Timesys Vigiles: Real-time security vulnerability monitoring for more secure products

With the increasing rate of security vulnerabilities (CVEs) and the unpredictability of discoveries, the manual process of keeping up with the newly discovered CVEs for your device software is not feasible. Timesys helps reduce the time and costs associated with maintaining software security through its automated Vigiles Security Monitoring and Notification Service.

LEARN HOW VIGILES WORKS COMPARE VIGILES VERSIONS START TODAY FOR FREE

Demo Notice

This is a sample version of a real Vigiles CVE Dashboard. Here you can get a feel for the dashboard, but you can not make any changes. To learn more read the FAQ below.

If you already have a LinuxLink account, log in to see your personal dashboard.

Vigiles User Guide

Apart from this demo, you can view our full Vigiles User Guide to learn more about Vigiles features and how to use them.

Yocto Manifest
Description: Demo
Image: core-image-sato
Machine: qemux86
Distro: warrior (2.7.1)
Manifest Uploaded: 03/18/20 05:41 PM UTC
Scan Performed: 03/18/20 07:36 PM UTC

BSP Lifecycle Maintenance

Kernel patches are included in our BSP Lifecycle Maintenance service.

The Timesys BSP Lifecycle Maintenance and Timesys TRST teams have the expertise to maintain the security of your BSP, on your custom hardware, allowing your team to focus on improving products to expand your customer base.

Learn More

NOTE: The owner of this report has applied filters.

Kernel config based filtering: on

Summary

112

Unfixed

60

User space

52

Kernel
73

Fixed

73

User space

0

Kernel
57

High/Critical CVSS (Unfixed)

