* CVE report - scarthgap - 2025-11-17
@ 2025-11-17 9:38 Gyorgy Sarvari
2025-11-18 11:14 ` [oe] " Ankur Tyagi
0 siblings, 1 reply; 3+ messages in thread
From: Gyorgy Sarvari @ 2025-11-17 9:38 UTC (permalink / raw)
To: openembedded-devel
List of all open CVEs (138, out of which new this week: 1):
- apache2: CVE-2025-3891: https://nvd.nist.gov/vuln/detail/CVE-2025-3891
- botan: CVE-2024-39312: https://nvd.nist.gov/vuln/detail/CVE-2024-39312
- botan: CVE-2024-50382: https://nvd.nist.gov/vuln/detail/CVE-2024-50382
- botan: CVE-2024-50383: https://nvd.nist.gov/vuln/detail/CVE-2024-50383
- dhrystone: CVE-2020-23026: https://nvd.nist.gov/vuln/detail/CVE-2020-23026
- emacs: CVE-2024-53920: https://nvd.nist.gov/vuln/detail/CVE-2024-53920
- ez-ipupdate: CVE-2003-0887: https://nvd.nist.gov/vuln/detail/CVE-2003-0887
- freerdp3: CVE-2025-4478: https://nvd.nist.gov/vuln/detail/CVE-2025-4478
- [NEW] frr: CVE-2024-44070: https://nvd.nist.gov/vuln/detail/CVE-2024-44070
- frr: CVE-2025-61099: https://nvd.nist.gov/vuln/detail/CVE-2025-61099
- frr: CVE-2025-61100: https://nvd.nist.gov/vuln/detail/CVE-2025-61100
- frr: CVE-2025-61101: https://nvd.nist.gov/vuln/detail/CVE-2025-61101
- frr: CVE-2025-61102: https://nvd.nist.gov/vuln/detail/CVE-2025-61102
- frr: CVE-2025-61103: https://nvd.nist.gov/vuln/detail/CVE-2025-61103
- frr: CVE-2025-61104: https://nvd.nist.gov/vuln/detail/CVE-2025-61104
- frr: CVE-2025-61105: https://nvd.nist.gov/vuln/detail/CVE-2025-61105
- frr: CVE-2025-61106: https://nvd.nist.gov/vuln/detail/CVE-2025-61106
- frr: CVE-2025-61107: https://nvd.nist.gov/vuln/detail/CVE-2025-61107
- giflib: CVE-2024-45993: https://nvd.nist.gov/vuln/detail/CVE-2024-45993
- gimp: CVE-2007-3741: https://nvd.nist.gov/vuln/detail/CVE-2007-3741
- gimp: CVE-2025-5473: https://nvd.nist.gov/vuln/detail/CVE-2025-5473
- hdf5: CVE-2025-2912: https://nvd.nist.gov/vuln/detail/CVE-2025-2912
- hdf5: CVE-2025-2926: https://nvd.nist.gov/vuln/detail/CVE-2025-2926
- hdf5: CVE-2025-6270: https://nvd.nist.gov/vuln/detail/CVE-2025-6270
- id3lib: CVE-2007-4460: https://nvd.nist.gov/vuln/detail/CVE-2007-4460
- imagemagick: CVE-2023-5341: https://nvd.nist.gov/vuln/detail/CVE-2023-5341
- imagemagick: CVE-2024-41817: https://nvd.nist.gov/vuln/detail/CVE-2024-41817
- imagemagick: CVE-2025-53014: https://nvd.nist.gov/vuln/detail/CVE-2025-53014
- imagemagick: CVE-2025-53015: https://nvd.nist.gov/vuln/detail/CVE-2025-53015
- imagemagick: CVE-2025-53019: https://nvd.nist.gov/vuln/detail/CVE-2025-53019
- imagemagick: CVE-2025-53101: https://nvd.nist.gov/vuln/detail/CVE-2025-53101
- imagemagick: CVE-2025-55004: https://nvd.nist.gov/vuln/detail/CVE-2025-55004
- imagemagick: CVE-2025-55005: https://nvd.nist.gov/vuln/detail/CVE-2025-55005
