1.6.1+dfsg.3-2ubuntu1
Blueprints that have vulnerabilities with a CVSS score >= 9.0 and meet the following criteria should submit their information in the chart below to have the vulnerability considered for an exception:
- Running at least the minimum OS version required by the Akraino Security Sub-Committee
- Ubuntu
- CentOS
- Debian
- Fedora
- Suse Enterprise Server
Legend
Ubuntu Priority/Score Descriptions
Not Vulnerable | Packages which do not exist in the archive, are not affected by the vulnerability or have a fix applied in the archive. |
Pending | A fix has been applied and updated packages are awaiting arrival into the archive. For example, this might be used when wider testing is requested for the updated package. |
Unknown | Open vulnerability where the priority is currently unknown and needs to be triaged. |
Negligible | Open vulnerability that may be a problem but otherwise does not impose a security risk due to various factors. Examples include when the vulnerability is only theoretical in nature, requires a very special situation, has almost no install base or does no real damage. These typically will not receive security updates unless there is an easy fix and some other issue causes an update. |
Low | Open vulnerability that is a problem but does very little damage or is otherwise hard to exploit due to small user base or other factors such as requiring specific environment, uncommon configuration, user assistance, etc. These tend to be included in security updates only when higher priority issues require an update or if many low priority issues have built up. |
Medium | Open vulnerability that is a real problem and is exploitable for many users of the affected software. Examples include network daemon denial of service, cross-site scripting and gaining user privileges. |
High | Open vulnerability that is a real problem and is exploitable for many users in the default configuration of the affected software. Examples include serious remote denial of service of the system, local root privilege escalations or local data theft. |
Critical | Open vulnerability that is a world-burning problem and is exploitable for most Ubuntu users. Examples include remote root privilege escalations or remote data theft. |
CVE/KHV # | Blueprint | Blueprint OS/Ver | URL Showing OS Patch Not Available | Contact Name | Contact Email | Comment | Vendor CVSS Score | Vendor Patch Available | Exception Status |
---|---|---|---|---|---|---|---|---|---|
CVE-2016-1585 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2016-1585 | Colin Peters | colin.peters@fujitsu.com | Medium | No | Approved | |
CVE-2021-20236 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-20236 | colin.peters@fujitsu.com | Medium | No | Approved | ||
CVE-2021-31870 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-31870 | colin.peters@fujitsu.com | Low | No | Approved | ||
CVE-2021-31872 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-31872 | colin.peters@fujitsu.com | Low | No | Approved | ||
CVE-2021-31873 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-31873 | colin.peters@fujitsu.com | Low | No | Approved | ||
CVE-2021-33574 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-33574 | colin.peters@fujitsu.com | Low | No | Approved | ||
CVE-2021-45951 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-45951 | colin.peters@fujitsu.com | Medium | No | Approved | ||
CVE-2021-45952 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-45952 | colin.peters@fujitsu.com | Medium | No | Approved | ||
CVE-2021-45953 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-45953 | colin.peters@fujitsu.com | Medium | No | Approved | ||
CVE-2021-45954 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-45954 | colin.peters@fujitsu.com | Medium | No | Approved | ||
CVE-2021-45955 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-45955 | colin.peters@fujitsu.com | Medium | No | Approved | ||
CVE-2021-45956 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-45956 | colin.peters@fujitsu.com | Medium | No | Approved | ||
CVE-2021-45957 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-45957 | colin.peters@fujitsu.com | Medium | No | Approved | ||
CVE-2022-23218 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2022-23218 | colin.peters@fujitsu.com | Low | Reported fixed in 2.31-0ubuntu9.7 (installed), but still reported by Vuls. | Approved | ||
CVE-2022-23219 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2022-23219 | colin.peters@fujitsu.com | Low | Reported fixed in 2.31-0ubuntu9.7 (installed), but still reported by Vuls. | Approved | ||
CVE-2016-9180 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2016-9180 | colin.peters@fujitsu.com | Low | No | Approved | ||
CVE-2021-35942 | Smart Data Transaction for CPS | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-35942 | colin.peters@fujitsu.com | Low | Reported fixed in 2.31-0ubuntu9.7 (installed), but still reported by Vuls. | Approved | ||
CVE-2016-1585 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2016-1585 | Medium | No | Approved | |||
CVE-2017-18201 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2017-18201 | Low | No | Approved | |||
CVE-2017-7827 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2017-7827 | Medium | No | Approved | |||
CVE-2018-5090 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2018-5090 | inoue.reo@fujitsu.com | Medium | Reported fixed in 58 and later version (installed), but still reported by Vuls | Approved | ||