28

User space

29

Kernel

Unfixed CVE Count by Severity

Packages with Known CVEs

Packages

Show Unfixed Only

Package	Version	License	Fixed	Whitelisted
avahi	0.7	GPLv2+ & LGPLv2.1+	1	0
bash	4.4.18	GPLv3+	0	0
binutils	2.32	GPLv3	9	0
bluez5	5.50	GPLv2+ & LGPLv2.1+	1	0
busybox	1.30.1	GPLv2 & bzip2	0	0
bzip2	1.0.6	bzip2	2	0
cairo	1.16.0	MPL-1 & LGPLv2.1 & GPLv3+	4	0
curl	7.64.1	MIT	3	0
db	11.2.5.3.28	Sleepycat	0	19
dbus	1.12.12	AFL-2 \| GPLv2+	0	0
expat	2.2.6	MIT	1	0
file	5.36	BSD	0	0
flac	1.3.2	GFDL-1.2 & GPLv2+ & LGPLv2.1+ & BSD	1	0
gcc-runtime	8.3.0	GPL-3.0-with-GCC-exception	0	0
glib-2.0	2.58.3	LGPLv2.1+ & BSD & PD	1	1
glibc	2.29	GPLv2 & LGPLv2.1	3	0
gnupg	2.2.13	GPLv3 & LGPLv3	0	0
gstreamer1.0	1.14.4	LGPLv2+	0	0
libarchive	3.3.3	BSD	6	0
libcroco	0.6.12	LGPLv2 & LGPLv2.1	2	0
libexif	0.6.21	LGPLv2.1	2	0
libgcrypt	1.8.4	GPLv2+ & LGPLv2.1+ & GPLv3+	0	0
libice	1.0.9	MIT-style	1	0
libidn2	2.0.5	(GPLv2+ \| LGPLv3) & GPLv3+	0	0
libjpeg-turbo	2.0.2	BSD-3-Clause	0	0
libpcre	8.43	BSD	0	0
libpcre2	10.32	BSD	0	0
libpng	1.6.36	Libpng	1	0
librsvg	2.40.20	LGPLv2+	0	0
libsndfile1	1.0.28	LGPLv2.1	15	0
libsolv	0.7.3	BSD-3-Clause	0	0
libvorbis	1.3.6	BSD	3	0
libxml2	2.9.8	MIT	4	0
linux-yocto	5.0.19	GPLv2	0	0
ncurses	6.1.20181013	MIT	0	0
nss	3.42.1	MPL-2.0 \| (MPL-2.0 & GPL-2.0+) \| (MPL-2.0 & LGPL-2.1+)	0	0
openssl	1.1.1b	openssl	1	0
pango	1.42.4	LGPLv2.0+	1	0
python3	3.7.4	PSFv2	0	0
shadow	4.6	BSD \| Artistic-1.0	0	0
sqlite3	3.27.2	PD	2	0
sudo	1.8.27	ISC & BSD & Zlib	0	0
taglib	1.11.1	LGPLv2.1 \| MPL-1	2	0
wpa-supplicant	2.7	BSD	7	0
acl	2.2.52	LGPLv2.1+ & GPLv2+	0	0
adwaita-icon-theme	3.30.1	LGPL-3.0 \| CC-BY-SA-3.0	0	0
alsa-lib	1.1.8	LGPLv2.1 & GPLv2+	0	0
alsa-plugins	1.1.8	LGPLv2.1 & GPLv2+	0	0
alsa-state	0.2.0	MIT	0	0
alsa-utils	1.1.8	GPLv2+	0	0
at-spi2-atk	2.30.0	LGPLv2	0	0
at-spi2-core	2.30.0	LGPLv2	0	0
atk	2.30.0	GPLv2+ & LGPLv2+	0	0
attr	2.4.47	LGPLv2.1+ & GPLv2+	0	0
base-files	3.0.14	GPLv2	0	0
base-passwd	3.5.29	GPLv2+	0	0
ca-certificates	20190110	GPL-2.0+ & MPL-2.0	0	0
connman	1.36	GPLv2	0	0
connman-conf	1.0	GPLv2	0	0
connman-gnome	0.7	GPLv2 & LGPLv2.1	0	0
consolekit	0.4.6	GPLv2+	0	0
dbus-glib	0.110	AFL-2 \| GPLv2+	0	0
dbus-wait	0.1	GPLv2	0	0
distcc	3.3.2	GPLv2	0	0
distcc-config	1.0	MIT	0	0
dnf	4.1.0	GPLv2	0	0
dropbear_ssh	2019.78	MIT & BSD-3-Clause & BSD-2-Clause & PD	0	0
elfutils	0.176	GPLv2 & LGPLv3+ & GPLv3+	0	0
eudev	3.2.7	GPLv2.0+ & LGPL-2.1+	0	0
fontconfig	2.12.6	MIT-style & MIT & PD	0	0
formfactor	0.0	MIT	0	0
freetype	2.9.1	FreeType \| GPLv2+	0	0
gconf	3.2.6	LGPLv2+	0	0
gdk-pixbuf	2.38.0	LGPLv2.1	0	0
glib-networking	2.60.1	LGPLv2.1	0	0
gmp	6.1.2	GPLv2+ \| LGPLv3+	0	0
gnu_fribidi	1.0.5	LGPLv2.1+	0	0