- imagemagick: CVE-2025-55154: https://nvd.nist.gov/vuln/detail/CVE-2025-55154
- imagemagick: CVE-2025-55160: https://nvd.nist.gov/vuln/detail/CVE-2025-55160
- imagemagick: CVE-2025-55212: https://nvd.nist.gov/vuln/detail/CVE-2025-55212
- imagemagick: CVE-2025-55298: https://nvd.nist.gov/vuln/detail/CVE-2025-55298
- imagemagick: CVE-2025-57803: https://nvd.nist.gov/vuln/detail/CVE-2025-57803
- imagemagick: CVE-2025-57807: https://nvd.nist.gov/vuln/detail/CVE-2025-57807
- imagemagick: CVE-2025-62171: https://nvd.nist.gov/vuln/detail/CVE-2025-62171
- imagemagick: CVE-2025-62594: https://nvd.nist.gov/vuln/detail/CVE-2025-62594
- iptraf-ng: CVE-2024-52949: https://nvd.nist.gov/vuln/detail/CVE-2024-52949
- libao: CVE-2017-11548: https://nvd.nist.gov/vuln/detail/CVE-2017-11548
- libavif: CVE-2025-48174: https://nvd.nist.gov/vuln/detail/CVE-2025-48174
- libcdio: CVE-2024-36600: https://nvd.nist.gov/vuln/detail/CVE-2024-36600
- libmemcached: CVE-2023-27478: https://nvd.nist.gov/vuln/detail/CVE-2023-27478
- libtar: CVE-2013-4420: https://nvd.nist.gov/vuln/detail/CVE-2013-4420
- libtar: CVE-2021-33643: https://nvd.nist.gov/vuln/detail/CVE-2021-33643
- libtar: CVE-2021-33644: https://nvd.nist.gov/vuln/detail/CVE-2021-33644
- libtar: CVE-2021-33645: https://nvd.nist.gov/vuln/detail/CVE-2021-33645
- libtar: CVE-2021-33646: https://nvd.nist.gov/vuln/detail/CVE-2021-33646
- libvpx: CVE-2024-5197: https://nvd.nist.gov/vuln/detail/CVE-2024-5197
- libwmf: CVE-2009-1364: https://nvd.nist.gov/vuln/detail/CVE-2009-1364
- libwmf: CVE-2015-0848: https://nvd.nist.gov/vuln/detail/CVE-2015-0848
- libwmf: CVE-2015-4588: https://nvd.nist.gov/vuln/detail/CVE-2015-4588
- libwmf: CVE-2015-4695: https://nvd.nist.gov/vuln/detail/CVE-2015-4695
- libwmf: CVE-2015-4696: https://nvd.nist.gov/vuln/detail/CVE-2015-4696
- libwmf: CVE-2016-9011: https://nvd.nist.gov/vuln/detail/CVE-2016-9011
- links: CVE-2008-3319: https://nvd.nist.gov/vuln/detail/CVE-2008-3319
- linuxptp: CVE-2024-42861: https://nvd.nist.gov/vuln/detail/CVE-2024-42861
- minio: CVE-2018-1000538: https://nvd.nist.gov/vuln/detail/CVE-2018-1000538
- minio: CVE-2020-11012: https://nvd.nist.gov/vuln/detail/CVE-2020-11012
- minio: CVE-2021-21287: https://nvd.nist.gov/vuln/detail/CVE-2021-21287
- minio: CVE-2021-21362: https://nvd.nist.gov/vuln/detail/CVE-2021-21362
- minio: CVE-2021-21390: https://nvd.nist.gov/vuln/detail/CVE-2021-21390
- minio: CVE-2021-43858: https://nvd.nist.gov/vuln/detail/CVE-2021-43858
- minio: CVE-2022-35919: https://nvd.nist.gov/vuln/detail/CVE-2022-35919
- minio: CVE-2023-28433: https://nvd.nist.gov/vuln/detail/CVE-2023-28433
- minio: CVE-2023-28434: https://nvd.nist.gov/vuln/detail/CVE-2023-28434
