Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

1.6.1+dfsg.3-2ubuntu1

Blueprints that have vulnerabilities with a CVSS score >= 9.0 and meet the following criteria should submit their information in the chart below to have the vulnerability considered for an exception:

...

Not VulnerablePackages which do not exist in the archive, are not affected by the vulnerability or have a fix applied in the archive.
PendingA fix has been applied and updated packages are awaiting arrival into the archive. For example, this might be used when wider testing is requested for the updated package.
UnknownOpen vulnerability where the priority is currently unknown and needs to be triaged.
NegligibleOpen vulnerability that may be a problem but otherwise does not impose a security risk due to various factors. Examples include when the vulnerability is only theoretical in nature, requires a very special situation, has almost no install base or does no real damage. These typically will not receive security updates unless there is an easy fix and some other issue causes an update.
LowOpen vulnerability that is a problem but does very little damage or is otherwise hard to exploit due to small user base or other factors such as requiring specific environment, uncommon configuration, user assistance, etc. These tend to be included in security updates only when higher priority issues require an update or if many low priority issues have built up.
MediumOpen vulnerability that is a real problem and is exploitable for many users of the affected software. Examples include network daemon denial of service, cross-site scripting and gaining user privileges.
HighOpen vulnerability that is a real problem and is exploitable for many users in the default configuration of the affected software. Examples include serious remote denial of service of the system, local root privilege escalations or local data theft.
CriticalOpen vulnerability that is a world-burning problem and is exploitable for most Ubuntu users. Examples include remote root privilege escalations or remote data theft.


CVE #BlueprintBlueprint OS/VerURL Showing OS Patch Not AvailableContact NameContact EmailCommentVendor CVSS ScoreVendor Patch AvailableException Status
CVE-2016-1585KubeEdge Edge Service BlueprintUbuntu 20.04https://ubuntu.com/security/CVE-2016-1585yin.ding@futurewei.com

Medium

NoApproved
CVE-2017-8283KubeEdge Edge Service BlueprintUbuntu 20.04https://ubuntu.com/security/CVE-2017-8283yin.ding@futurewei.com

Negligible

NoApproved
CVE-2018-20839KubeEdge Edge Service BlueprintUbuntu 20.04https://ubuntu.com/security/CVE-2018-20839yin.ding@futurewei.com

Medium

NoApproved
CVE-2019-19814KubeEdge Edge Service BlueprintUbuntu 20.04https://ubuntu.com/security/CVE-2019-19814yin.ding@futurewei.com

Low

NoApproved
CVE-2013-1910ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2013-1910Srinivasan Selvamsrinivasanselvam2014@gmail.com
MediumNoApproved
CVE-2016-1585ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-1585srinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2016-5407ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-5407Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-7944ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7944Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

No

Approved

CVE-2016-7947ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7947Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

No

Approved


CVE-2016-7948ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7948Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-7949ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7949Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-7950ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7950Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-7951ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7951Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-8735ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-8735Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

Released (6.0.45+dfsg-1ubuntu0.1)

Explanation:

We are using same version of integrated OS package as mentioned as released by ubuntu for Package dfsg.  But still issue thrown.

It is not an issue from our side.  This issue is with Vuls or Ubuntu. 

Proof:

Image Modified

Approved

CVE-2017-10684ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-10684Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-10685ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-10685Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-12424ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-12424Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-12562ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-12562Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-15088ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-15088Srinivasan Selvamsrinivasanselvam2014@gmail.com

Negligible

NoApproved
CVE-2017-18342ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-18342Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-7614ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-7614Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-8283ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-8283Srinivasan Selvamsrinivasanselvam2014@gmail.com

Negligible

NoApproved
CVE-2018-12699ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2018-12699Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2018-20839ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2018-20839Srinivasan Selvamsrinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2019-17041ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-17041Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-17042ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-17042Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-17571ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-17571Srinivasan Selvamsrinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2020-10683ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2020-10683Srinivasan Selvamsrinivasanselvam2014@gmail.com

Medium

Released (1.6.1+dfsg.3-2ubuntu1.1)

Explanation:
This is OS integrated package and we are using 1.6.1+dfsg.3-2ubuntu1 same updated latest release version.  This is an issue with Vuls / Ubuntu not from our side.

Proof:

Image Modified

Approved
CVE-2020-1938ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2020-1938Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-19814ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-19814Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-19816ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-19816Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

Package:  linux

For ubuntu 16.04, status is Needed.

