* OE-core CVE metrics for dunfell on Sun 28 Aug 2022 02:30:01 AM HST
@ 2022-08-28 12:34 steve
2022-08-29 4:06 ` [yocto-security] " Tim Orling
0 siblings, 1 reply; 2+ messages in thread
From: steve @ 2022-08-28 12:34 UTC (permalink / raw)
To: openembedded-core, yocto-security
Branch: dunfell
New this week: 8 CVEs
CVE-2021-23177 (CVSS3: 7.8 HIGH): libarchive:libarchive-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23177 *
CVE-2021-28861 (CVSS3: 7.4 HIGH): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28861 *
CVE-2021-31566 (CVSS3: 7.8 HIGH): libarchive:libarchive-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31566 *
CVE-2021-3521 (CVSS3: 4.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3521 *
CVE-2022-2923 (CVSS3: 5.5 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2923 *
CVE-2022-2946 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2946 *
CVE-2022-2980 (CVSS3: 5.5 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2980 *
CVE-2022-2982 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2982 *
Removed this week: 14 CVEs
CVE-2020-27821 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27821 *
CVE-2022-2288 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2288 *
CVE-2022-2289 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2289 *
CVE-2022-2304 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2304 *
CVE-2022-2343 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2343 *
CVE-2022-2344 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2344 *
CVE-2022-2345 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2345 *
CVE-2022-2509 (CVSS3: 7.5 HIGH): gnutls:gnutls-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2509 *
CVE-2022-2522 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2522 *
CVE-2022-2571 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2571 *
CVE-2022-2580 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2580 *
CVE-2022-2581 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2581 *
CVE-2022-2598 (CVSS3: 5.5 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2598 *
CVE-2022-37434 (CVSS3: 9.8 CRITICAL): zlib:zlib-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37434 *
Full list: Found 118 unpatched CVEs
CVE-2016-3709 (CVSS3: 6.1 MEDIUM): libxml2:libxml2-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3709 *
CVE-2020-13754 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13754 *
CVE-2020-15469 (CVSS3: 2.3 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15469 *
CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 *
CVE-2020-15859 (CVSS3: 3.3 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15859 *
CVE-2020-17380 (CVSS3: 6.3 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17380 *
CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 *
CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 *
CVE-2020-27661 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27661 *
CVE-2020-27749 (CVSS3: 6.7 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27749 *
CVE-2020-29510 (CVSS3: 5.6 MEDIUM): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29510 *
CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 *
CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 *
CVE-2020-35504 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35504 *
CVE-2020-35505 (CVSS3: 4.4 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35505 *
CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 *
CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 *
CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 *
CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 *
CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 *
CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 *
CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 *
CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 *
CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 *
CVE-2021-20225 (CVSS3: 6.7 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20225 *
CVE-2021-20233 (CVSS3: 8.2 HIGH): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20233 *
CVE-2021-20295 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20295 *
CVE-2021-23177 (CVSS3: 7.8 HIGH): libarchive:libarchive-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23177 *
CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 *
CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 *
CVE-2021-27918 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27918 *
CVE-2021-28544 (CVSS3: 4.3 MEDIUM): subversion https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28544 *
CVE-2021-28861 (CVSS3: 7.4 HIGH): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28861 *
CVE-2021-31566 (CVSS3: 7.8 HIGH): libarchive:libarchive-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31566 *
CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 *
CVE-2021-33194 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33194 *
CVE-2021-33195 (CVSS3: 7.3 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33195 *
CVE-2021-33198 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33198 *
CVE-2021-3409 (CVSS3: 5.7 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3409 *
CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 *
CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 *
CVE-2021-3507 (CVSS3: 6.1 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3507 *
CVE-2021-3521 (CVSS3: 4.7 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3521 *
CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 *
CVE-2021-36221 (CVSS3: 5.9 MEDIUM): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36221 *
CVE-2021-3638 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3638 *
CVE-2021-3713 (CVSS3: 7.4 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3713 *
CVE-2021-3748 (CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3748 *
CVE-2021-3750 (CVSS3: 8.2 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3750 *
CVE-2021-39293 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-39293 *
CVE-2021-3930 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3930 *
CVE-2021-3947 (CVSS3: 5.5 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3947 *
CVE-2021-41771 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41771 *
CVE-2021-41772 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41772 *
