Timesys Vigiles: Real-time security vulnerability monitoring for more secure products

With the increasing rate of security vulnerabilities (CVEs) and the unpredictability of discoveries, the manual process of keeping up with the newly discovered CVEs for your device software is not feasible. Timesys helps reduce the time and costs associated with maintaining software security through its automated Vigiles Security Monitoring and Notification Service.

LEARN HOW VIGILES WORKS COMPARE VIGILES VERSIONS START TODAY FOR FREE

Demo Notice

This is a sample version of a real Vigiles CVE Dashboard. Here you can get a feel for the dashboard, but you can not make any changes. To learn more read the FAQ below.

If you already have a LinuxLink account, log in to see your personal dashboard.

Yocto Manifest
Description: Demo
Image: core-image-sato
Machine: qemux86
Distro: warrior (2.7.1)
Scan performed: 03/18/20 07:36 PM UTC

BSP Lifecycle Maintenance

Kernel patches are included in our BSP Lifecycle Maintenance service.

The Timesys BSP Lifecycle Maintenance and Timesys TRST teams have the expertise to maintain the security of your BSP, on your custom hardware, allowing your team to focus on improving products to expand your customer base.

Learn More

NOTE: The owner of this report has applied filters.

Minimum CVSS base score: 0.0
Include CVEs with no CVSS data: False
Kernel config based filtering: on

Summary

112

Unfixed

60

User space

52

Kernel
73

Fixed

73

User space

0

Kernel
57

High/Critical CVSS (Unfixed)