Package not available for ubuntu 16.04

Image Modified

Approved
CVE-2016-9584ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-9584Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

Package:  libical

For Ubuntu 16.04, status is Needed for Libical Package.

Package not available for ubuntu 16.04

Image Modified

Approved
CVE-2017-5209ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-5209Srinivasan Selvamsrinivasanselvam2014@gmail.com


Negligible

NoApproved
CVE-2017-5545ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-5545Srinivasan Selvamsrinivasanselvam2014@gmail.com

Negligible

NoApproved
CVE-2017-6969ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-6969Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-7226ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-7226Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-8872ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-8872Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-15505ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-15505srinivasanselvam2014@gmail.com

Moderate

8.0

NoApproved
CVE-2014-9939ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2014-9939Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

1.2

No

Approved
CVE-2017-12652ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2017-12652Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

3.7


There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

Approved
CVE-2018-16428ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2018-16428Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

5.1

No

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Approved
CVE-2019-11068ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-11068Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

6.3

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

Approved
CVE-2019-12450ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-12450Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

6.6

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

Approved


CVE-2019-12900ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-12900Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

4.0

No

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Approved
CVE-2019-9169ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-9169Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

6.5

No (Will not fix)

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Approved
CVE-2018-20836ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2018-20836Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

7.0

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

Approved
CVE-2019-2201ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-2201Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

7.8

No (Will not fix)

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Approved
CVE-2018-18439EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2018-18439srinivasanselvam2014@gmail.com

Negligible

Not vulnerable (2019.07+dfsg-1ubuntu4~18.04.1)

Screenshot:

Image Modified

Approved
CVE-2020-8432EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2020-8432srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-1585EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2016-1585srinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2017-18342EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2017-18342srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-8283EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2017-8283srinivasanselvam2014@gmail.com

Negligible

18.04 Not vulnerable

1.18..24ubuntu1

Image Modified

Image Modified

Approved
CVE-2018-11236EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2018-11236srinivasanselvam2014@gmail.com

Medium

glibc:  Fix 2.27-3ubuntu1.2

Explanation:

We are using same version of integrated OS package updated as mentioned as released by ubuntu for Package glibc.  But still issue thrown.

It is not an issue from our side.  This issue is with Vuls or Ubuntu.

Proof: Image Modified

Approved
CVE-2018-20839EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2018-20839srinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2019-11059EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-11059srinivasanselvam2014@gmail.com

Low

18.04 LTSNot Vulnerable

2019.07+dfsg-1ubuntu4~18.04.1

Screenshots:

Image Modified

Image Modified

Approved


CVE-2019-14192EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14192srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14193EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14193srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14194EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14194srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14195EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14195srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14196EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14196srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14198EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14198srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14199EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14199srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14200EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14200srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14201EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14201srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14202EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14202srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14203EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14203srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14204EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14204srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-9169EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-9169srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-10220EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-10220srinivasanselvam2014@gmail.com

Medium

linux

Minimum 4.15.0-88.88

Explanation:

We are using the latest patch of linux kernel.  Since we are using updated patch.  Still issues thrown.

This is an issue from Vuls / Ubuntu not from our side

Screenshot:

Image Modified

4.15.0-118-generic installed

Approved
CVE-2019-19814EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-19814srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-19816EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-19816srinivasanselvam2014@gmail.com

Low

linux

4.15.0-88.88 minimum required

Explanation:

We are using the latest patch of linux kernel.  Eventhough we are using updated patch,  Still issues thrown.

This is an issue from Vuls / Ubuntu not from our side

Screenshot:

Image Modified

4.15.0-118-generic installed

Approved
CVE-2019-14197EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14197srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-12652The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2017-12652wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Low

3.7

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-11068The AI Edge: Federated ML application at the edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-11068wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Low

6.3

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-12450The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-12450wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

6.6

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-12900The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-12900wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

LOW

4.0

NoApproved
CVE-2018-20836The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2018-20836wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

7.0

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-8506The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8506wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

6.3

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8535The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8535wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

6.3

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8536The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8536wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

6.3

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8544The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8544wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

6.3

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved

CVE-2019-8669The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8669wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8672The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8672wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8676The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8676wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8684The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8684wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8688The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8688wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8689The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8689wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8814The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8814wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8815The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8815wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8816The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8816wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2020-3868The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3868wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2020-3895The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3895wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2020-3897The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3897wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.Moderate 8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2020-3899The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3899wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.Moderate 8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-2201