- nbdkit: CVE-2025-47711: https://nvd.nist.gov/vuln/detail/CVE-2025-47711
- nbdkit: CVE-2025-47712: https://nvd.nist.gov/vuln/detail/CVE-2025-47712
- openflow: CVE-2018-1000155: https://nvd.nist.gov/vuln/detail/CVE-2018-1000155
- openjpeg: CVE-2023-39327: https://nvd.nist.gov/vuln/detail/CVE-2023-39327
- openjpeg: CVE-2023-39328: https://nvd.nist.gov/vuln/detail/CVE-2023-39328
- openjpeg: CVE-2023-39329: https://nvd.nist.gov/vuln/detail/CVE-2023-39329
- opusfile: CVE-2022-47021: https://nvd.nist.gov/vuln/detail/CVE-2022-47021
- p7zip: CVE-2022-47069: https://nvd.nist.gov/vuln/detail/CVE-2022-47069
- pidgin: CVE-2022-26491: https://nvd.nist.gov/vuln/detail/CVE-2022-26491
- proftpd: CVE-2023-48795: https://nvd.nist.gov/vuln/detail/CVE-2023-48795
- redis: CVE-2022-0543: https://nvd.nist.gov/vuln/detail/CVE-2022-0543
- redis: CVE-2025-27151: https://nvd.nist.gov/vuln/detail/CVE-2025-27151
- sassc: CVE-2022-43357: https://nvd.nist.gov/vuln/detail/CVE-2022-43357
- smarty: CVE-2020-10375: https://nvd.nist.gov/vuln/detail/CVE-2020-10375
- sngrep: CVE-2024-35434: https://nvd.nist.gov/vuln/detail/CVE-2024-35434
- spice: CVE-2016-0749: https://nvd.nist.gov/vuln/detail/CVE-2016-0749
- spice: CVE-2016-2150: https://nvd.nist.gov/vuln/detail/CVE-2016-2150
- spice-gtk: CVE-2012-4425: https://nvd.nist.gov/vuln/detail/CVE-2012-4425
- sthttpd: CVE-2021-26843: https://nvd.nist.gov/vuln/detail/CVE-2021-26843
- synergy: CVE-2020-15117: https://nvd.nist.gov/vuln/detail/CVE-2020-15117
- tcpreplay: CVE-2025-9384: https://nvd.nist.gov/vuln/detail/CVE-2025-9384
- tcpreplay: CVE-2025-9385: https://nvd.nist.gov/vuln/detail/CVE-2025-9385
- tcpreplay: CVE-2025-9386: https://nvd.nist.gov/vuln/detail/CVE-2025-9386
- uw-imap: CVE-2018-19518: https://nvd.nist.gov/vuln/detail/CVE-2018-19518
- webkitgtk3: CVE-2025-6558: https://nvd.nist.gov/vuln/detail/CVE-2025-6558
- webmin: CVE-2017-15644: https://nvd.nist.gov/vuln/detail/CVE-2017-15644
- webmin: CVE-2017-15645: https://nvd.nist.gov/vuln/detail/CVE-2017-15645
- webmin: CVE-2017-15646: https://nvd.nist.gov/vuln/detail/CVE-2017-15646
- webmin: CVE-2017-17089: https://nvd.nist.gov/vuln/detail/CVE-2017-17089
- webmin: CVE-2019-12840: https://nvd.nist.gov/vuln/detail/CVE-2019-12840
- webmin: CVE-2019-15107: https://nvd.nist.gov/vuln/detail/CVE-2019-15107
- webmin: CVE-2019-15641: https://nvd.nist.gov/vuln/detail/CVE-2019-15641
- webmin: CVE-2019-15642: https://nvd.nist.gov/vuln/detail/CVE-2019-15642
- webmin: CVE-2020-12670: https://nvd.nist.gov/vuln/detail/CVE-2020-12670
- webmin: CVE-2020-35606: https://nvd.nist.gov/vuln/detail/CVE-2020-35606
- webmin: CVE-2020-8820: https://nvd.nist.gov/vuln/detail/CVE-2020-8820