28

User space

29

Kernel

Unfixed CVE Count by Severity

Packages with Known CVEs

Packages

Show Unfixed Only

Package	Version	License	Fixed	Whitelisted
avahi	0.7	GPLv2+ & LGPLv2.1+	1	0
bash	4.4.18	GPLv3+	0	0
binutils	2.32	GPLv3	9	0
bluez5	5.50	GPLv2+ & LGPLv2.1+	1	0
busybox	1.30.1	GPLv2 & bzip2	0	0
bzip2	1.0.6	bzip2	2	0
cairo	1.16.0	MPL-1 & LGPLv2.1 & GPLv3+	4	0
curl	7.64.1	MIT	3	0
db	11.2.5.3.28	Sleepycat	0	19
dbus	1.12.12	AFL-2 \| GPLv2+	0	0
expat	2.2.6	MIT	1	0
file	5.36	BSD	0	0
flac	1.3.2	GFDL-1.2 & GPLv2+ & LGPLv2.1+ & BSD	1	0
gcc-runtime	8.3.0	GPL-3.0-with-GCC-exception	0	0
glib-2.0	2.58.3	LGPLv2.1+ & BSD & PD	1	1
glibc	2.29	GPLv2 & LGPLv2.1	3	0
gnupg	2.2.13	GPLv3 & LGPLv3	0	0
gstreamer1.0	1.14.4	LGPLv2+	0	0
libarchive	3.3.3	BSD	6	0
libcroco	0.6.12	LGPLv2 & LGPLv2.1	2	0
libexif	0.6.21	LGPLv2.1	2	0
libgcrypt	1.8.4	GPLv2+ & LGPLv2.1+ & GPLv3+	0	0
libice	1.0.9	MIT-style	1	0
libidn2	2.0.5	(GPLv2+ \| LGPLv3) & GPLv3+	0	0
libjpeg-turbo	2.0.2	BSD-3-Clause	0	0
libpcre	8.43	BSD	0	0
libpcre2	10.32	BSD	0	0
libpng	1.6.36	Libpng	1	0
librsvg	2.40.20	LGPLv2+	0	0
libsndfile1	1.0.28	LGPLv2.1	15	0
libsolv	0.7.3	BSD-3-Clause	0	0
libvorbis	1.3.6	BSD	3	0
libxml2	2.9.8	MIT	4	0
linux-yocto	5.0.19	GPLv2	0	0
ncurses	6.1.20181013	MIT	0	0
nss	3.42.1	MPL-2.0 \| (MPL-2.0 & GPL-2.0+) \| (MPL-2.0 & LGPL-2.1+)	0	0
openssl	1.1.1b	openssl	1	0
pango	1.42.4	LGPLv2.0+	1	0
python3	3.7.4	PSFv2	0	0
shadow	4.6	BSD \| Artistic-1.0	0	0
sqlite3	3.27.2	PD	2	0
sudo	1.8.27	ISC & BSD & Zlib	0	0
taglib	1.11.1	LGPLv2.1 \| MPL-1	2	0
wpa-supplicant	2.7	BSD	7	0
acl	2.2.52	LGPLv2.1+ & GPLv2+	0	0
adwaita-icon-theme	3.30.1	LGPL-3.0 \| CC-BY-SA-3.0	0	0
alsa-lib	1.1.8	LGPLv2.1 & GPLv2+	0	0
alsa-plugins	1.1.8	LGPLv2.1 & GPLv2+	0	0
alsa-state	0.2.0	MIT	0	0
alsa-utils	1.1.8	GPLv2+	0	0
at-spi2-atk	2.30.0	LGPLv2	0	0
at-spi2-core	2.30.0	LGPLv2	0	0
atk	2.30.0	GPLv2+ & LGPLv2+	0	0
attr	2.4.47	LGPLv2.1+ & GPLv2+	0	0
base-files	3.0.14	GPLv2	0	0
base-passwd	3.5.29	GPLv2+	0	0
ca-certificates	20190110	GPL-2.0+ & MPL-2.0	0	0
connman	1.36	GPLv2	0	0
connman-conf	1.0	GPLv2	0	0
connman-gnome	0.7	GPLv2 & LGPLv2.1	0	0
consolekit	0.4.6	GPLv2+	0	0
dbus-glib	0.110	AFL-2 \| GPLv2+	0	0
dbus-wait	0.1	GPLv2	0	0
distcc	3.3.2	GPLv2	0	0
distcc-config	1.0	MIT	0	0
dnf	4.1.0	GPLv2	0	0
dropbear_ssh	2019.78	MIT & BSD-3-Clause & BSD-2-Clause & PD	0	0
elfutils	0.176	GPLv2 & LGPLv3+ & GPLv3+	0	0
eudev	3.2.7	GPLv2.0+ & LGPL-2.1+	0	0
fontconfig	2.12.6	MIT-style & MIT & PD	0	0
formfactor	0.0	MIT	0	0
freetype	2.9.1	FreeType \| GPLv2+	0	0
gconf	3.2.6	LGPLv2+	0	0
gdk-pixbuf	2.38.0	LGPLv2.1	0	0
glib-networking	2.60.1	LGPLv2.1	0	0
gmp	6.1.2	GPLv2+ \| LGPLv3+	0	0
gnu_fribidi	1.0.5	LGPLv2.1+	0	0