gnutls	3.6.7	GPLv3+ & LGPLv2.1+	0	0
gpgme	1.12.0	GPLv2+ & LGPLv2.1+	0	0
gst-examples	0.0.1	LGPL-2.0+	0	0
gstreamer1.0-plugins-bad	1.14.4	GPLv2+ & LGPLv2+ & LGPLv2.1+	0	0
gstreamer1.0-plugins-base	1.14.4	GPLv2+ & LGPLv2+	0	0
gstreamer1.0-plugins-good	1.14.4	GPLv2+ & LGPLv2.1+	0	0
gtk+3	3.24.5	LGPLv2 & LGPLv2+ & LGPLv2.1+	0	0
harfbuzz	2.3.1	MIT	0	0
hicolor-icon-theme	0.17	GPLv2	0	0
init-ifupdown	1.0	GPLv2	0	0
initscripts	1.0	GPLv2	0	0
iptables	1.6.2	GPLv2+	0	0
iw	4.14	BSD	0	0
json-c	0.13.1	MIT	0	0
kmod	26	GPL-2.0+ & LGPL-2.1+	0	0
l3afpad	0.8.18.1.11	GPLv2+	0	0
lame	3.100	LGPLv2+	0	0
libassuan	2.5.3	GPLv3+ & LGPLv2.1+	0	0
libcap	2.26	BSD \| GPLv2	0	0
libcomps	0.1.10	GPLv2	0	0
libdaemon	0.14	LGPLv2.1+	0	0
libdmx	1.1.4	MIT	0	0
libdnf	0.26.0	LGPLv2.1	0	0
libdrm	2.4.97	MIT	0	0
libepoxy	1.5.3	MIT	0	0
liberation-fonts	2.00.1	OFL-1.1	0	0
libevdev	1.6.0	MIT-X	0	0
libfakekey	0.3	LGPLv2+	0	0
libffi	3.2.1	MIT	0	0
libfm	1.3.1	GPLv2+ & LGPLv2+	0	0
libfm-extra	1.3.1	LGPLv2+	0	0
libfontenc	1.1.4	MIT	0	0
libgpg-error	1.35	GPLv2+ & LGPLv2.1+	0	0
libgudev	232	LGPLv2.1	0	0
libinput	1.12.6	MIT	0	0
libksba	1.3.5	GPLv2+ \| LGPLv3+ \| GPLv3+	0	0
libmatchbox	1.12	LGPLv2+ & MIT	0	0
libmodulemd	2.1.0	MIT	0	0
libnl	3.4.0	LGPLv2.1	0	0
libnsl2	1.2.0	LGPL-2.1	0	0
libnss-mdns	0.10	LGPLv2.1+	0	0
libogg	1.3.3	BSD	0	0
libpciaccess	0.14	MIT & MIT-style	0	0
libpsl	0.20.2	MIT	0	0
librepo	1.9.4	LGPLv2.1	0	0
libsm	1.2.3	MIT-style	0	0
libsoup-2.4	2.64.2	LGPLv2	0	0
libtheora	1.1.1	BSD	0	0
libtirpc	1.0.3	BSD	0	0
libtool	2.4.6	GPLv2 & LGPLv2.1	0	0
libunistring	0.9.10	LGPLv3+ \| GPLv2	0	0
libusb1	1.0.22	LGPLv2.1+	0	0
libwebp	1.0.2	BSD	0	0
libx11	1.6.7	MIT & MIT-style & BSD	0	0
libxau	1.0.9	MIT-style	0	0
libxcb	1.13.1	MIT	0	0
libxcomposite	0.4.5	MIT-style	0	0
libxcrypt	4.4.2	LGPLv2.1	0	0
libxcursor	1.2.0	MIT-style	0	0
libxdamage	1.1.5	MIT	0	0
libxdmcp	1.1.2	MIT-style	0	0
libxext	1.3.3	MIT-style	0	0
libxfixes	5.0.3	MIT-style	0	0
libxfont2	2.0.3	MIT & MIT-style & BSD	0	0
libxft	2.3.2	MIT	0	0
libxi	1.7.9	MIT & MIT-style	0	0
libxinerama	1.1.4	MIT	0	0
libxkbcommon	0.8.4	MIT & MIT-style	0	0
libxkbfile	1.0.9	MIT-style	0	0
libxmu	1.1.2	MIT & MIT-style	0	0
libxrandr	1.5.1	MIT-style	0	0
libxrender	0.9.10	MIT-style	0	0
libxshmfence	1.3	MIT-style	0	0
libxtst	1.2.3	MIT-style	0	0
libxv	1.0.11	MIT-style	0	0
libxxf86dga	1.1.4	MIT-X	0	0
libxxf86misc	1.0.4	MIT	0	0
libxxf86vm	1.1.4	MIT	0	0
libyaml	0.2.1	MIT	0	0
lzo	2.10	GPLv2+	0	0
matchbox-config-gtk	0.2	GPLv2+	0	0
matchbox-desktop	2.2	GPLv2+ & LGPLv2+	0	0
matchbox-keyboard	0.1.1	LGPLv2.1	0	0
matchbox-panel-2	2.11	GPLv2+	0	0
matchbox-session	0.1	GPLv2	0	0
matchbox-session-sato	0.1	GPLv2.0+	0	0
matchbox-terminal	0.2	GPLv2+	0	0
matchbox-theme-sato	0.2	CC-BY-SA-3.0	0	0