- webmin: CVE-2020-8821: https://nvd.nist.gov/vuln/detail/CVE-2020-8821
- webmin: CVE-2022-0824: https://nvd.nist.gov/vuln/detail/CVE-2022-0824
- webmin: CVE-2022-0829: https://nvd.nist.gov/vuln/detail/CVE-2022-0829
- webmin: CVE-2022-30708: https://nvd.nist.gov/vuln/detail/CVE-2022-30708
- webmin: CVE-2022-36446: https://nvd.nist.gov/vuln/detail/CVE-2022-36446
- webmin: CVE-2023-43309: https://nvd.nist.gov/vuln/detail/CVE-2023-43309
- webmin: CVE-2023-52046: https://nvd.nist.gov/vuln/detail/CVE-2023-52046
- webmin: CVE-2024-36450: https://nvd.nist.gov/vuln/detail/CVE-2024-36450
- webmin: CVE-2024-36451: https://nvd.nist.gov/vuln/detail/CVE-2024-36451
- webmin: CVE-2024-36452: https://nvd.nist.gov/vuln/detail/CVE-2024-36452
- webmin: CVE-2024-36453: https://nvd.nist.gov/vuln/detail/CVE-2024-36453
- webmin: CVE-2024-45692: https://nvd.nist.gov/vuln/detail/CVE-2024-45692
- weechat: CVE-2024-46613: https://nvd.nist.gov/vuln/detail/CVE-2024-46613
- yasm: CVE-2021-33454: https://nvd.nist.gov/vuln/detail/CVE-2021-33454
- yasm: CVE-2021-33455: https://nvd.nist.gov/vuln/detail/CVE-2021-33455
- yasm: CVE-2021-33456: https://nvd.nist.gov/vuln/detail/CVE-2021-33456
- yasm: CVE-2021-33457: https://nvd.nist.gov/vuln/detail/CVE-2021-33457
- yasm: CVE-2021-33458: https://nvd.nist.gov/vuln/detail/CVE-2021-33458
- yasm: CVE-2021-33459: https://nvd.nist.gov/vuln/detail/CVE-2021-33459
- yasm: CVE-2021-33460: https://nvd.nist.gov/vuln/detail/CVE-2021-33460
- yasm: CVE-2021-33461: https://nvd.nist.gov/vuln/detail/CVE-2021-33461
- yasm: CVE-2021-33462: https://nvd.nist.gov/vuln/detail/CVE-2021-33462
- yasm: CVE-2021-33463: https://nvd.nist.gov/vuln/detail/CVE-2021-33463
- yasm: CVE-2021-33464: https://nvd.nist.gov/vuln/detail/CVE-2021-33464
- yasm: CVE-2021-33465: https://nvd.nist.gov/vuln/detail/CVE-2021-33465
- yasm: CVE-2021-33466: https://nvd.nist.gov/vuln/detail/CVE-2021-33466
- yasm: CVE-2021-33467: https://nvd.nist.gov/vuln/detail/CVE-2021-33467
- yasm: CVE-2021-33468: https://nvd.nist.gov/vuln/detail/CVE-2021-33468
- yasm: CVE-2023-30402: https://nvd.nist.gov/vuln/detail/CVE-2023-30402
- yasm: CVE-2023-31972: https://nvd.nist.gov/vuln/detail/CVE-2023-31972
- yasm: CVE-2023-31973: https://nvd.nist.gov/vuln/detail/CVE-2023-31973
- yasm: CVE-2023-31974: https://nvd.nist.gov/vuln/detail/CVE-2023-31974
- yasm: CVE-2023-51258: https://nvd.nist.gov/vuln/detail/CVE-2023-51258
====================
Removed this week (18):
- audiofile: CVE-2018-13440: https://nvd.nist.gov/vuln/detail/CVE-2018-13440
- audiofile: CVE-2018-17095: https://nvd.nist.gov/vuln/detail/CVE-2018-17095
- audiofile: CVE-2019-13147: https://nvd.nist.gov/vuln/detail/CVE-2019-13147