gnutls	3.6.7	GPLv3+ & LGPLv2.1+	0	0
gpgme	1.12.0	GPLv2+ & LGPLv2.1+	0	0
gst-examples	0.0.1	LGPL-2.0+	0	0
gstreamer1.0-plugins-bad	1.14.4	GPLv2+ & LGPLv2+ & LGPLv2.1+	0	0
gstreamer1.0-plugins-base	1.14.4	GPLv2+ & LGPLv2+	0	0
gstreamer1.0-plugins-good	1.14.4	GPLv2+ & LGPLv2.1+	0	0
gtk+3	3.24.5	LGPLv2 & LGPLv2+ & LGPLv2.1+	0	0
harfbuzz	2.3.1	MIT	0	0
hicolor-icon-theme	0.17	GPLv2	0	0
init-ifupdown	1.0	GPLv2	0	0
initscripts	1.0	GPLv2	0	0
iptables	1.6.2	GPLv2+	0	0
iw	4.14	BSD	0	0
json-c	0.13.1	MIT	0	0
kmod	26	GPL-2.0+ & LGPL-2.1+	0	0
l3afpad	0.8.18.1.11	GPLv2+	0	0
lame	3.100	LGPLv2+	0	0
libassuan	2.5.3	GPLv3+ & LGPLv2.1+	0	0
libcap	2.26	BSD \| GPLv2	0	0
libcomps	0.1.10	GPLv2	0	0
libdaemon	0.14	LGPLv2.1+	0	0
libdmx	1.1.4	MIT	0	0
libdnf	0.26.0	LGPLv2.1	0	0
libdrm	2.4.97	MIT	0	0
libepoxy	1.5.3	MIT	0	0
liberation-fonts	2.00.1	OFL-1.1	0	0
libevdev	1.6.0	MIT-X	0	0
libfakekey	0.3	LGPLv2+	0	0
libffi	3.2.1	MIT	0	0
libfm	1.3.1	GPLv2+ & LGPLv2+	0	0
libfm-extra	1.3.1	LGPLv2+	0	0
libfontenc	1.1.4	MIT	0	0
libgpg-error	1.35	GPLv2+ & LGPLv2.1+	0	0
libgudev	232	LGPLv2.1	0	0
libinput	1.12.6	MIT	0	0
libksba	1.3.5	GPLv2+ \| LGPLv3+ \| GPLv3+	0	0
libmatchbox	1.12	LGPLv2+ & MIT	0	0
libmodulemd	2.1.0	MIT	0	0
libnl	3.4.0	LGPLv2.1	0	0
libnsl2	1.2.0	LGPL-2.1	0	0
libnss-mdns	0.10	LGPLv2.1+	0	0
libogg	1.3.3	BSD	0	0
libpciaccess	0.14	MIT & MIT-style	0	0
libpsl	0.20.2	MIT	0	0
librepo	1.9.4	LGPLv2.1	0	0
libsm	1.2.3	MIT-style	0	0
libsoup-2.4	2.64.2	LGPLv2	0	0
libtheora	1.1.1	BSD	0	0
libtirpc	1.0.3	BSD	0	0
libtool	2.4.6	GPLv2 & LGPLv2.1	0	0
libunistring	0.9.10	LGPLv3+ \| GPLv2	0	0
libusb1	1.0.22	LGPLv2.1+	0	0
libwebp	1.0.2	BSD	0	0
libx11	1.6.7	MIT & MIT-style & BSD	0	0
libxau	1.0.9	MIT-style	0	0
libxcb	1.13.1	MIT	0	0
libxcomposite	0.4.5	MIT-style	0	0
libxcrypt	4.4.2	LGPLv2.1	0	0
libxcursor	1.2.0	MIT-style	0	0
libxdamage	1.1.5	MIT	0	0
libxdmcp	1.1.2	MIT-style	0	0
libxext	1.3.3	MIT-style	0	0
libxfixes	5.0.3	MIT-style	0	0
libxfont2	2.0.3	MIT & MIT-style & BSD	0	0
libxft	2.3.2	MIT	0	0
libxi	1.7.9	MIT & MIT-style	0	0
libxinerama	1.1.4	MIT	0	0
libxkbcommon	0.8.4	MIT & MIT-style	0	0
libxkbfile	1.0.9	MIT-style	0	0
libxmu	1.1.2	MIT & MIT-style	0	0
libxrandr	1.5.1	MIT-style	0	0
libxrender	0.9.10	MIT-style	0	0
libxshmfence	1.3	MIT-style	0	0
libxtst	1.2.3	MIT-style	0	0
libxv	1.0.11	MIT-style	0	0
libxxf86dga	1.1.4	MIT-X	0	0
libxxf86misc	1.0.4	MIT	0	0
libxxf86vm	1.1.4	MIT	0	0
libyaml	0.2.1	MIT	0	0
lzo	2.10	GPLv2+	0	0
matchbox-config-gtk	0.2	GPLv2+	0	0
matchbox-desktop	2.2	GPLv2+ & LGPLv2+	0	0
matchbox-keyboard	0.1.1	LGPLv2.1	0	0
matchbox-panel-2	2.11	GPLv2+	0	0
matchbox-session	0.1	GPLv2	0	0
matchbox-session-sato	0.1	GPLv2.0+	0	0
matchbox-terminal	0.2	GPLv2+	0	0
matchbox-theme-sato	0.2	CC-BY-SA-3.0	0	0