matchbox-wm	1.2.2	GPLv2+	0	0
menu-cache	1.1.0	LGPLv2.1+	0	0
mesa	19.0.8	MIT	0	0
mini-x-session	0.1	GPLv2	0	0
mobile-broadband-provider-info	20190116	PD	0	0
modutils-initscripts	1.0	PD	0	0
mpg123	1.25.10	LGPLv2.1	0	0
mtdev	1.1.5	MIT	0	0
netbase	5.6	GPLv2	0	0
netscape_portable_runtime	4.21	GPL-2.0 \| MPL-2.0 \| LGPL-2.1	0	0
nettle	3.4.1	LGPLv3+ \| GPLv2+	0	0
nfs-export-root	1.0	MIT	0	0
nfs-utils	2.3.3	MIT & GPLv2+ & BSD	0	0
npth	1.6	LGPLv2+	0	0
ofono	1.25	GPLv2	0	0
opkg-utils	0.4.0	GPLv2+	0	0
orc	0.4.28	BSD-2-Clause & BSD-3-Clause	0	0
packagegroup-base	1.0	MIT	0	0
packagegroup-core-boot	1.0	MIT	0	0
packagegroup-core-device-devel	1.0	MIT	0	0
packagegroup-core-nfs	1.0	MIT	0	0
packagegroup-core-ssh-dropbear	1.0	MIT	0	0
packagegroup-core-x11	1.0	MIT	0	0
packagegroup-core-x11-base	1.0	MIT	0	0
packagegroup-core-x11-sato	1.0	MIT	0	0
packagegroup-core-x11-xserver	1.0	MIT	0	0
pciutils	3.6.2	GPLv2+	0	0
pcmanfm	1.3.1	GPLv2 & GPLv2+ & LGPLv2.1+	0	0
perl	5.28.1	Artistic-1.0 \| GPL-1.0+	0	0
pinentry	1.1.0	GPLv2	0	0
pixman	0.38.0	MIT & MIT-style & PD	0	0
pointercal-xinput	0.0	MIT	0	0
popt	1.16	MIT	0	0
psplash	0.1	GPLv2+	0	0
pulseaudio	12.2	LGPLv2.1+ & MIT & BSD-3-Clause	0	0
pulseaudio-client-conf-sato	1	MIT	0	0
puzzles	0.0	MIT	0	0
python3-iniparse	0.4	MIT & PSF	0	0
python3-six	1.12.0	MIT	0	0
readline	8.0	GPLv3+	0	0
rgb	1.0.6	MIT-X	0	0
rpcbind	1.2.5	BSD	0	0
rpm	4.14.2.1	GPL-2.0	0	0
run-postinsts	1.0	MIT	0	0
sato-screenshot	0.3	GPLv2 & GPLv2+	0	0
sbc	1.4	GPLv2+ & LGPLv2.1+	0	0
settings-daemon	0.0.2	MIT-style	0	0
shadow-securetty	4.6	MIT	0	0
shared-mime-info	1.10	GPLv2	0	0
shutdown-desktop	1.0	MIT	0	0
speex	1.2.0	BSD	0	0
speexdsp	1.2rc3	BSD	0	0
startup-notification	0.12	LGPLv2+	0	0
sysvinit	2.88dsf	GPLv2+	0	0
sysvinit-inittab	2.88dsf	GPLv2	0	0
tcp-wrappers	7.6	BSD	0	0
udev-extraconf	1.1	MIT	0	0
update-rc.d	0.8	GPLv2+	0	0
util-linux	2.32.1	GPLv2+ & LGPLv2.1+ & BSD	0	0
v86d	0.1.10	GPLv2	0	0
vte	0.52.2	LGPLv2.1+	0	0
vulkan	1.1.73.0	Apache-2.0	0	0
wayland	1.17.0	MIT	0	0
xauth	1.0.10	MIT-X	0	0
xcb-util	0.4.0	MIT	0	0
xcursor-transparent-theme	0.1.1	GPLv2	0	0
xdpyinfo	1.3.2	MIT-X	0	0
xf86-input-libinput	0.28.2	MIT-X	0	0
xf86-video-cirrus	1.5.3	MIT-X	0	0
xf86-video-fbdev	0.5.0	MIT-X	0	0
xf86-video-vmware	13.3.0	MIT-X	0	0
xhost	1.0.8	MIT-X	0	0
xinit	1.4.1	MIT-X	0	0
xinput	1.6.2	MIT-X	0	0
xinput-calibrator	0.7.5	MIT-X	0	0
xkbcomp	1.4.2	MIT-X	0	0
xkeyboard-config	2.26	MIT & MIT-style	0	0
xmodmap	1.0.10	MIT	0	0
xorg-server	1.20.4	MIT-X	0	0
xrandr	1.5.0	MIT	0	0
xserver-nodm-init	3.0	GPLv2	0	0
xserver-xf86-config	0.1	MIT-X	0	0
xset	1.2.4	MIT	0	0
xz	5.2.4	GPLv2+ & GPL-3.0-with-autoconf-exception & LGPLv2.1+ & PD	0	0
zlib	1.2.11	Zlib	0	0