CVE-2021-4206 (CVSS3: 8.2 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4206 *
CVE-2021-4207 (CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4207 *
CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 *
CVE-2021-44716 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44716 *
CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 *
CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 *
CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 *
CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 *
CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 *
CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 *
CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 *
CVE-2021-45944 (CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45944 *
CVE-2022-1050 (CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1050 *
CVE-2022-1705 (CVSS3: 6.5 MEDIUM): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1705 *
CVE-2022-1920 (CVSS3: 7.8 HIGH): gstreamer1.0 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1920 *
CVE-2022-1921 (CVSS3: 7.8 HIGH): gstreamer1.0 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1921 *
CVE-2022-1922 (CVSS3: 7.8 HIGH): gstreamer1.0 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1922 *
CVE-2022-1923 (CVSS3: 7.8 HIGH): gstreamer1.0 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1923 *
CVE-2022-1924 (CVSS3: 7.8 HIGH): gstreamer1.0 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1924 *
CVE-2022-1925 (CVSS3: 7.8 HIGH): gstreamer1.0 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1925 *
CVE-2022-1962 (CVSS3: 5.5 MEDIUM): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1962 *
CVE-2022-2122 (CVSS3: 7.8 HIGH): gstreamer1.0 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2122 *
CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 *
CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 *
CVE-2022-24765 (CVSS3: 7.8 HIGH): git https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 *
CVE-2022-24921 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24921 *
CVE-2022-26354 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26354 *
CVE-2022-28131 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28131 *
CVE-2022-2816 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2816 *
CVE-2022-2817 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2817 *
CVE-2022-2819 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2819 *
CVE-2022-28327 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28327 *
CVE-2022-2845 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2845 *
CVE-2022-2849 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2849 *
CVE-2022-2862 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2862 *
CVE-2022-2867 (CVSS3: 8.8 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2867 *
CVE-2022-2868 (CVSS3: 8.1 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2868 *
CVE-2022-2869 (CVSS3: 8.8 HIGH): tiff https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2869 *
CVE-2022-2874 (CVSS3: 5.5 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2874 *
CVE-2022-2889 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2889 *
CVE-2022-29154 (CVSS3: 7.4 HIGH): rsync:rsync-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29154 *
CVE-2022-2923 (CVSS3: 5.5 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2923 *
CVE-2022-2946 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2946 *
CVE-2022-29526 (CVSS3: 5.3 MEDIUM): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29526 *
CVE-2022-29536 (CVSS3: 7.5 HIGH): epiphany https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29536 *
CVE-2022-2980 (CVSS3: 5.5 MEDIUM): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2980 *
CVE-2022-29804 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29804 *
CVE-2022-2982 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2982 *
CVE-2022-30293 (CVSS3: 7.5 HIGH): webkitgtk https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 *
CVE-2022-30580 (CVSS3: 7.8 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30580 *
CVE-2022-30629 (CVSS3: 3.1 LOW): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30629 *
CVE-2022-30630 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30630 *
CVE-2022-30631 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30631 *
CVE-2022-30632 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30632 *
CVE-2022-30633 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30633 *
CVE-2022-30634 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30634 *
CVE-2022-30635 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30635 *
CVE-2022-30767 (CVSS3: 9.8 CRITICAL): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30767 *
CVE-2022-32148 (CVSS3: 6.5 MEDIUM): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32148 *
CVE-2022-32189 (CVSS3: 7.5 HIGH): go:go-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32189 *
CVE-2022-32292 (CVSS3: 9.8 CRITICAL): connman https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32292 *
CVE-2022-32293 (CVSS3: 8.1 HIGH): connman https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32293 *
CVE-2022-34835 (CVSS3: 9.8 CRITICAL): u-boot https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34835 *
CVE-2022-35737 (CVSS3: 7.5 HIGH): sqlite3:sqlite3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35737 *
For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [yocto-security] OE-core CVE metrics for dunfell on Sun 28 Aug 2022 02:30:01 AM HST
2022-08-28 12:34 OE-core CVE metrics for dunfell on Sun 28 Aug 2022 02:30:01 AM HST steve
@ 2022-08-29 4:06 ` Tim Orling
0 siblings, 0 replies; 2+ messages in thread
From: Tim Orling @ 2022-08-29 4:06 UTC (permalink / raw)
To: Steve Sakoman; +Cc: openembedded-core, yocto-security
[-- Attachment #1: Type: text/plain, Size: 17902 bytes --]
On Sun, Aug 28, 2022 at 5:34 AM Steve Sakoman <steve@sakoman.com> wrote:
> Branch: dunfell
>
> New this week: 8 CVEs
> CVE-2021-23177 (CVSS3: 7.8 HIGH): libarchive:libarchive-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23177 *
> CVE-2021-28861 (CVSS3: 7.4 HIGH): python3:python3-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28861 *
Did this get flagged as “new this week” because the CVE was updated? It is
NOT new.