matchbox-wm	1.2.2	GPLv2+	0	0
menu-cache	1.1.0	LGPLv2.1+	0	0
mesa	19.0.8	MIT	0	0
mini-x-session	0.1	GPLv2	0	0
mobile-broadband-provider-info	20190116	PD	0	0
modutils-initscripts	1.0	PD	0	0
mpg123	1.25.10	LGPLv2.1	0	0
mtdev	1.1.5	MIT	0	0
netbase	5.6	GPLv2	0	0
netscape_portable_runtime	4.21	GPL-2.0 \| MPL-2.0 \| LGPL-2.1	0	0
nettle	3.4.1	LGPLv3+ \| GPLv2+	0	0
nfs-export-root	1.0	MIT	0	0
nfs-utils	2.3.3	MIT & GPLv2+ & BSD	0	0
npth	1.6	LGPLv2+	0	0
ofono	1.25	GPLv2	0	0
opkg-utils	0.4.0	GPLv2+	0	0
orc	0.4.28	BSD-2-Clause & BSD-3-Clause	0	0
packagegroup-base	1.0	MIT	0	0
packagegroup-core-boot	1.0	MIT	0	0
packagegroup-core-device-devel	1.0	MIT	0	0
packagegroup-core-nfs	1.0	MIT	0	0
packagegroup-core-ssh-dropbear	1.0	MIT	0	0
packagegroup-core-x11	1.0	MIT	0	0
packagegroup-core-x11-base	1.0	MIT	0	0
packagegroup-core-x11-sato	1.0	MIT	0	0
packagegroup-core-x11-xserver	1.0	MIT	0	0
pciutils	3.6.2	GPLv2+	0	0
pcmanfm	1.3.1	GPLv2 & GPLv2+ & LGPLv2.1+	0	0
perl	5.28.1	Artistic-1.0 \| GPL-1.0+	0	0
pinentry	1.1.0	GPLv2	0	0
pixman	0.38.0	MIT & MIT-style & PD	0	0
pointercal-xinput	0.0	MIT	0	0
popt	1.16	MIT	0	0
psplash	0.1	GPLv2+	0	0
pulseaudio	12.2	LGPLv2.1+ & MIT & BSD-3-Clause	0	0
pulseaudio-client-conf-sato	1	MIT	0	0
puzzles	0.0	MIT	0	0
python3-iniparse	0.4	MIT & PSF	0	0
python3-six	1.12.0	MIT	0	0
readline	8.0	GPLv3+	0	0
rgb	1.0.6	MIT-X	0	0
rpcbind	1.2.5	BSD	0	0
rpm	4.14.2.1	GPL-2.0	0	0
run-postinsts	1.0	MIT	0	0
sato-screenshot	0.3	GPLv2 & GPLv2+	0	0
sbc	1.4	GPLv2+ & LGPLv2.1+	0	0
settings-daemon	0.0.2	MIT-style	0	0
shadow-securetty	4.6	MIT	0	0
shared-mime-info	1.10	GPLv2	0	0
shutdown-desktop	1.0	MIT	0	0
speex	1.2.0	BSD	0	0
speexdsp	1.2rc3	BSD	0	0
startup-notification	0.12	LGPLv2+	0	0
sysvinit	2.88dsf	GPLv2+	0	0
sysvinit-inittab	2.88dsf	GPLv2	0	0
tcp-wrappers	7.6	BSD	0	0
udev-extraconf	1.1	MIT	0	0
update-rc.d	0.8	GPLv2+	0	0
util-linux	2.32.1	GPLv2+ & LGPLv2.1+ & BSD	0	0
v86d	0.1.10	GPLv2	0	0
vte	0.52.2	LGPLv2.1+	0	0
vulkan	1.1.73.0	Apache-2.0	0	0
wayland	1.17.0	MIT	0	0
xauth	1.0.10	MIT-X	0	0
xcb-util	0.4.0	MIT	0	0
xcursor-transparent-theme	0.1.1	GPLv2	0	0
xdpyinfo	1.3.2	MIT-X	0	0
xf86-input-libinput	0.28.2	MIT-X	0	0
xf86-video-cirrus	1.5.3	MIT-X	0	0
xf86-video-fbdev	0.5.0	MIT-X	0	0
xf86-video-vmware	13.3.0	MIT-X	0	0
xhost	1.0.8	MIT-X	0	0
xinit	1.4.1	MIT-X	0	0
xinput	1.6.2	MIT-X	0	0
xinput-calibrator	0.7.5	MIT-X	0	0
xkbcomp	1.4.2	MIT-X	0	0
xkeyboard-config	2.26	MIT & MIT-style	0	0
xmodmap	1.0.10	MIT	0	0
xorg-server	1.20.4	MIT-X	0	0
xrandr	1.5.0	MIT	0	0
xserver-nodm-init	3.0	GPLv2	0	0
xserver-xf86-config	0.1	MIT-X	0	0
xset	1.2.4	MIT	0	0
xz	5.2.4	GPLv2+ & GPL-3.0-with-autoconf-exception & LGPLv2.1+ & PD	0	0
zlib	1.2.11	Zlib	0	0