CVEs

Filters

Package	Version	CVE ID	Status	Attack Vector
avahi	0.7	CVE-2017-6519	Fixed	NETWORK
bash	4.4.18	CVE-2019-18276	Unfixed	LOCAL
binutils	2.32	CVE-2019-17451	Unfixed	NETWORK
binutils	2.32	CVE-2019-12972	Fixed	LOCAL
binutils	2.32	CVE-2019-9075	Fixed	LOCAL
binutils	2.32	CVE-2019-9070	Fixed	LOCAL
binutils	2.32	CVE-2019-14250	Fixed	LOCAL
binutils	2.32	CVE-2019-9072	Unfixed	LOCAL
binutils	2.32	CVE-2019-14444	Fixed	LOCAL
binutils	2.32	CVE-2019-9077	Fixed	LOCAL
binutils	2.32	CVE-2019-9074	Fixed	LOCAL
binutils	2.32	CVE-2019-9073	Unfixed	LOCAL
binutils	2.32	CVE-2019-9071	Fixed	LOCAL
binutils	2.32	CVE-2019-17450	Unfixed	NETWORK
binutils	2.32	CVE-2019-9076	Fixed	LOCAL
bluez5	5.50	CVE-2020-0556	Unfixed	ADJACENT_NETWORK
bluez5	5.50	CVE-2018-10910	Fixed	LOCAL
busybox	1.30.1	CVE-2019-5747	Unfixed	NETWORK
bzip2	1.0.6	CVE-2019-12900	Fixed	NETWORK
bzip2	1.0.6	CVE-2016-3189	Fixed	NETWORK
cairo	1.16.0	CVE-2018-19876	Fixed	NETWORK
cairo	1.16.0	CVE-2017-7475	Fixed	LOCAL
cairo	1.16.0	CVE-2019-6461	Fixed	NETWORK
cairo	1.16.0	CVE-2019-6462	Fixed	NETWORK
curl	7.64.1	CVE-2019-15601	Unfixed	NETWORK
curl	7.64.1	CVE-2019-5436	Fixed	LOCAL
curl	7.64.1	CVE-2019-5481	Unfixed	NETWORK
curl	7.64.1	CVE-2019-5482	Fixed	NETWORK
curl	7.64.1	CVE-2019-5435	Fixed	NETWORK
curl	7.64.1	CVE-2019-5443	Unfixed	LOCAL
db	11.2.5.3.28	CVE-2017-3615	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3613	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3614	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2016-3418	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3605	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3604	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3606	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3607	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2016-0682	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2016-0694	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3610	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2016-0692	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3611	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3612	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3616	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2016-0689	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3617	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3608	Whitelisted	LOCAL
db	11.2.5.3.28	CVE-2017-3609	Whitelisted	LOCAL
dbus	1.12.12	CVE-2019-12749	Unfixed	LOCAL
expat	2.2.6	CVE-2019-15903	Unfixed	NETWORK
expat	2.2.6	CVE-2018-20843	Fixed	NETWORK
file	5.36	CVE-2019-18218	Unfixed	NETWORK
flac	1.3.2	CVE-2017-6888	Fixed	LOCAL
gcc-runtime	8.3.0	CVE-2019-15847	Unfixed	NETWORK
glib-2.0	2.58.3	CVE-2019-13012	Fixed	NETWORK
glib-2.0	2.58.3	CVE-2019-12450	Whitelisted	NETWORK
glibc	2.29	CVE-2020-1751	Unfixed	None
glibc	2.29	CVE-2019-19126	Unfixed	LOCAL
glibc	2.29	CVE-2018-20796	Fixed	NETWORK
glibc	2.29	CVE-2020-1752	Unfixed	None
glibc	2.29	CVE-2019-9169	Fixed	NETWORK
glibc	2.29	CVE-2019-7309	Fixed	LOCAL
glibc	2.29	CVE-2020-10029	Unfixed	LOCAL
glibc	2.29	CVE-2019-9192	Unfixed	NETWORK
gnupg	2.2.13	CVE-2019-13050	Unfixed	NETWORK
gnupg	2.2.13	CVE-2019-14855	Unfixed	None
gstreamer1.0	1.14.4	CVE-2019-9928	Unfixed	NETWORK
libarchive	3.3.3	CVE-2018-1000879	Fixed	NETWORK
libarchive	3.3.3	CVE-2019-1000020	Fixed	NETWORK
libarchive	3.3.3	CVE-2018-1000880	Fixed	NETWORK
libarchive	3.3.3	CVE-2019-18408	Unfixed	NETWORK
libarchive	3.3.3	CVE-2018-1000878	Fixed	NETWORK