> CVE-2021-31566 (CVSS3: 7.8 HIGH): libarchive:libarchive-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31566 *
> CVE-2021-3521 (CVSS3: 4.7 MEDIUM): rpm:rpm-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3521 *
> CVE-2022-2923 (CVSS3: 5.5 MEDIUM): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2923 *
> CVE-2022-2946 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2946 *
> CVE-2022-2980 (CVSS3: 5.5 MEDIUM): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2980 *
> CVE-2022-2982 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2982 *
>
> Removed this week: 14 CVEs
> CVE-2020-27821 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27821 *
> CVE-2022-2288 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2288 *
> CVE-2022-2289 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2289 *
> CVE-2022-2304 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2304 *
> CVE-2022-2343 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2343 *
> CVE-2022-2344 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2344 *
> CVE-2022-2345 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2345 *
> CVE-2022-2509 (CVSS3: 7.5 HIGH): gnutls:gnutls-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2509 *
> CVE-2022-2522 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2522 *
> CVE-2022-2571 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2571 *
> CVE-2022-2580 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2580 *
> CVE-2022-2581 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2581 *
> CVE-2022-2598 (CVSS3: 5.5 MEDIUM): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2598 *
> CVE-2022-37434 (CVSS3: 9.8 CRITICAL): zlib:zlib-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37434 *
>
> Full list: Found 118 unpatched CVEs
> CVE-2016-3709 (CVSS3: 6.1 MEDIUM): libxml2:libxml2-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3709 *
> CVE-2020-13754 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13754 *
> CVE-2020-15469 (CVSS3: 2.3 LOW): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15469 *
> CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 *
> CVE-2020-15859 (CVSS3: 3.3 LOW): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15859 *
> CVE-2020-17380 (CVSS3: 6.3 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17380 *
> CVE-2020-25742 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25742 *
> CVE-2020-25743 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25743 *
> CVE-2020-27661 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27661 *
> CVE-2020-27749 (CVSS3: 6.7 MEDIUM): grub:grub-efi:grub-efi-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27749 *
> CVE-2020-29510 (CVSS3: 5.6 MEDIUM): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29510 *
> CVE-2020-29623 (CVSS3: 3.3 LOW): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 *
> CVE-2020-35503 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 *
> CVE-2020-35504 (CVSS3: 6.0 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35504 *
> CVE-2020-35505 (CVSS3: 4.4 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35505 *
> CVE-2020-35506 (CVSS3: 6.7 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35506 *
> CVE-2020-9948 (CVSS3: 8.8 HIGH): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9948 *
> CVE-2020-9951 (CVSS3: 8.8 HIGH): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9951 *
> CVE-2020-9952 (CVSS3: 7.1 HIGH): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-9952 *
> CVE-2021-1765 (CVSS3: 6.5 MEDIUM): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 *
> CVE-2021-1789 (CVSS3: 8.8 HIGH): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 *
> CVE-2021-1799 (CVSS3: 6.5 MEDIUM): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 *
> CVE-2021-1801 (CVSS3: 6.5 MEDIUM): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 *
> CVE-2021-1870 (CVSS3: 9.8 CRITICAL): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 *
> CVE-2021-20225 (CVSS3: 6.7 MEDIUM): grub:grub-efi:grub-efi-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20225 *
> CVE-2021-20233 (CVSS3: 8.2 HIGH): grub:grub-efi:grub-efi-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20233 *
> CVE-2021-20295 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20295 *
> CVE-2021-23177 (CVSS3: 7.8 HIGH): libarchive:libarchive-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23177 *
> CVE-2021-27097 (CVSS3: 7.8 HIGH): u-boot
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27097 *
> CVE-2021-27138 (CVSS3: 7.8 HIGH): u-boot