CVE-2018-5126 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2018-5126 | inoue.reo@fujitsu.com | Medium | Reported fixed in 58 and later version (installed), but still reported by Vuls | Approved | ||
CVE-2018-5145 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2018-5145 | inoue.reo@fujitsu.com | Medium | Reported fixed in 1:52.7.0 and later version (installed), but still reported by Vuls | Approved | ||
CVE-2018-5151 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2018-5151 | inoue.reo@fujitsu.com | Medium | Reported fixed in 60 and later version (installed), but still reported by Vuls | Approved | ||
CVE-2019-17041 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2019-17041 | inoue.reo@fujitsu.com | Low | No | Approved | ||
CVE-2019-17042 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2019-17042 | inoue.reo@fujitsu.com | Low | No | Approved | ||
CVE-2021-31870 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2021-31870 | inoue.reo@fujitsu.com | Low | No | Approved | ||
CVE-2021-31872 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2021-31872 | inoue.reo@fujitsu.com | Low | No | Approved | ||
CVE-2021-31873 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2021-31873 | inoue.reo@fujitsu.com | Low | No | Approved | ||
CVE-2021-39713 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2021-39713 | inoue.reo@fujitsu.com | Low | No | Approved | ||
CVE-2022-23852 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2022-23852 | inoue.reo@fujitsu.com | Medium | No | Approved | ||
CVE-2022-23990 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2022-23990 | inoue.reo@fujitsu.com | Medium | No | Approved | ||
CVE-2022-25235 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2022-25235 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2022-25236 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2022-25236 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2022-25315 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2022-25315 | inoue.reo@fujitsu.com | Medium | No | Approved | ||
CVE-2016-9180 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2016-9180 | inoue.reo@fujitsu.com | Low | No | Approved | ||
CVE-2019-20433 | Robot basic architecture based on SSES | Ubuntu 18.04 | https://ubuntu.com/security/CVE-2019-20433 | inoue.reo@fujitsu.com | Low | No | Approved | ||
CVE-2005-2541 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2005-2541 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2014-2830 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2014-2830 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2016-1585 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2016-1585 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2017-17479 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2017-17479 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2017-9117 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2017-9117 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2018-13410 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2018-13410 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2019-1010022 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2019-1010022 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2019-8341 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2019-8341 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2020-27619 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2020-27619 | inoue.reo@fujitsu.com | High | Approved | |||
CVE-2021-29462 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-29462 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-29921 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-29921 | inoue.reo@fujitsu.com | High | Reported fixed in python3.9 (installed), but still reported by Vuls | Approved | ||
CVE-2021-30473 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-30473 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-30474 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-30474 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-30475 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-30475 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-30498 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-30498 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-30499 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-30499 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-42377 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-42377 | inoue.reo@fujitsu.com | Medium | No | Approved | ||
CVE-2021-45951 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-45951 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-45952 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-45952 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-45953 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-45953 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-45954 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-45954 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-45955 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-45955 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2021-45956 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-45956 | inoue.reo@fujitsu.com | High | No | Approved | ||