libarchive	3.3.3	CVE-2019-1000019	Fixed	NETWORK
libarchive	3.3.3	CVE-2018-1000877	Fixed	NETWORK
libcroco	0.6.12	CVE-2017-8834	Unfixed	NETWORK
libcroco	0.6.12	CVE-2017-8871	Unfixed	NETWORK
libcroco	0.6.12	CVE-2017-7961	Fixed	LOCAL
libcroco	0.6.12	CVE-2017-7960	Fixed	LOCAL
libexif	0.6.21	CVE-2018-20030	Fixed	NETWORK
libexif	0.6.21	CVE-2017-7544	Fixed	NETWORK
libgcrypt	1.8.4	CVE-2019-13627	Unfixed	NETWORK
libgcrypt	1.8.4	CVE-2019-12904	Unfixed	NETWORK
libice	1.0.9	CVE-2017-2626	Fixed	LOCAL
libidn2	2.0.5	CVE-2019-12290	Unfixed	NETWORK
libidn2	2.0.5	CVE-2019-18224	Unfixed	NETWORK
libjpeg-turbo	2.0.2	CVE-2019-13960	Unfixed	LOCAL
libpcre	8.43	CVE-2017-11164	Unfixed	NETWORK
libpcre2	10.32	CVE-2019-20454	Unfixed	NETWORK
libpng	1.6.36	CVE-2019-7317	Fixed	NETWORK
libpng	1.6.36	CVE-2019-6129	Unfixed	NETWORK
librsvg	2.40.20	CVE-2018-1000041	Unfixed	NETWORK
librsvg	2.40.20	CVE-2019-20446	Unfixed	NETWORK
libsndfile1	1.0.28	CVE-2017-8365	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2018-19432	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2017-8361	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2017-8362	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2017-8363	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2017-14634	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2017-12562	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2017-14245	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2017-14246	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2017-6892	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2018-19758	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2018-19662	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2018-19661	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2018-13139	Fixed	NETWORK
libsndfile1	1.0.28	CVE-2019-3832	Fixed	LOCAL
libsolv	0.7.3	CVE-2019-20387	Unfixed	NETWORK
libvorbis	1.3.6	CVE-2018-10393	Fixed	NETWORK
libvorbis	1.3.6	CVE-2018-10392	Fixed	NETWORK
libvorbis	1.3.6	CVE-2017-14160	Fixed	NETWORK
libxml2	2.9.8	CVE-2017-8872	Fixed	NETWORK
libxml2	2.9.8	CVE-2019-19956	Unfixed	NETWORK
libxml2	2.9.8	CVE-2018-14404	Fixed	NETWORK
libxml2	2.9.8	CVE-2018-9251	Fixed	NETWORK
libxml2	2.9.8	CVE-2018-14567	Fixed	NETWORK
linux-yocto	5.0.19	CVE-2019-19966	Unfixed	PHYSICAL
linux-yocto	5.0.19	CVE-2019-14899	Unfixed	ADJACENT_NETWORK
linux-yocto	5.0.19	CVE-2019-19524	Unfixed	PHYSICAL
linux-yocto	5.0.19	CVE-2019-16746	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-5108	Unfixed	ADJACENT_NETWORK
linux-yocto	5.0.19	CVE-2019-19055	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-19058	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-13272	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-19527	Unfixed	PHYSICAL
linux-yocto	5.0.19	CVE-2019-19059	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-19252	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-11477	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-11479	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-11478	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-19462	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-3874	Unfixed	ADJACENT_NETWORK
linux-yocto	5.0.19	CVE-2019-18885	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-16089	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-19072	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-18282	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-18814	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-13233	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-15215	Unfixed	PHYSICAL
