On Sun, Apr 10, 2022, 2:02 AM Steve Sakoman via lists.openembedded.org <[email protected]> wrote:
> Branch: master > > New this week: 4 CVEs > CVE-2019-1010238 (CVSS3: 9.8 CRITICAL): pango:pango-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010238 * > This seems to be an error in the database due to a recent update for this CVE entry. I requested a fix on Friday so hopefully this will disappear next week. Steve CVE-2022-1050 (CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1050 * > CVE-2022-1056 (CVSS3: 5.5 MEDIUM): tiff > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1056 * > CVE-2022-26280 (CVSS3: 9.1 CRITICAL): libarchive:libarchive-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26280 * > > Removed this week: 1 CVEs > CVE-2022-0943 (CVSS3: 7.8 HIGH): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0943 * > > Full list: Found 12 unpatched CVEs > CVE-2019-1010238 (CVSS3: 9.8 CRITICAL): pango:pango-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010238 * > CVE-2019-12067 (CVSS3: 6.5 MEDIUM): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067 * > CVE-2020-18974 (CVSS3: 3.3 LOW): nasm:nasm-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18974 * > CVE-2021-20255 (CVSS3: 5.5 MEDIUM): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255 * > CVE-2021-44647 (CVSS3: 5.5 MEDIUM): lua:lua-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44647 * > CVE-2022-0529 (CVSS3: 7.8 HIGH): unzip:unzip-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0529 * > CVE-2022-0530 (CVSS3: 7.8 HIGH): unzip:unzip-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0530 * > CVE-2022-1050 (CVSS3: 8.8 HIGH): qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1050 * > CVE-2022-1056 (CVSS3: 5.5 MEDIUM): tiff > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1056 * > CVE-2022-24975 (CVSS3: 7.5 HIGH): git > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24975 * > CVE-2022-26280 (CVSS3: 9.1 CRITICAL): libarchive:libarchive-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26280 * > CVE-2022-27191 (CVSS3: 7.5 HIGH): go > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27191 * > > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#164201): https://lists.openembedded.org/g/openembedded-core/message/164201 Mute This Topic: https://lists.openembedded.org/mt/90372797/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