CVEs

Filters

Package	Version	CVE ID	Status	CVSSv3	Attack Vector
avahi	0.7	CVE-2017-6519	Fixed	9.1	NETWORK
bash	4.4.18	CVE-2019-18276	Unfixed	7.8	LOCAL
binutils	2.32	CVE-2019-17451	Unfixed	6.5	NETWORK
binutils	2.32	CVE-2019-12972	Fixed	5.5	LOCAL
binutils	2.32	CVE-2019-9075	Fixed	7.8	LOCAL
binutils	2.32	CVE-2019-9070	Fixed	7.8	LOCAL
binutils	2.32	CVE-2019-14250	Fixed	5.5	LOCAL
binutils	2.32	CVE-2019-9072	Unfixed	5.5	LOCAL
binutils	2.32	CVE-2019-14444	Fixed	5.5	LOCAL
binutils	2.32	CVE-2019-9077	Fixed	7.8	LOCAL
binutils	2.32	CVE-2019-9074	Fixed	5.5	LOCAL
binutils	2.32	CVE-2019-9073	Unfixed	5.5	LOCAL
binutils	2.32	CVE-2019-9071	Fixed	5.5	LOCAL
binutils	2.32	CVE-2019-17450	Unfixed	6.5	NETWORK
binutils	2.32	CVE-2019-9076	Fixed	5.5	LOCAL
bluez5	5.50	CVE-2020-0556	Unfixed	8.8	ADJACENT_NETWORK
bluez5	5.50	CVE-2018-10910	Fixed	3.3	LOCAL
busybox	1.30.1	CVE-2019-5747	Unfixed	7.5	NETWORK
bzip2	1.0.6	CVE-2019-12900	Fixed	9.8	NETWORK
bzip2	1.0.6	CVE-2016-3189	Fixed	6.5	NETWORK
cairo	1.16.0	CVE-2018-19876	Fixed	6.5	NETWORK
cairo	1.16.0	CVE-2017-7475	Fixed	5.5	LOCAL
cairo	1.16.0	CVE-2019-6461	Fixed	6.5	NETWORK
cairo	1.16.0	CVE-2019-6462	Fixed	6.5	NETWORK
curl	7.64.1	CVE-2019-15601	Unfixed	7.5	NETWORK
curl	7.64.1	CVE-2019-5436	Fixed	7.8	LOCAL
curl	7.64.1	CVE-2019-5481	Unfixed	9.8	NETWORK
curl	7.64.1	CVE-2019-5482	Fixed	9.8	NETWORK
curl	7.64.1	CVE-2019-5435	Fixed	3.7	NETWORK
curl	7.64.1	CVE-2019-5443	Unfixed	7.8	LOCAL
db	11.2.5.3.28	CVE-2017-3615	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2017-3613	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2017-3614	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2016-3418	Whitelisted	7.8	LOCAL
db	11.2.5.3.28	CVE-2017-3605	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2017-3604	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2017-3606	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2017-3607	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2016-0682	Whitelisted	7.8	LOCAL
db	11.2.5.3.28	CVE-2016-0694	Whitelisted	7.8	LOCAL
db	11.2.5.3.28	CVE-2017-3610	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2016-0692	Whitelisted	7.8	LOCAL
db	11.2.5.3.28	CVE-2017-3611	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2017-3612	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2017-3616	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2016-0689	Whitelisted	7.8	LOCAL
db	11.2.5.3.28	CVE-2017-3617	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2017-3608	Whitelisted	7	LOCAL
db	11.2.5.3.28	CVE-2017-3609	Whitelisted	7	LOCAL
dbus	1.12.12	CVE-2019-12749	Unfixed	7.1	LOCAL
expat	2.2.6	CVE-2019-15903	Unfixed	7.5	NETWORK
expat	2.2.6	CVE-2018-20843	Fixed	7.5	NETWORK
file	5.36	CVE-2019-18218	Unfixed	9.8	NETWORK
flac	1.3.2	CVE-2017-6888	Fixed	5.5	LOCAL
gcc-runtime	8.3.0	CVE-2019-15847	Unfixed	7.5	NETWORK
glib-2.0	2.58.3	CVE-2019-13012	Fixed	7.5	NETWORK
glib-2.0	2.58.3	CVE-2019-12450	Whitelisted	9.8	NETWORK
glibc	2.29	CVE-2020-1751	Unfixed	None	None
glibc	2.29	CVE-2019-19126	Unfixed	3.3	LOCAL
glibc	2.29	CVE-2018-20796	Fixed	7.5	NETWORK
glibc	2.29	CVE-2020-1752	Unfixed	None	None
glibc	2.29	CVE-2019-9169	Fixed	9.8	NETWORK
glibc	2.29	CVE-2019-7309	Fixed	5.5	LOCAL
glibc	2.29	CVE-2020-10029	Unfixed	5.5	LOCAL
glibc	2.29	CVE-2019-9192	Unfixed	7.5	NETWORK
gnupg	2.2.13	CVE-2019-13050	Unfixed	7.5	NETWORK
gnupg	2.2.13	CVE-2019-14855	Unfixed	None	None
gstreamer1.0	1.14.4	CVE-2019-9928	Unfixed	8.8	NETWORK
libarchive	3.3.3	CVE-2018-1000879	Fixed	6.5	NETWORK
libarchive	3.3.3	CVE-2019-1000020	Fixed	6.5	NETWORK