linux-yocto	5.0.19	CVE-2019-15118	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-19922	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-19767	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-19769	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-12817	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-15117	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-19082	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-16234	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-17133	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-19768	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2019-15902	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2020-8428	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-16229	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2020-8649	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2020-8648	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2020-8647	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-12380	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-10220	Unfixed	NETWORK
linux-yocto	5.0.19	CVE-2020-7053	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2020-1749	Unfixed	None
linux-yocto	5.0.19	CVE-2020-9383	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-19037	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-19036	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2020-8832	Unfixed	None
linux-yocto	5.0.19	CVE-2019-19532	Unfixed	PHYSICAL
linux-yocto	5.0.19	CVE-2019-19537	Unfixed	PHYSICAL
linux-yocto	5.0.19	CVE-2019-14284	Unfixed	LOCAL
linux-yocto	5.0.19	CVE-2019-14283	Unfixed	PHYSICAL
linux-yocto	5.0.19	CVE-2019-10638	Unfixed	NETWORK
ncurses	6.1.20181013	CVE-2019-17594	Unfixed	LOCAL
ncurses	6.1.20181013	CVE-2019-17595	Unfixed	NETWORK
nss	3.42.1	CVE-2019-17006	Unfixed	None
nss	3.42.1	CVE-2019-17007	Unfixed	None
openssl	1.1.1b	CVE-2019-1547	Unfixed	LOCAL
openssl	1.1.1b	CVE-2019-1563	Unfixed	NETWORK
openssl	1.1.1b	CVE-2019-1552	Unfixed	LOCAL
openssl	1.1.1b	CVE-2019-1549	Unfixed	NETWORK
openssl	1.1.1b	CVE-2019-1543	Fixed	NETWORK
openssl	1.1.1b	CVE-2019-1551	Unfixed	NETWORK
pango	1.42.4	CVE-2019-1010238	Fixed	NETWORK
python3	3.7.4	CVE-2020-8492	Unfixed	NETWORK
python3	3.7.4	CVE-2020-8315	Unfixed	LOCAL
python3	3.7.4	CVE-2019-16056	Unfixed	NETWORK
python3	3.7.4	CVE-2019-16935	Unfixed	NETWORK
python3	3.7.4	CVE-2019-18348	Unfixed	NETWORK
shadow	4.6	CVE-2013-4235	Unfixed	LOCAL
sqlite3	3.27.2	CVE-2019-8457	Unfixed	NETWORK
sqlite3	3.27.2	CVE-2019-16168	Unfixed	NETWORK
sqlite3	3.27.2	CVE-2019-9936	Fixed	NETWORK
sqlite3	3.27.2	CVE-2019-9937	Fixed	NETWORK
sqlite3	3.27.2	CVE-2019-5018	Unfixed	NETWORK
sqlite3	3.27.2	CVE-2019-19645	Unfixed	LOCAL
sudo	1.8.27	CVE-2019-19234	Unfixed	NETWORK
sudo	1.8.27	CVE-2019-19232	Unfixed	NETWORK
sudo	1.8.27	CVE-2019-14287	Unfixed	NETWORK
taglib	1.11.1	CVE-2017-12678	Fixed	NETWORK
taglib	1.11.1	CVE-2018-11439	Fixed	NETWORK
wpa-supplicant	2.7	CVE-2019-11555	Fixed	NETWORK
wpa-supplicant	2.7	CVE-2019-9499	Fixed	NETWORK
wpa-supplicant	2.7	CVE-2019-9498	Fixed	NETWORK
wpa-supplicant	2.7	CVE-2019-16275	Unfixed	ADJACENT_NETWORK
wpa-supplicant	2.7	CVE-2019-9497	Fixed	NETWORK
wpa-supplicant	2.7	CVE-2019-9496	Fixed	NETWORK
wpa-supplicant	2.7	CVE-2019-9495	Fixed	NETWORK
wpa-supplicant	2.7	CVE-2019-9494	Fixed	NETWORK