The AI Edge: School/Education Video Security Monitoring

Centos8

CentOS

8.2

https://access.redhat.com/security/cve/CVE-2019-2201@Hechun Zhangzhanghechun@baidu.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.Moderate 7.8NoApproved
CVE-2019-12900The AI Edge: School/Education Video Security Monitoring

CentOS

Centos8

8.2

https://access.redhat.com/security/cve/CVE-2019-12900@Hechun Zhangzhanghechun@baidu.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Low

4.0

NoApproved
CVE-2019-18218The AI Edge: School/Education Video Security Monitoring

CentOS

Centos8

8.2

https://access.redhat.com/security/cve/CVE-2019-18218@Hechun Zhangzhanghechun@baidu.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

9.8

NoApproved
CVE-
2016
2018-
1585ICNUbuntu 18.04https://ubuntu
16428The AI Edge: School/Education Video Security Monitoring

CentOS

8.2

https://access.redhat.com/security/cve/CVE-
2016
2018-
1585

@Kuralamdhan Ramakrishnan

kuralamudhan.ramakrishnan@intel.comMedium
16428@Hechun Zhangzhanghechun@baidu.com

Low

5.1

NoApproved
CVE-
2017-18342ICNUbuntu 18.04
2019-14889The AI Edge: School/Education Video Security Monitoring

CentOS

8.2

https://
ubuntu
access.redhat.com/security/cve/CVE-
2017
2019-
18342@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.CVE-2018-20839
14889@Hechun Zhangzhanghechun@baidu.com
Low
NoApprovedCVE-2017-8283ICNUbuntu 18.04https://ubuntu.com/security/CVE-2017-8283@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.com

Negligible

18.04 Not vulnerable

1.18..24ubuntu1

Image Removed

Image Removed

Approved

Package:  libssh2 not affected

Package:  libssh fixed 11/3/2020 in RHSA-2020:4545

Approved; must apply update to next release
CVE-2016-1585ICNUbuntu 18.04https://ubuntu.com/security/CVE-
2018
2016-
20839
1585

@Kuralamdhan Ramakrishnan

kuralamudhan.ramakrishnan@intel.com

Medium

No

Approved

CVE-
2019
2017-
19814
18342ICNUbuntu 18.04https://ubuntu.com/security/CVE-
2019
2017-
19814
18342@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.com

Low

NoApproved
CVE-
2019
2017-
17041
8283ICNUbuntu 18.04https://ubuntu.com/security/CVE-
2019
2017-
17041No
8283@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.com

Low


Negligible

18.04 Not vulnerable

1.18..24ubuntu1

Image Added

Image Added

Approved
CVE-
2019
2018-
17042
20839ICNUbuntu 18.04https://ubuntu.com/security/CVE-
2019
2018-
17042
20839

@Kuralamdhan Ramakrishnan

kuralamudhan.ramakrishnan@intel.com
Low

Medium

NoApproved
CVE-
2017
2019-
12652
19814
REC
ICN
CentOS 7
Ubuntu 18.
8
04https://
access.redhat
ubuntu.com/security
/cve
/CVE-
2017
2019-
12652pcarver@att
19814

@Kuralamdhan Ramakrishnan

kuralamudhan.ramakrishnan@intel.com

Low

3.7

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020
NoApproved
CVE-2019-
11068
17041
REC
ICN
CentOS 7
Ubuntu 18.
8
04https://
access.redhat
ubuntu.com/security
/cve
/CVE-2019-
11068pcarver@att.com

Moderate

6.8

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020ApprovedCVE-2019-12450RECCentOS 7.8
17041@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.com

Low

NoApproved
CVE-2019-17042ICNUbuntu 18.04https://
access
ubuntu.
redhat.
com/security
/cve
/CVE-2019-
12450pcarver@att
17042@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.com

Moderate

6.6

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

Low

NoApproved
CVE-
2019
2021-
17006
33574
REC
ICN
CentOS 7
Ubuntu 20.
8
04https://
access.redhat
ubuntu.com/security
/cve
/CVE-
2019
2021-
12450pcarver@att.com

Moderate

8.1

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
33574Kuralamudhan Ramakrishnan (Deactivated)kuralamudhan.ramakrishnan@intel.com
LowNo
CVE-2019-
5482
19814
REC
ICN
CentOS 7
Ubuntu 20.
8
04https://
access.redhat
ubuntu.com/security/
cve/
CVE-2019-
12450pcarver@att
19814kuralamudhan.ramakrishnan@intel.com
Moderate

