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-19252 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-11477 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-11479 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-11478 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-19462 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-3874 Unfixed
ADJACENT_NETWORK
linux-yocto 5.0.19 CVE-2019-18885 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-16089 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-19072 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-18282 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-18814 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-13233 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-15215 Unfixed
PHYSICAL
linux-yocto 5.0.19 CVE-2019-15118 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-19922 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-19767 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-19769 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-12817 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-15117 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-19082 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-16234 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-17133 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-19768 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2019-15902 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2020-8428 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-16229 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2020-8649 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2020-8648 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2020-8647 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-12380 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-10220 Unfixed
NETWORK
linux-yocto 5.0.19 CVE-2020-7053 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2020-1749 Unfixed
None
linux-yocto 5.0.19 CVE-2020-9383 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-19037 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-19036 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2020-8832 Unfixed
None
linux-yocto 5.0.19 CVE-2019-19532 Unfixed
PHYSICAL
linux-yocto 5.0.19 CVE-2019-19537 Unfixed
PHYSICAL
linux-yocto 5.0.19 CVE-2019-14284 Unfixed
LOCAL
linux-yocto 5.0.19 CVE-2019-14283 Unfixed
PHYSICAL
linux-yocto 5.0.19 CVE-2019-10638 Unfixed
NETWORK
ncurses 6.1.20181013 CVE-2019-17594 Unfixed
LOCAL
ncurses 6.1.20181013 CVE-2019-17595 Unfixed
NETWORK
nss 3.42.1 CVE-2019-17006 Unfixed
None
nss 3.42.1 CVE-2019-17007 Unfixed
None
openssl 1.1.1b CVE-2019-1547 Unfixed
LOCAL
openssl 1.1.1b CVE-2019-1563 Unfixed
NETWORK
openssl 1.1.1b CVE-2019-1552 Unfixed
LOCAL
openssl 1.1.1b CVE-2019-1549 Unfixed
NETWORK
openssl 1.1.1b CVE-2019-1543 Fixed
NETWORK
openssl 1.1.1b CVE-2019-1551 Unfixed
NETWORK
pango 1.42.4 CVE-2019-1010238 Fixed
NETWORK
python3 3.7.4 CVE-2020-8492 Unfixed
NETWORK
python3 3.7.4 CVE-2020-8315 Unfixed
LOCAL
python3 3.7.4 CVE-2019-16056 Unfixed
NETWORK
python3 3.7.4 CVE-2019-16935 Unfixed
NETWORK
python3 3.7.4 CVE-2019-18348 Unfixed
NETWORK
shadow 4.6 CVE-2013-4235 Unfixed
LOCAL
sqlite3 3.27.2 CVE-2019-8457 Unfixed
NETWORK
sqlite3 3.27.2 CVE-2019-16168 Unfixed
NETWORK
sqlite3 3.27.2 CVE-2019-9936 Fixed
NETWORK
sqlite3 3.27.2 CVE-2019-9937 Fixed
NETWORK
sqlite3 3.27.2 CVE-2019-5018 Unfixed
NETWORK
sqlite3 3.27.2 CVE-2019-19645 Unfixed
LOCAL
sudo 1.8.27 CVE-2019-19234 Unfixed
NETWORK
sudo 1.8.27 CVE-2019-19232 Unfixed
NETWORK
sudo 1.8.27 CVE-2019-14287 Unfixed
NETWORK
taglib 1.11.1 CVE-2017-12678 Fixed
NETWORK
taglib 1.11.1 CVE-2018-11439 Fixed
NETWORK
wpa-supplicant 2.7 CVE-2019-11555 Fixed
NETWORK
wpa-supplicant 2.7 CVE-2019-9499 Fixed
NETWORK
wpa-supplicant 2.7 CVE-2019-9498 Fixed
NETWORK
wpa-supplicant 2.7 CVE-2019-16275 Unfixed
ADJACENT_NETWORK
wpa-supplicant 2.7 CVE-2019-9497 Fixed
NETWORK
wpa-supplicant 2.7 CVE-2019-9496 Fixed
NETWORK
wpa-supplicant 2.7 CVE-2019-9495 Fixed
NETWORK
wpa-supplicant 2.7 CVE-2019-9494 Fixed
NETWORK
NOTES:
– CVSS columns highlighted in red have a high (7.0+) or critical (9.0+) CVSSv3 base score.
– Whitelisted packages or CVEs have been explicitly ignored by the build configuration.
– Toolchain packages may also be present in the root filesystem in some cases (such as when building on the target device is supported by the image).
– Notes and whitelist are applied to all reports in this product that contain the same CVE entry.


About the Vigiles CVE Dashboard
  • What is this page?

    The Vigiles CVE Dashboard shows you all the CVEs affecting a specific manifest at the time the scan was performed. It allows you to filter, whitelist, and make notes about individual CVEs. You can also export the data, and download the manifest from this page.
  • What is the Summary section, and what can I do with it?

    Located at the top of the dashboard, the summary gives you an “at-a-glance” view of the number of CVEs in the scan results, and breaks the CVE counts down by status and severity. You can click the labels in each chart's legend to toggle what information is displayed.
  • How can I learn more about a CVE?

    For more details about any CVE, simply click on the associated CVE ID in the CVEs table to be directed to more information about the vulnerability.

Want to learn more about Timesys Vigiles Security Monitoring and Notification?

VIEW VIGILES OPTIONS

Search for CVEs

Search Type
You can learn more in our documentation linked here.

CVE Details

Loading ...

Share Report

Enabling sharing provides a link to a view-only copy of the latest report for this manifest.

Sharing:
Click the button below to disable any links that currently exist, and create a new one.
A view-only report does not allow the user to: rescan the manifest, view the manifest history, use the manifest editor for this manifest, or modify notes, whitelist, or savable filters (kernel config, u-boot config).
Click here to learn more about sharing and collaborating with a team.

Send Feedback

Feature Request / Comments Bug Report

Use this form to let us know if you are experiencing an issue.
If you require a response, you should open a Support Ticket instead.



Get Help

We have compiled an FAQ, to help you find what you're looking for as quickly as possible. Click here to view it.

If you still have questions after reading the FAQ, click here to request support.
This website uses cookies to understand how you use our site and to improve your experience. By continuing to use our site, you accept our use of cookies, Privacy Policy and Terms of Use. To avoid the collection of cookie-based information, you can visit this site with cookies turned off in your browser. However, by disabling cookies, some features of the site will not work.
Accept
Read More
Copyright © 2021 Timesys Corporation. All Rights Reserved. Privacy Policy | Cookie Policy | Eula | Terms of Service | Terms of Sale
Yocto Project and all related marks and logos are registered trademarks of The Linux Foundation. This website is not, in any way, endorsed by the Yocto Project or The Linux Foundation.