- audiofile: CVE-2020-18781: https://nvd.nist.gov/vuln/detail/CVE-2020-18781
- audiofile: CVE-2022-24599: https://nvd.nist.gov/vuln/detail/CVE-2022-24599
- hostapd: CVE-2022-37660: https://nvd.nist.gov/vuln/detail/CVE-2022-37660
- jasper: CVE-2023-51257: https://nvd.nist.gov/vuln/detail/CVE-2023-51257
- proftpd: CVE-2001-0027: https://nvd.nist.gov/vuln/detail/CVE-2001-0027
- pure-ftpd: CVE-2024-48208: https://nvd.nist.gov/vuln/detail/CVE-2024-48208
- redis: CVE-2022-3734: https://nvd.nist.gov/vuln/detail/CVE-2022-3734
- redis: CVE-2025-21605: https://nvd.nist.gov/vuln/detail/CVE-2025-21605
- redis: CVE-2025-46817: https://nvd.nist.gov/vuln/detail/CVE-2025-46817
- redis: CVE-2025-46818: https://nvd.nist.gov/vuln/detail/CVE-2025-46818
- redis: CVE-2025-46819: https://nvd.nist.gov/vuln/detail/CVE-2025-46819
- rsyslog: CVE-2015-3243: https://nvd.nist.gov/vuln/detail/CVE-2015-3243
- rtmpdump: CVE-2015-8270: https://nvd.nist.gov/vuln/detail/CVE-2015-8270
- rtmpdump: CVE-2015-8271: https://nvd.nist.gov/vuln/detail/CVE-2015-8271
- rtmpdump: CVE-2015-8272: https://nvd.nist.gov/vuln/detail/CVE-2015-8272
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [oe] CVE report - scarthgap - 2025-11-17
2025-11-17 9:38 CVE report - scarthgap - 2025-11-17 Gyorgy Sarvari
@ 2025-11-18 11:14 ` Ankur Tyagi
2025-11-18 11:22 ` Gyorgy Sarvari
0 siblings, 1 reply; 3+ messages in thread
From: Ankur Tyagi @ 2025-11-18 11:14 UTC (permalink / raw)
To: skandigraun; +Cc: openembedded-devel
Hi Gyorgy,
On Mon, Nov 17, 2025 at 10:38 PM Gyorgy Sarvari via
lists.openembedded.org <skandigraun=gmail.com@lists.openembedded.org>
wrote:
>
> List of all open CVEs (138, out of which new this week: 1):
>
> - apache2: CVE-2025-3891: https://nvd.nist.gov/vuln/detail/CVE-2025-3891
> - botan: CVE-2024-39312: https://nvd.nist.gov/vuln/detail/CVE-2024-39312
> - botan: CVE-2024-50382: https://nvd.nist.gov/vuln/detail/CVE-2024-50382
> - botan: CVE-2024-50383: https://nvd.nist.gov/vuln/detail/CVE-2024-50383
> - dhrystone: CVE-2020-23026: https://nvd.nist.gov/vuln/detail/CVE-2020-23026
> - emacs: CVE-2024-53920: https://nvd.nist.gov/vuln/detail/CVE-2024-53920
> - ez-ipupdate: CVE-2003-0887: https://nvd.nist.gov/vuln/detail/CVE-2003-0887
> - freerdp3: CVE-2025-4478: https://nvd.nist.gov/vuln/detail/CVE-2025-4478
> - [NEW] frr: CVE-2024-44070: https://nvd.nist.gov/vuln/detail/CVE-2024-44070
This CVE was fixed in version 9.1.2
(https://github.com/FRRouting/frr/releases/tag/frr-9.1.2) and current
recipe version is 9.1.3
I believe CPE is incorrect in this case
(https://nvd.nist.gov/vuln/search#/nvd/home?cpeFilterMode=cpe&cpeName=cpe:2.3:a:frrouting:frrouting:9.1.3:*:*:*:*:*:*:*&resultType=records)
If we agree then I'll send a patch for this.