Low

6.3

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020ApprovedCVE-2017-12652 Connected Vehicle Blueprint (CVB)CentOS 7.8
No

CVE-2021-35942

ICNUbuntu 20.04https://
nvd
ubuntu.
nist.gov
com/
vuln
security/
detail/
CVE-
2017
2021-
12652abhimanyu bhatter

abhimanyu@parserlabs.com

We need exception request for this CVE as it is not yet fixed for 7.X version
35942kuralamudhan.ramakrishnan@intel.comVendor status is "Released" and ICN is using the referenced glibc version, however vuls is still reporting thisLowYes
CVE-2017-12652RECCentOS 7.8https://access.redhat.com/security/cve/CVE-2017-12652pcarver@att.com

Low

3.7

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-
5482Connected Vehicle Blueprint (CVB)
11068RECCentOS 7.8https://
nvd
access.
nist
redhat.
gov
com/
vuln
security/
detail
cve/CVE-2019-
5482
11068
abhimanyu bhatter
abhimanyu@parserlabs
pcarver@att.com
We need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

6.

3

8

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-
2017
2019-
12652 IEC Type4-AR/VVR oriented Edge Stack
12450RECCentOS 7.8https://
nvd
access.
nist
redhat.
gov
com/
vuln
security/
detail
cve/CVE-
2017
2019-
12652
12450
abhimanyu bhatter
abhimanyu@parserlabs

Low

3.7
pcarver@att.com
We need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

6.6

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-
5482IEC Type4-AR/VVR oriented Edge Stack
17006RECCentOS 7.8https://
nvd
access.
nist
redhat.
gov
com/
vuln
security/
detail
cve/CVE-2019-
5482
12450
abhimanyu bhatter
abhimanyu@parserlabs
pcarver@att.com
We need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

6

8.

3

1

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-
2017
2019-
126525G MEC/Slice System to Support Cloud Gaming, HD Video and Live Broadcasting Blueprint
5482RECCentOS 7.
6
8https://access.redhat.com/security/cve/CVE-
2017
2019-
12652
12450
Zigeng Fu
eaganfu@tencent
pcarver@att.com
We need exception request for this CVE as it is not yet fixed for 7.X version

Low

3.7

No

Moderate

6.3

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-
2019
2017-
54825G MEC/Slice System to Support Cloud Gaming, HD Video and Live Broadcasting Blueprint
12652 Connected Vehicle Blueprint (CVB)CentOS 7.
6
8https://
access
nvd.
redhat
nist.
com
gov/
security
vuln/
cve
detail/CVE-
2019
2017-
5482
12652
Zigeng Fu
abhimanyu bhatter
eaganfu@tencent

abhimanyu@parserlabs.com


We need exception request for this CVE as it is not yet fixed for 7.X version
Moderate

Low

6

3.

3No

7

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-
2016
2019-
1585Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2016-1585sukhdevkapur@gmail.comMedium
5482Connected Vehicle Blueprint (CVB)CentOS 7.8https://nvd.nist.gov/vuln/detail/CVE-2019-5482abhimanyu bhatter

abhimanyu@parserlabs.com


We need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

6.3

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-17006IEC Type4-AR/VR oriented Edge StackCentOS 7.9https://access.redhat.com/security/cve/CVE-2019-17006eatonzhang@tencent.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

8.1

It is cause by nss before 3.46, but the version is already 3.53.1. But still issue thrown.

It is not an issue from our side.  This issue is with Vuls or CentOS.

Image Added

Approved - the nss version shown is the correct version per RedHat
CVE-2017-126525G MEC/Slice System to Support Cloud Gaming, HD Video and Live Broadcasting BlueprintCentOS 7.6https://access.redhat.com/security/cve/CVE-2017-12652eaganfu@tencent.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Low

3.7

NoApproved
CVE-2019-54825G MEC/Slice System to Support Cloud Gaming, HD Video and Live Broadcasting BlueprintCentOS 7.6https://access.redhat.com/security/cve/CVE-2019-5482eaganfu@tencent.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

6.3

NoApproved
CVE-2016-1585Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2016-1585sukhdevkapur@gmail.com