libarchive	3.3.3	CVE-2018-1000880	Fixed	6.5	NETWORK
libarchive	3.3.3	CVE-2019-18408	Unfixed	7.5	NETWORK
libarchive	3.3.3	CVE-2018-1000878	Fixed	8.8	NETWORK
libarchive	3.3.3	CVE-2019-1000019	Fixed	6.5	NETWORK
libarchive	3.3.3	CVE-2018-1000877	Fixed	8.8	NETWORK
libcroco	0.6.12	CVE-2017-8834	Unfixed	6.5	NETWORK
libcroco	0.6.12	CVE-2017-8871	Unfixed	6.5	NETWORK
libcroco	0.6.12	CVE-2017-7961	Fixed	7.8	LOCAL
libcroco	0.6.12	CVE-2017-7960	Fixed	5.5	LOCAL
libexif	0.6.21	CVE-2018-20030	Fixed	7.5	NETWORK
libexif	0.6.21	CVE-2017-7544	Fixed	9.1	NETWORK
libgcrypt	1.8.4	CVE-2019-13627	Unfixed	8.1	NETWORK
libgcrypt	1.8.4	CVE-2019-12904	Unfixed	5.9	NETWORK
libice	1.0.9	CVE-2017-2626	Fixed	5.5	LOCAL
libidn2	2.0.5	CVE-2019-12290	Unfixed	7.5	NETWORK
libidn2	2.0.5	CVE-2019-18224	Unfixed	9.8	NETWORK
libjpeg-turbo	2.0.2	CVE-2019-13960	Unfixed	5.5	LOCAL
libpcre	8.43	CVE-2017-11164	Unfixed	7.5	NETWORK
libpcre2	10.32	CVE-2019-20454	Unfixed	7.5	NETWORK
libpng	1.6.36	CVE-2019-7317	Fixed	5.3	NETWORK
libpng	1.6.36	CVE-2019-6129	Unfixed	6.5	NETWORK
librsvg	2.40.20	CVE-2018-1000041	Unfixed	8.8	NETWORK
librsvg	2.40.20	CVE-2019-20446	Unfixed	6.5	NETWORK
libsndfile1	1.0.28	CVE-2017-8365	Fixed	6.5	NETWORK
libsndfile1	1.0.28	CVE-2018-19432	Fixed	6.5	NETWORK
libsndfile1	1.0.28	CVE-2017-8361	Fixed	8.8	NETWORK
libsndfile1	1.0.28	CVE-2017-8362	Fixed	6.5	NETWORK
libsndfile1	1.0.28	CVE-2017-8363	Fixed	6.5	NETWORK
libsndfile1	1.0.28	CVE-2017-14634	Fixed	6.5	NETWORK
libsndfile1	1.0.28	CVE-2017-12562	Fixed	9.8	NETWORK
libsndfile1	1.0.28	CVE-2017-14245	Fixed	8.1	NETWORK
libsndfile1	1.0.28	CVE-2017-14246	Fixed	8.1	NETWORK
libsndfile1	1.0.28	CVE-2017-6892	Fixed	8.8	NETWORK
libsndfile1	1.0.28	CVE-2018-19758	Fixed	6.5	NETWORK
libsndfile1	1.0.28	CVE-2018-19662	Fixed	8.1	NETWORK
libsndfile1	1.0.28	CVE-2018-19661	Fixed	6.5	NETWORK
libsndfile1	1.0.28	CVE-2018-13139	Fixed	8.8	NETWORK
libsndfile1	1.0.28	CVE-2019-3832	Fixed	5	LOCAL
libsolv	0.7.3	CVE-2019-20387	Unfixed	7.5	NETWORK
libvorbis	1.3.6	CVE-2018-10393	Fixed	7.5	NETWORK
libvorbis	1.3.6	CVE-2018-10392	Fixed	8.8	NETWORK
libvorbis	1.3.6	CVE-2017-14160	Fixed	8.8	NETWORK
libxml2	2.9.8	CVE-2017-8872	Fixed	9.1	NETWORK
libxml2	2.9.8	CVE-2019-19956	Unfixed	7.5	NETWORK
libxml2	2.9.8	CVE-2018-14404	Fixed	7.5	NETWORK
libxml2	2.9.8	CVE-2018-9251	Fixed	5.3	NETWORK
libxml2	2.9.8	CVE-2018-14567	Fixed	6.5	NETWORK
linux-yocto	5.0.19	CVE-2019-19966	Unfixed	4.3	PHYSICAL
linux-yocto	5.0.19	CVE-2019-14899	Unfixed	7.4	ADJACENT_NETWORK
linux-yocto	5.0.19	CVE-2019-19524	Unfixed	4.6	PHYSICAL
linux-yocto	5.0.19	CVE-2019-16746	Unfixed	9.8	NETWORK
linux-yocto	5.0.19	CVE-2019-5108	Unfixed	6.5	ADJACENT_NETWORK
linux-yocto	5.0.19	CVE-2019-19055	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-19058	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-13272	Unfixed	7.8	LOCAL
linux-yocto	5.0.19	CVE-2019-19527	Unfixed	6.8	PHYSICAL
linux-yocto	5.0.19	CVE-2019-19059	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-19252	Unfixed	7.8	LOCAL
linux-yocto	5.0.19	CVE-2019-11477	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-11479	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-11478	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-19462	Unfixed	5.5	LOCAL
linux-yocto	5.0.19	CVE-2019-3874	Unfixed	6.5	ADJACENT_NETWORK
linux-yocto	5.0.19	CVE-2019-18885	Unfixed	5.5	LOCAL
linux-yocto	5.0.19	CVE-2019-16089	Unfixed	9.8	NETWORK
linux-yocto	5.0.19	CVE-2019-19072	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-18282	Unfixed	5.3	NETWORK