> - frr: CVE-2025-61099: https://nvd.nist.gov/vuln/detail/CVE-2025-61099
> - frr: CVE-2025-61100: https://nvd.nist.gov/vuln/detail/CVE-2025-61100
> - frr: CVE-2025-61101: https://nvd.nist.gov/vuln/detail/CVE-2025-61101
> - frr: CVE-2025-61102: https://nvd.nist.gov/vuln/detail/CVE-2025-61102
> - frr: CVE-2025-61103: https://nvd.nist.gov/vuln/detail/CVE-2025-61103
> - frr: CVE-2025-61104: https://nvd.nist.gov/vuln/detail/CVE-2025-61104
> - frr: CVE-2025-61105: https://nvd.nist.gov/vuln/detail/CVE-2025-61105
> - frr: CVE-2025-61106: https://nvd.nist.gov/vuln/detail/CVE-2025-61106
> - frr: CVE-2025-61107: https://nvd.nist.gov/vuln/detail/CVE-2025-61107
> - giflib: CVE-2024-45993: https://nvd.nist.gov/vuln/detail/CVE-2024-45993
> - gimp: CVE-2007-3741: https://nvd.nist.gov/vuln/detail/CVE-2007-3741
> - gimp: CVE-2025-5473: https://nvd.nist.gov/vuln/detail/CVE-2025-5473
> - hdf5: CVE-2025-2912: https://nvd.nist.gov/vuln/detail/CVE-2025-2912
> - hdf5: CVE-2025-2926: https://nvd.nist.gov/vuln/detail/CVE-2025-2926
> - hdf5: CVE-2025-6270: https://nvd.nist.gov/vuln/detail/CVE-2025-6270
> - id3lib: CVE-2007-4460: https://nvd.nist.gov/vuln/detail/CVE-2007-4460
> - imagemagick: CVE-2023-5341: https://nvd.nist.gov/vuln/detail/CVE-2023-5341
> - imagemagick: CVE-2024-41817: https://nvd.nist.gov/vuln/detail/CVE-2024-41817
> - imagemagick: CVE-2025-53014: https://nvd.nist.gov/vuln/detail/CVE-2025-53014
> - imagemagick: CVE-2025-53015: https://nvd.nist.gov/vuln/detail/CVE-2025-53015
> - imagemagick: CVE-2025-53019: https://nvd.nist.gov/vuln/detail/CVE-2025-53019
> - imagemagick: CVE-2025-53101: https://nvd.nist.gov/vuln/detail/CVE-2025-53101
> - imagemagick: CVE-2025-55004: https://nvd.nist.gov/vuln/detail/CVE-2025-55004
> - imagemagick: CVE-2025-55005: https://nvd.nist.gov/vuln/detail/CVE-2025-55005
> - imagemagick: CVE-2025-55154: https://nvd.nist.gov/vuln/detail/CVE-2025-55154
> - imagemagick: CVE-2025-55160: https://nvd.nist.gov/vuln/detail/CVE-2025-55160
> - imagemagick: CVE-2025-55212: https://nvd.nist.gov/vuln/detail/CVE-2025-55212
> - imagemagick: CVE-2025-55298: https://nvd.nist.gov/vuln/detail/CVE-2025-55298
> - imagemagick: CVE-2025-57803: https://nvd.nist.gov/vuln/detail/CVE-2025-57803
> - imagemagick: CVE-2025-57807: https://nvd.nist.gov/vuln/detail/CVE-2025-57807
> - imagemagick: CVE-2025-62171: https://nvd.nist.gov/vuln/detail/CVE-2025-62171
> - imagemagick: CVE-2025-62594: https://nvd.nist.gov/vuln/detail/CVE-2025-62594
> - iptraf-ng: CVE-2024-52949: https://nvd.nist.gov/vuln/detail/CVE-2024-52949
> - libao: CVE-2017-11548: https://nvd.nist.gov/vuln/detail/CVE-2017-11548
> - libavif: CVE-2025-48174: https://nvd.nist.gov/vuln/detail/CVE-2025-48174
> - libcdio: CVE-2024-36600: https://nvd.nist.gov/vuln/detail/CVE-2024-36600
> - libmemcached: CVE-2023-27478: https://nvd.nist.gov/vuln/detail/CVE-2023-27478
> - libtar: CVE-2013-4420: https://nvd.nist.gov/vuln/detail/CVE-2013-4420
> - libtar: CVE-2021-33643: https://nvd.nist.gov/vuln/detail/CVE-2021-33643
> - libtar: CVE-2021-33644: https://nvd.nist.gov/vuln/detail/CVE-2021-33644