Medium

NoApproved
CVE-2017-10684Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-10684sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-10685Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-10685sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-12424Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-12424sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-15088Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-15088sukhdevkapur@gmail.com

Negligible

NoApproved
CVE-2017-18342Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-18342sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-7614Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-7614sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-8283Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-8283sukhdevkapur@gmail.com

Negligible

NoApproved
CVE-2018-12699Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2018-12699sukhdevkapur@gmail.com

Low

NoApproved
CVE-2018-20839Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2018-20839sukhdevkapur@gmail.com

Medium

NoApproved
CVE-2019-17041Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2019-17041sukhdevkapur@gmail.com

Low

NoApproved
CVE-2019-17042Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2019-17042sukhdevkapur@gmail.com

Low

NoApproved
CVE-2019-19814Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2019-19814sukhdevkapur@gmail.com

Low

NoApproved
CVE-2019-19816Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2019-19816sukhdevkapur@gmail.com

Low

Package:  linux

For ubuntu 16.04, status is Needed.

Package not available for ubuntu 16.04

Image Added

Approved
CVE-2017-6969Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-6969sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-7226Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-7226sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-8872Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-8872sukhdevkapur@gmail.com

Low

NoApproved
CVE-2019-13224Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2019-13224sukhdevkapur@gmail.com
MediumNoApproved
CVE-2019-19012Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2019-19012sukhdevkapur@gmail.com
MediumNoApproved
CVE-2017-8283PCEIUbuntu 18.04https://ubuntu.com/security/cve-2017-8283Oleg Berzin

oberzin@equinix.com



NegligibleNoApproved
CVE-2019-19814PCEIUbuntu 18.04https://ubuntu.com/security/cve-2019-19814Oleg Berzinoberzin@equinix.com
LowNoApproved
CVE-2016-1585PCEIUbuntu 18.04https://ubuntu.com/security/CVE-2016-1585oberzin@equinix.com

Medium

NoApproved
CVE-2017-18342PCEIUbuntu 18.04https://ubuntu.com/security/CVE-2017-18342oberzin@equinix.com

Low

NoApproved
CVE-2018-20839PCEIUbuntu 18.04https://ubuntu.com/security/CVE-2018-20839oberzin@equinix.com

Medium

NoApproved
CVE-2019-17041PCEIUbuntu 18.04https://ubuntu.com/security/CVE-2019-17041oberzin@equinix.com

Low

NoApproved
CVE-2019-17042PCEIUbuntu 18.04https://ubuntu.com/security/CVE-2019-17042oberzin@equinix.com

Low

NoApproved
CVE-2016-9085IEC TYPE3Ubuntu 18.04https://nvd.nist.gov/vuln/detail/CVE-2016-9085hanyu dingdinghanyu@chinamobile.com
LowNoApproved
CVE-2017-18201IEC TYPE3Ubuntu 18.04https://nvd.nist.gov/vuln/detail/CVE-2017-18201hanyu dingdinghanyu@chinamobile.com
MediumNoApproved
CVE-2017-9525IEC TYPE3Ubuntu 18.04https://nvd.nist.gov/vuln/detail/CVE-2017-9525hanyu dingdinghanyu@chinamobile.com
LowNoApproved
CVE-2019-10160IEC TYPE3Ubuntu 18.04https://nvd.nist.gov/vuln/detail/CVE-2019-10160dinghanyu@chinamobile.com 
lowNoApproved
CVE-2019-18276IEC TYPE3Ubuntu 18.04https://nvd.nist.gov/vuln/detail/CVE-2019-18276hanyu dingdinghanyu@chinamobile.com 
lowNoApproved
CVE-
2017
2020-
10684Network Cloud and Tungsten Fabric
27619IEC TYPE3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2020-
10684
27619
Sukhdev Kapur
hanyu ding
sukhdevkapur@gmail
dinghanyu@chinamobile.com 
Low

lowNoApproved
CVE-
2017
2021-
10685Network Cloud and Tungsten Fabric
3177IEC Type3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2021-
10685
3177
Sukhdev Kapur
hanyu ding
sukhdevkapur@gmail
dinghanyu@chinamobile.com 
Low

lowNoApproved
CVE-
2017
2016-
12424Network Cloud and Tungsten Fabric
9180IEC Type3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2016-
12424
9180
Sukhdev Kapur
hanyu ding
sukhdevkapur@gmail
dinghanyu@chinamobile.com 
LowNoApproved
CVE-
2017
2019-
15088Network Cloud and Tungsten Fabric
13103IEC Type3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2019-
15088
13103
Sukhdev Kapur
hanyu ding
sukhdevkapur@gmail
dinghanyu@chinamobile.com 
Negligible