linux-yocto	5.0.19	CVE-2019-18814	Unfixed	9.8	NETWORK
linux-yocto	5.0.19	CVE-2019-13233	Unfixed	7	LOCAL
linux-yocto	5.0.19	CVE-2019-15215	Unfixed	4.6	PHYSICAL
linux-yocto	5.0.19	CVE-2019-15118	Unfixed	5.5	LOCAL
linux-yocto	5.0.19	CVE-2019-19922	Unfixed	5.5	LOCAL
linux-yocto	5.0.19	CVE-2019-19767	Unfixed	5.5	LOCAL
linux-yocto	5.0.19	CVE-2019-19769	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-12817	Unfixed	7	LOCAL
linux-yocto	5.0.19	CVE-2019-15117	Unfixed	7.8	LOCAL
linux-yocto	5.0.19	CVE-2019-19082	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-16234	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-17133	Unfixed	9.8	NETWORK
linux-yocto	5.0.19	CVE-2019-19768	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2019-15902	Unfixed	5.6	LOCAL
linux-yocto	5.0.19	CVE-2020-8428	Unfixed	7.1	LOCAL
linux-yocto	5.0.19	CVE-2019-16229	Unfixed	7.5	NETWORK
linux-yocto	5.0.19	CVE-2020-8649	Unfixed	7.1	LOCAL
linux-yocto	5.0.19	CVE-2020-8648	Unfixed	7.1	LOCAL
linux-yocto	5.0.19	CVE-2020-8647	Unfixed	7.1	LOCAL
linux-yocto	5.0.19	CVE-2019-12380	Unfixed	5.5	LOCAL
linux-yocto	5.0.19	CVE-2019-10220	Unfixed	8.8	NETWORK
linux-yocto	5.0.19	CVE-2020-7053	Unfixed	7.8	LOCAL
linux-yocto	5.0.19	CVE-2020-1749	Unfixed	None	None
linux-yocto	5.0.19	CVE-2020-9383	Unfixed	7.1	LOCAL
linux-yocto	5.0.19	CVE-2019-19037	Unfixed	5.5	LOCAL
linux-yocto	5.0.19	CVE-2019-19036	Unfixed	5.5	LOCAL
linux-yocto	5.0.19	CVE-2020-8832	Unfixed	None	None
linux-yocto	5.0.19	CVE-2019-19532	Unfixed	6.8	PHYSICAL
linux-yocto	5.0.19	CVE-2019-19537	Unfixed	4.2	PHYSICAL
linux-yocto	5.0.19	CVE-2019-14284	Unfixed	6.2	LOCAL
linux-yocto	5.0.19	CVE-2019-14283	Unfixed	6.8	PHYSICAL
linux-yocto	5.0.19	CVE-2019-10638	Unfixed	6.5	NETWORK
ncurses	6.1.20181013	CVE-2019-17594	Unfixed	5.3	LOCAL
ncurses	6.1.20181013	CVE-2019-17595	Unfixed	5.4	NETWORK
nss	3.42.1	CVE-2019-17006	Unfixed	None	None
nss	3.42.1	CVE-2019-17007	Unfixed	None	None
openssl	1.1.1b	CVE-2019-1547	Unfixed	4.7	LOCAL
openssl	1.1.1b	CVE-2019-1563	Unfixed	3.7	NETWORK
openssl	1.1.1b	CVE-2019-1552	Unfixed	3.3	LOCAL
openssl	1.1.1b	CVE-2019-1549	Unfixed	5.3	NETWORK
openssl	1.1.1b	CVE-2019-1543	Fixed	7.4	NETWORK
openssl	1.1.1b	CVE-2019-1551	Unfixed	5.3	NETWORK
pango	1.42.4	CVE-2019-1010238	Fixed	9.8	NETWORK
python3	3.7.4	CVE-2020-8492	Unfixed	6.5	NETWORK
python3	3.7.4	CVE-2020-8315	Unfixed	5.5	LOCAL
python3	3.7.4	CVE-2019-16056	Unfixed	7.5	NETWORK
python3	3.7.4	CVE-2019-16935	Unfixed	6.1	NETWORK
python3	3.7.4	CVE-2019-18348	Unfixed	6.1	NETWORK
shadow	4.6	CVE-2013-4235	Unfixed	4.7	LOCAL
sqlite3	3.27.2	CVE-2019-8457	Unfixed	9.8	NETWORK
sqlite3	3.27.2	CVE-2019-16168	Unfixed	6.5	NETWORK
sqlite3	3.27.2	CVE-2019-9936	Fixed	7.5	NETWORK
sqlite3	3.27.2	CVE-2019-9937	Fixed	7.5	NETWORK
sqlite3	3.27.2	CVE-2019-5018	Unfixed	8.1	NETWORK
sqlite3	3.27.2	CVE-2019-19645	Unfixed	5.5	LOCAL
sudo	1.8.27	CVE-2019-19234	Unfixed	7.5	NETWORK
sudo	1.8.27	CVE-2019-19232	Unfixed	7.5	NETWORK
sudo	1.8.27	CVE-2019-14287	Unfixed	8.8	NETWORK
taglib	1.11.1	CVE-2017-12678	Fixed	8.8	NETWORK
taglib	1.11.1	CVE-2018-11439	Fixed	6.5	NETWORK
wpa-supplicant	2.7	CVE-2019-11555	Fixed	5.9	NETWORK
wpa-supplicant	2.7	CVE-2019-9499	Fixed	8.1	NETWORK
wpa-supplicant	2.7	CVE-2019-9498	Fixed	8.1	NETWORK
wpa-supplicant	2.7	CVE-2019-16275	Unfixed	6.5	ADJACENT_NETWORK
wpa-supplicant	2.7	CVE-2019-9497	Fixed	8.1	NETWORK
wpa-supplicant	2.7	CVE-2019-9496	Fixed	7.5	NETWORK
wpa-supplicant	2.7	CVE-2019-9495	Fixed	3.7	NETWORK
wpa-supplicant	2.7	CVE-2019-9494	Fixed	5.9	NETWORK