> - libtar: CVE-2021-33645: https://nvd.nist.gov/vuln/detail/CVE-2021-33645
> - libtar: CVE-2021-33646: https://nvd.nist.gov/vuln/detail/CVE-2021-33646
> - libvpx: CVE-2024-5197: https://nvd.nist.gov/vuln/detail/CVE-2024-5197
> - libwmf: CVE-2009-1364: https://nvd.nist.gov/vuln/detail/CVE-2009-1364
> - libwmf: CVE-2015-0848: https://nvd.nist.gov/vuln/detail/CVE-2015-0848
> - libwmf: CVE-2015-4588: https://nvd.nist.gov/vuln/detail/CVE-2015-4588
> - libwmf: CVE-2015-4695: https://nvd.nist.gov/vuln/detail/CVE-2015-4695
> - libwmf: CVE-2015-4696: https://nvd.nist.gov/vuln/detail/CVE-2015-4696
> - libwmf: CVE-2016-9011: https://nvd.nist.gov/vuln/detail/CVE-2016-9011
> - links: CVE-2008-3319: https://nvd.nist.gov/vuln/detail/CVE-2008-3319
> - linuxptp: CVE-2024-42861: https://nvd.nist.gov/vuln/detail/CVE-2024-42861
> - minio: CVE-2018-1000538: https://nvd.nist.gov/vuln/detail/CVE-2018-1000538
> - minio: CVE-2020-11012: https://nvd.nist.gov/vuln/detail/CVE-2020-11012
> - minio: CVE-2021-21287: https://nvd.nist.gov/vuln/detail/CVE-2021-21287
> - minio: CVE-2021-21362: https://nvd.nist.gov/vuln/detail/CVE-2021-21362
> - minio: CVE-2021-21390: https://nvd.nist.gov/vuln/detail/CVE-2021-21390
> - minio: CVE-2021-43858: https://nvd.nist.gov/vuln/detail/CVE-2021-43858
> - minio: CVE-2022-35919: https://nvd.nist.gov/vuln/detail/CVE-2022-35919
> - minio: CVE-2023-28433: https://nvd.nist.gov/vuln/detail/CVE-2023-28433
> - minio: CVE-2023-28434: https://nvd.nist.gov/vuln/detail/CVE-2023-28434
> - nbdkit: CVE-2025-47711: https://nvd.nist.gov/vuln/detail/CVE-2025-47711
> - nbdkit: CVE-2025-47712: https://nvd.nist.gov/vuln/detail/CVE-2025-47712
> - openflow: CVE-2018-1000155: https://nvd.nist.gov/vuln/detail/CVE-2018-1000155
> - openjpeg: CVE-2023-39327: https://nvd.nist.gov/vuln/detail/CVE-2023-39327
> - openjpeg: CVE-2023-39328: https://nvd.nist.gov/vuln/detail/CVE-2023-39328
> - openjpeg: CVE-2023-39329: https://nvd.nist.gov/vuln/detail/CVE-2023-39329
> - opusfile: CVE-2022-47021: https://nvd.nist.gov/vuln/detail/CVE-2022-47021
> - p7zip: CVE-2022-47069: https://nvd.nist.gov/vuln/detail/CVE-2022-47069
> - pidgin: CVE-2022-26491: https://nvd.nist.gov/vuln/detail/CVE-2022-26491
> - proftpd: CVE-2023-48795: https://nvd.nist.gov/vuln/detail/CVE-2023-48795
> - redis: CVE-2022-0543: https://nvd.nist.gov/vuln/detail/CVE-2022-0543
> - redis: CVE-2025-27151: https://nvd.nist.gov/vuln/detail/CVE-2025-27151
> - sassc: CVE-2022-43357: https://nvd.nist.gov/vuln/detail/CVE-2022-43357
> - smarty: CVE-2020-10375: https://nvd.nist.gov/vuln/detail/CVE-2020-10375
> - sngrep: CVE-2024-35434: https://nvd.nist.gov/vuln/detail/CVE-2024-35434
> - spice: CVE-2016-0749: https://nvd.nist.gov/vuln/detail/CVE-2016-0749
> - spice: CVE-2016-2150: https://nvd.nist.gov/vuln/detail/CVE-2016-2150
> - spice-gtk: CVE-2012-4425: https://nvd.nist.gov/vuln/detail/CVE-2012-4425
> - sthttpd: CVE-2021-26843: https://nvd.nist.gov/vuln/detail/CVE-2021-26843
> - synergy: CVE-2020-15117: https://nvd.nist.gov/vuln/detail/CVE-2020-15117
> - tcpreplay: CVE-2025-9384: https://nvd.nist.gov/vuln/detail/CVE-2025-9384