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27138 *
> CVE-2021-27918 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-27918 *
> CVE-2021-28544 (CVSS3: 4.3 MEDIUM): subversion
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28544 *
> CVE-2021-28861 (CVSS3: 7.4 HIGH): python3:python3-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28861 *
> CVE-2021-31566 (CVSS3: 7.8 HIGH): libarchive:libarchive-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31566 *
> CVE-2021-31879 (CVSS3: 6.1 MEDIUM): wget
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 *
> CVE-2021-33194 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33194 *
> CVE-2021-33195 (CVSS3: 7.3 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33195 *
> CVE-2021-33198 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-33198 *
> CVE-2021-3409 (CVSS3: 5.7 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3409 *
> CVE-2021-3418 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3418 *
> CVE-2021-3445 (CVSS3: 7.5 HIGH): libdnf
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 *
> CVE-2021-3507 (CVSS3: 6.1 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3507 *
> CVE-2021-3521 (CVSS3: 4.7 MEDIUM): rpm:rpm-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3521 *
> CVE-2021-3611 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3611 *
> CVE-2021-36221 (CVSS3: 5.9 MEDIUM): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36221 *
> CVE-2021-3638 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3638 *
> CVE-2021-3713 (CVSS3: 7.4 HIGH): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3713 *
> CVE-2021-3748 (CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3748 *
> CVE-2021-3750 (CVSS3: 8.2 HIGH): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3750 *
> CVE-2021-39293 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-39293 *
> CVE-2021-3930 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3930 *
> CVE-2021-3947 (CVSS3: 5.5 MEDIUM): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3947 *
> CVE-2021-41771 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41771 *
> CVE-2021-41772 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41772 *
> CVE-2021-4206 (CVSS3: 8.2 HIGH): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4206 *
> CVE-2021-4207 (CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4207 *
> CVE-2021-42762 (CVSS3: 5.3 MEDIUM): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42762 *
> CVE-2021-44716 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44716 *
> CVE-2021-45085 (CVSS3: 6.1 MEDIUM): epiphany
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45085 *
> CVE-2021-45086 (CVSS3: 6.1 MEDIUM): epiphany
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45086 *
> CVE-2021-45087 (CVSS3: 6.1 MEDIUM): epiphany
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45087 *
> CVE-2021-45088 (CVSS3: 6.1 MEDIUM): epiphany
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45088 *
> CVE-2021-45481 (CVSS3: 6.5 MEDIUM): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45481 *
> CVE-2021-45482 (CVSS3: 6.5 MEDIUM): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45482 *
> CVE-2021-45483 (CVSS3: 6.5 MEDIUM): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45483 *
> CVE-2021-45944 (CVSS3: 5.5 MEDIUM): ghostscript:ghostscript-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45944 *
> CVE-2022-1050 (CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1050 *
> CVE-2022-1705 (CVSS3: 6.5 MEDIUM): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1705 *
> CVE-2022-1920 (CVSS3: 7.8 HIGH): gstreamer1.0
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1920 *
> CVE-2022-1921 (CVSS3: 7.8 HIGH): gstreamer1.0
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1921 *
> CVE-2022-1922 (CVSS3: 7.8 HIGH): gstreamer1.0
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1922 *
> CVE-2022-1923 (CVSS3: 7.8 HIGH): gstreamer1.0
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1923 *
> CVE-2022-1924 (CVSS3: 7.8 HIGH): gstreamer1.0
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1924 *
> CVE-2022-1925 (CVSS3: 7.8 HIGH): gstreamer1.0
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1925 *
> CVE-2022-1962 (CVSS3: 5.5 MEDIUM): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1962 *
> CVE-2022-2122 (CVSS3: 7.8 HIGH): gstreamer1.0
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2122 *
> CVE-2022-2294 (CVSS3: 8.8 HIGH): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2294 *