CVE-2022-23303 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2022-23303 | inoue.reo@fujitsu.com | Medium | No | Approved | ||
CVE-2022-23304 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2022-23304 | inoue.reo@fujitsu.com | Medium | No | Approved | ||
CVE-2021-4048 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-4048 | inoue.reo@fujitsu.com | Medium | No | Approved | ||
CVE-2021-43400 | Robot basic architecture based on SSES | Raspberry Pi OS(Debian 11) | https://security-tracker.debian.org/tracker/CVE-2021-43400 | inoue.reo@fujitsu.com | Medium | No | Approved | ||
CVE-2021-33574 | ICN | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-33574 | Kuralamudhan Ramakrishnan (Deactivated) | kuralamudhan.ramakrishnan@intel.com | Low | No | Approved | |
CVE-2019-19814 | ICN | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2019-19814 | kuralamudhan.ramakrishnan@intel.com | Low | No | Approved | ||
CVE-2021-35942 | ICN | Ubuntu 20.04 | https://ubuntu.com/security/CVE-2021-35942 | kuralamudhan.ramakrishnan@intel.com | Vendor status is "Released" and ICN is using the referenced glibc version, however vuls is still reporting this. lsb_release -a; dpkg -l libc6 output: Distributor ID: Ubuntu Description: Ubuntu 20.04.4 LTS Release: 20.04 Codename: focal No LSB modules are available. Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-==============-===============-============-================================= ii libc6:amd64 2.31-0ubuntu9.7 amd64 GNU C Library: Shared libraries | Low | Yes | Approved | |
KHV044 | ELIOT - IOTGateway | khemendra.kumar@huawei.com | KHV044 - Privileged Container Calico pod is running in privileged Mode. Exception Reason: Calico deployed by manifest file, can not be set to non privileged mode. Here is a link regarding the Calico Privilege Mode issue. It seems after long time they have make option to disable recently but only if calico deployed with Calic Operator. In our ELIOT IOT Gateway BP, it is deployed by calico.yaml file. So due to Calico limitation, and our ustream project dependency on calico.yaml manifest file, we can not fix it. IN future, we can ask the upstream EdgeGallery community to use calico operator for deployment and if they use operator, then it will be able to fix in our BPs, | Approved | |||||
KHV044 | EALTEdge - Enterprise application on 5G light weight telco edge | khemendra.kumar@huawei.com | KHV044 - Privileged Container Calico pod is running in privileged Mode. Exception Reason: Calico deployed by manifest file, can not be set to non privileged mode. Here is a link regarding the Calico Privilege Mode issue. It seems after long time they have make option to disable recently but only if calico deployed with Calic Operator. In our EALTEdge BP, it is deployed by calico.yaml file. So due to Calico limitation, and our ustream project dependency on calico.yaml manifest file, we can not fix it. IN future, we can ask the upstream EdgeGallery community to use calico operator for deployment and if they use operator, then it will be able to fix in our BPs, | Approved | |||||
CAP_NET_RAW | EALTEdge - Enterprise application on 5G light weight telco edge | khemendra.kumar@huawei.com | CAP_NET_RAW Enabled For this BP, execption is approved in last release. plz refer last release exeception list | Approved | |||||
CVE-2017-12194 | IEC Type 3: Android cloud native applications on Arm servers in edge for Integrated Edge Cloud (IEC) Blueprint Family | Ubuntu 18.04 | https://ubuntu.com/security/cve-2017-12194 | Ysemi | rd-sw@ysemi.cn | lsb_release -a : No LSB modules are available. dpkg -l libspice-server1: Desired=Unknown/Install/Remove/Purge/Hold | Medium | No | |
CVE-2018-12892 | IEC Type 3: Android cloud native applications on Arm servers in edge for Integrated Edge Cloud (IEC) Blueprint Family | Ubuntu 18.04 | https://ubuntu.com/security/cve-2018-12892 | rd-sw@ysemi.cn | lsb_release -a : No LSB modules are available. sudo dpkg -l | grep xen ii libxen-4.9:arm64 4.9.2-0ubuntu1 arm64 Public libs for Xen | Medium | No | Approved | |
CVE-2019-17113 | IEC Type 3: Android cloud native applications on Arm servers in edge for Integrated Edge Cloud (IEC) Blueprint Family | Ubuntu 18.04 | https://ubuntu.com/security/cve-2019-17113 | Ysemi | rd-sw@ysemi.cn | lsb_release -a : No LSB modules are available. sudo dpkg -l libopenmpt-modplug1 Desired=Unknown/Install/Remove/Purge/Hold | Medium | No | Approved |
CVE-2019-19948 | IEC Type 3: Android cloud native applications on Arm servers in edge for Integrated Edge Cloud (IEC) Blueprint Family | Ubuntu 18.04 | https://ubuntu.com/security/cve-2019-19948 | rd-sw@ysemi.cn | lsb_release -a : No LSB modules are available. dpkg -l | grep magick ii imagemagick-6-common 8:6.9.7.4+dfsg-16ubuntu6.12 all image manipulation programs -- infrastructure magick -version: Version: ImageMagick 7.1.0-33 beta Q16-HDRI aarch64 a2b2c088f:20220430 https://imagemagick.org | Low | No | ||
CVE-2019-19949 | IEC Type 3: Android cloud native applications on Arm servers in edge for Integrated Edge Cloud (IEC) Blueprint Family | Ubuntu 18.04 | https://ubuntu.com/security/cve-2019-19949 | Ysemi | rd-sw@ysemi.cn | lsb_release -a : No LSB modules are available. dpkg -l | grep magick ii imagemagick-6-common 8:6.9.7.4+dfsg-16ubuntu6.12 all image manipulation programs -- infrastructure magick -version: Version: ImageMagick 7.1.0-33 beta Q16-HDRI aarch64 a2b2c088f:20220430 https://imagemagick.org | Low | No |