NOTES:
– CVSS columns highlighted in red have a high (7.0+) or critical (9.0+) CVSSv3 base score.
– Whitelisted packages or CVEs have been explicitly ignored by the build configuration.
– Toolchain packages may also be present in the root filesystem in some cases (such as when building on the target device is supported by the image).
– Notes and whitelist are applied to all reports in this product that contain the same CVE entry.

About the Vigiles CVE Dashboard

What is this page?

The Vigiles CVE Dashboard shows you all the CVEs affecting a specific manifest at the time the scan was performed. It allows you to filter, whitelist, and make notes about individual CVEs. You can also export the data, and download the manifest from this page.
What is the Summary section, and what can I do with it?

Located at the top of the dashboard, the summary gives you an “at-a-glance” view of the number of CVEs in the scan results, and breaks the CVE counts down by status and severity. You can click the labels in each chart's legend to toggle what information is displayed.
How are the CVEs organized?

First, they are divided into Unfixed and Fixed sections. Unfixed CVEs are known to affect the software at your currently used version. Most often, a CVE is labeled as fixed because a patch for the issue was detected in the manifest.

Next, the CVEs in each panel are categorized into three tabs: RFS, Kernel, and Toolchain. This separation allows for better review of the different types of system components, especially because kernel upgrades and patches are often handled much differently than userland packages.
How can I learn more about a CVE?

For more details about any CVE, simply click on the CVE ID from within the RFS, Kernel, and Toolchain tabs.

Want to learn more about Timesys Vigiles Security Monitoring and Notification?

VIEW VIGILES OPTIONS

Copyright © 2020 Timesys Corporation. All Rights Reserved. Privacy Policy | Cookie Policy | Eula | Terms of Service | Terms of Sale
Yocto Project and all related marks and logos are registered trademarks of The Linux Foundation. This website is not, in any way, endorsed by the Yocto Project or The Linux Foundation.