> CVE-2022-23773 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23773 *
> CVE-2022-24765 (CVSS3: 7.8 HIGH): git
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24765 *
> CVE-2022-24921 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24921 *
> CVE-2022-26354 (CVSS3: 3.2 LOW): qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26354 *
> CVE-2022-28131 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28131 *
> CVE-2022-2816 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2816 *
> CVE-2022-2817 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2817 *
> CVE-2022-2819 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2819 *
> CVE-2022-28327 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28327 *
> CVE-2022-2845 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2845 *
> CVE-2022-2849 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2849 *
> CVE-2022-2862 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2862 *
> CVE-2022-2867 (CVSS3: 8.8 HIGH): tiff
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2867 *
> CVE-2022-2868 (CVSS3: 8.1 HIGH): tiff
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2868 *
> CVE-2022-2869 (CVSS3: 8.8 HIGH): tiff
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2869 *
> CVE-2022-2874 (CVSS3: 5.5 MEDIUM): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2874 *
> CVE-2022-2889 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2889 *
> CVE-2022-29154 (CVSS3: 7.4 HIGH): rsync:rsync-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29154 *
> CVE-2022-2923 (CVSS3: 5.5 MEDIUM): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2923 *
> CVE-2022-2946 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2946 *
> CVE-2022-29526 (CVSS3: 5.3 MEDIUM): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29526 *
> CVE-2022-29536 (CVSS3: 7.5 HIGH): epiphany
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29536 *
> CVE-2022-2980 (CVSS3: 5.5 MEDIUM): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2980 *
> CVE-2022-29804 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29804 *
> CVE-2022-2982 (CVSS3: 7.8 HIGH): vim
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2982 *
> CVE-2022-30293 (CVSS3: 7.5 HIGH): webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30293 *
> CVE-2022-30580 (CVSS3: 7.8 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30580 *
> CVE-2022-30629 (CVSS3: 3.1 LOW): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30629 *
> CVE-2022-30630 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30630 *
> CVE-2022-30631 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30631 *
> CVE-2022-30632 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30632 *
> CVE-2022-30633 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30633 *
> CVE-2022-30634 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30634 *
> CVE-2022-30635 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30635 *
> CVE-2022-30767 (CVSS3: 9.8 CRITICAL): u-boot
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30767 *
> CVE-2022-32148 (CVSS3: 6.5 MEDIUM): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32148 *
> CVE-2022-32189 (CVSS3: 7.5 HIGH): go:go-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32189 *
> CVE-2022-32292 (CVSS3: 9.8 CRITICAL): connman
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32292 *
> CVE-2022-32293 (CVSS3: 8.1 HIGH): connman
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32293 *
> CVE-2022-34835 (CVSS3: 9.8 CRITICAL): u-boot
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34835 *
> CVE-2022-35737 (CVSS3: 7.5 HIGH): sqlite3:sqlite3-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35737 *
>
> For further information see:
> https://autobuilder.yocto.io/pub/non-release/patchmetrics/
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#648):
> https://lists.yoctoproject.org/g/yocto-security/message/648
> Mute This Topic: https://lists.yoctoproject.org/mt/93305881/924729
> Group Owner: yocto-security+owner@lists.yoctoproject.org
> Unsubscribe: https://lists.yoctoproject.org/g/yocto-security/unsub [
> ticotimo@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>
[-- Attachment #2: Type: text/html, Size: 34268 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-08-29 4:06 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-28 12:34 OE-core CVE metrics for dunfell on Sun 28 Aug 2022 02:30:01 AM HST steve
2022-08-29 4:06 ` [yocto-security] " Tim Orling
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.