lowNoApproved
CVE-
2017
2019-
18342Network Cloud and Tungsten Fabric
9948IEC Type3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2019-
18342
9948
Sukhdev Kapur
hanyu ding
sukhdevkapur@gmail
dinghanyu@chinamobile.com 
Low

lowNoApproved
CVE-
2017
2019-
7614Network Cloud and Tungsten Fabric
14192IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-
2017
2019-
7614
14192
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2017
2019-
8283Network Cloud and Tungsten Fabric
14193IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-
2017
2019-
8283
14193
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 
Negligible

Low

NoApproved
CVE-
2018
2019-
12699Network Cloud and Tungsten Fabric
14194IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-
2018
2019-
12699
14194
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2018
2019-
20839Network Cloud and Tungsten Fabric
14195IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-
2018
2019-
20839
14195
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 
Medium

Low

NoApproved
CVE-2019-
17041Network Cloud and Tungsten Fabric
14196IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-2019-
17041
14196
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-2019-
17042Network Cloud and Tungsten Fabric
14198IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-2019-
17042
14198
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-2019-
19814Network Cloud and Tungsten Fabric
14199IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-2019-
19814
14199
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-2019-
19816Network Cloud and Tungsten Fabric
14200IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-2019-
19816
14200
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 

Low

Package:  linux

For ubuntu 16.04, status is Needed.

Package not available for ubuntu 16.04

Image Removed

NoApproved
CVE-
2017
2019-
6969Network Cloud and Tungsten Fabric
14201IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-
2017
2019-
6969
14201
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2017
2019-
7226Network Cloud and Tungsten Fabric
14202IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-
2017
2019-
7226
14202
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2017
2019-
8872Network Cloud and Tungsten Fabric
14203IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-
2017
2019-
8872
14203
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-2019-
13224Network Cloud and Tungsten Fabric
17041IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-2019-
13224
17041
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com
Medium

Low

NoApproved
CVE-2019-
19012Network Cloud and Tungsten Fabric
17042IEC Type3Ubuntu
16
18.04https://ubuntu.com/security/CVE-2019-
19012
17042
Sukhdev Kapur
sukhdevkapur@gmail
dinghanyu@chinamobile.com
Medium

Low

NoApproved
CVE-
2017
2020-
8283
8432
PCEI
IEC Type3Ubuntu 18.04https://ubuntu.com/security/
cve
CVE-
2017
2020-
8283
8432
Oleg Berzin
oberzin@equinix
dinghanyu@chinamobile.com
Negligible

Low

NoApproved
CVE-2019-
19814
14197
PCEI
IEC Type3Ubuntu 18.04https://ubuntu.com/security/
cve
CVE-2019-
19814
14197
Oleg Berzin
oberzin@equinix
dinghanyu@chinamobile.com

Low

NoApproved
CVE-
2016
2019-
1585
14204
PCEI
IEC Type3Ubuntu 18.04https://ubuntu.com/security/CVE-
2016
2019-
1585
14204
Oleg Berzin
oberzin@equinix
dinghanyu@chinamobile.com 
Medium

Low

NoApproved
CVE-
2017-18342PCEIUbuntu 18.04
2018-10103IEC Type 5

CentOS

8.2

https://
ubuntu
access.redhat.com/security/cve/CVE-
2017
2018-
18342
10103
Oleg Berzin
oberzin@equinix
wangyihui@chinamobile.com

Low

NoApproved

Moderate


Package:  tcpdump

Description:  RHSA-2020:4760

Fixed Date:  11/3/20

Approved; must apply update to next release
CVE-2018-
20839PCEIUbuntu 18.04
10105IEC Type 5

CentOS

8.2

https://
ubuntu
access.redhat.com/security/cve/CVE-2018-
20839
10105
Oleg Berzin
oberzin@equinixCVE-2019-17041PCEIUbuntu 18.04https://ubuntu.com/security/CVE-2019-17041oberzin@equinix.com