NOTES:
– CVSS columns highlighted in red have a high (7.0+) or critical (9.0+) CVSSv3 base score.
– Whitelisted packages or CVEs have been explicitly ignored by the build configuration.
– Toolchain packages may also be present in the root filesystem in some cases (such as when building on the target device is supported by the image).
– Notes and whitelist are applied to all reports in this product that contain the same CVE entry.

About the Vigiles CVE Dashboard

What is this page?

The Vigiles CVE Dashboard shows you all the CVEs affecting a specific manifest at the time the scan was performed. It allows you to filter, whitelist, and make notes about individual CVEs. You can also export the data, and download the manifest from this page.
What is the Summary section, and what can I do with it?

Located at the top of the dashboard, the summary gives you an “at-a-glance” view of the number of CVEs in the scan results, and breaks the CVE counts down by status and severity. You can click the labels in each chart's legend to toggle what information is displayed.
How can I learn more about a CVE?

For more details about any CVE, simply click on the associated CVE ID in the CVEs table to be directed to more information about the vulnerability.

Want to learn more about Timesys Vigiles Security Monitoring and Notification?

VIEW VIGILES OPTIONS

Copyright © 2020 Timesys Corporation. All Rights Reserved. Privacy Policy | Cookie Policy | Eula | Terms of Service | Terms of Sale
Yocto Project and all related marks and logos are registered trademarks of The Linux Foundation. This website is not, in any way, endorsed by the Yocto Project or The Linux Foundation.