Low

NoApprovedCVE-2019-17042PCEIUbuntu 18.04
wangyihui@chinamobile.com

Medium

NoApproved

Moderate

Package:  tcpdump

Description:  RHSA-2020:4760

Fixed Date:  11/3/20

Approved; must apply update to next release
CVE-2018-19325IEC Type 5

CentOS

8.2

https://

ubuntu

access.redhat.com/security/cve/CVE-

2019-17042oberzin@equinix

2018-14466

see note for CVE #

wangyihui@chinamobile.com
Low
NoApprovedCVE-2016-9085IEC TYPE3Ubuntu 18.04

Per https://nvd.nist.gov/vuln/detail/CVE-2018-19325 this CVE is a duplicate of CVE-

2016-9085hanyu dingdinghanyu@chinamobile.comLowNoCVE-2017-18201IEC TYPE3Ubuntu 18.04

2018-14466, this later CVE should be the only one referenced moving forward.

Package:  tcpdump

Description:  RHSA-2020:4760

Fixed Date:  11/3/20

Approved; must apply update to next release
CVE-2019-12900IEC Type 5

CentOS

8.2

https://
nvd
access.
nist
redhat.
gov
com/
vuln
security/
detail
cve/CVE-
2017
2019-
18201
12900
hanyu ding
dinghanyu@chinamobile
wangyihui@chinamobile.com
LowNo; will not fixApproved
CVE-
2017
2019-
9525
16746IEC
TYPE3Ubuntu 18.04
Type 5

CentOS

8.2

https://
nvd
access.
nist
redhat.
gov
com/
vuln
security/
detail
cve/CVE-
2017
2019-
9525
16746
hanyu ding
dinghanyu@chinamobile
wangyihui@chinamobile.com
LowNo

Moderate

No; will not fixApproved
CVE-2019-
10160
14889IEC
TYPE3Ubuntu 18.04
Type 5

CentOS

8.2

https://
nvd
access.
nist
redhat.
gov
com/
vuln
security/
detail
cve/CVE-2019-
10160
14889
hanyu ding
dinghanyu@chinamobile
wangyihui@chinamobile.com
Low

Package: 

lowNo

libssh2 not affected

Package:  libssh fixed 11/3/2020 in RHSA-2020:4545

Approved; must apply update to next release
CVE-2019-
18276
17544IEC
TYPE3Ubuntu 18.04
Type 5

CentOS

8.2

https://
nvd
access.
nist
redhat.
gov
com/
vuln
security/
detail
cve/CVE-2019-
18276
17544
hanyu ding
dinghanyu@chinamobile
wangyihui@chinamobile.com
 lowNo

LowNo; will not fixApproved
CVE-
2020
2019-
27619IEC TYPE3Ubuntu 18
18604AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20.04https://
nvd
ubuntu.
nist.gov
com/
vuln
security/
detail/
CVE-
2020-27619hanyu dingdinghanyu@chinamobile.com low
2019-18604zhanghechun@baidu.com

Low

NoApproved
CVE-
2021
2020-
3177IEC Type3Ubuntu 18
14343AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20.04https://
nvd
ubuntu.
nist.gov
com/
vuln
security/
detail/
CVE-
2021-3177hanyu dingdinghanyu@chinamobile.com lowNo
2020-14343zhanghechun@baidu.com

Medium

NoApproved
CVE-
2016
2020-
9180IEC Type3Ubuntu 18
27619AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20.04https://
nvd
ubuntu.
nist.gov
com/
vuln
security/
detail/
CVE-
2016-9180hanyu ding dinghanyu@chinamobile.com LowNoCVE-2019-13103IEC Type3Ubuntu 18
2020-27619zhanghechun@baidu.com

Low

Specify version of Python being used.

Python 3.8 has a patch, other don't or not vulnerable on Ubuntu 20.04

Approved
CVE-2021-3177AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20.04https://
nvd.nist
ubuntu.
gov
com/
vuln
security/
detail/
CVE-
2019-13103hanyu dingdinghanyu@chinamobile.com lowNoCVE-2019-9948IEC Type3Ubuntu 18
2021-3177zhanghechun@baidu.com

Medium

Specify version of Python being used.

Python 3.8 has a patch, other don't or not vulnerable on Ubuntu 20.04

Approved
CVE-2016-9180AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20.04https://
nvd
ubuntu.
nist.gov
com/
vuln
security/
detail/
CVE-
2019-9948hanyu dingdinghanyu@chinamobile.com lowNo
2016-9180zhanghechun@baidu.com

Low

NoApproved