> - tcpreplay: CVE-2025-9385: https://nvd.nist.gov/vuln/detail/CVE-2025-9385
> - tcpreplay: CVE-2025-9386: https://nvd.nist.gov/vuln/detail/CVE-2025-9386
> - uw-imap: CVE-2018-19518: https://nvd.nist.gov/vuln/detail/CVE-2018-19518
> - webkitgtk3: CVE-2025-6558: https://nvd.nist.gov/vuln/detail/CVE-2025-6558
> - webmin: CVE-2017-15644: https://nvd.nist.gov/vuln/detail/CVE-2017-15644
> - webmin: CVE-2017-15645: https://nvd.nist.gov/vuln/detail/CVE-2017-15645
> - webmin: CVE-2017-15646: https://nvd.nist.gov/vuln/detail/CVE-2017-15646
> - webmin: CVE-2017-17089: https://nvd.nist.gov/vuln/detail/CVE-2017-17089
> - webmin: CVE-2019-12840: https://nvd.nist.gov/vuln/detail/CVE-2019-12840
> - webmin: CVE-2019-15107: https://nvd.nist.gov/vuln/detail/CVE-2019-15107
> - webmin: CVE-2019-15641: https://nvd.nist.gov/vuln/detail/CVE-2019-15641
> - webmin: CVE-2019-15642: https://nvd.nist.gov/vuln/detail/CVE-2019-15642
> - webmin: CVE-2020-12670: https://nvd.nist.gov/vuln/detail/CVE-2020-12670
> - webmin: CVE-2020-35606: https://nvd.nist.gov/vuln/detail/CVE-2020-35606
> - webmin: CVE-2020-8820: https://nvd.nist.gov/vuln/detail/CVE-2020-8820
> - webmin: CVE-2020-8821: https://nvd.nist.gov/vuln/detail/CVE-2020-8821
> - webmin: CVE-2022-0824: https://nvd.nist.gov/vuln/detail/CVE-2022-0824
> - webmin: CVE-2022-0829: https://nvd.nist.gov/vuln/detail/CVE-2022-0829
> - webmin: CVE-2022-30708: https://nvd.nist.gov/vuln/detail/CVE-2022-30708
> - webmin: CVE-2022-36446: https://nvd.nist.gov/vuln/detail/CVE-2022-36446
> - webmin: CVE-2023-43309: https://nvd.nist.gov/vuln/detail/CVE-2023-43309
> - webmin: CVE-2023-52046: https://nvd.nist.gov/vuln/detail/CVE-2023-52046
> - webmin: CVE-2024-36450: https://nvd.nist.gov/vuln/detail/CVE-2024-36450
> - webmin: CVE-2024-36451: https://nvd.nist.gov/vuln/detail/CVE-2024-36451
> - webmin: CVE-2024-36452: https://nvd.nist.gov/vuln/detail/CVE-2024-36452
> - webmin: CVE-2024-36453: https://nvd.nist.gov/vuln/detail/CVE-2024-36453
> - webmin: CVE-2024-45692: https://nvd.nist.gov/vuln/detail/CVE-2024-45692
> - weechat: CVE-2024-46613: https://nvd.nist.gov/vuln/detail/CVE-2024-46613
> - yasm: CVE-2021-33454: https://nvd.nist.gov/vuln/detail/CVE-2021-33454
> - yasm: CVE-2021-33455: https://nvd.nist.gov/vuln/detail/CVE-2021-33455
> - yasm: CVE-2021-33456: https://nvd.nist.gov/vuln/detail/CVE-2021-33456
> - yasm: CVE-2021-33457: https://nvd.nist.gov/vuln/detail/CVE-2021-33457
> - yasm: CVE-2021-33458: https://nvd.nist.gov/vuln/detail/CVE-2021-33458
> - yasm: CVE-2021-33459: https://nvd.nist.gov/vuln/detail/CVE-2021-33459
> - yasm: CVE-2021-33460: https://nvd.nist.gov/vuln/detail/CVE-2021-33460
> - yasm: CVE-2021-33461: https://nvd.nist.gov/vuln/detail/CVE-2021-33461
> - yasm: CVE-2021-33462: https://nvd.nist.gov/vuln/detail/CVE-2021-33462
> - yasm: CVE-2021-33463: https://nvd.nist.gov/vuln/detail/CVE-2021-33463
> - yasm: CVE-2021-33464: https://nvd.nist.gov/vuln/detail/CVE-2021-33464
> - yasm: CVE-2021-33465: https://nvd.nist.gov/vuln/detail/CVE-2021-33465
> - yasm: CVE-2021-33466: https://nvd.nist.gov/vuln/detail/CVE-2021-33466
> - yasm: CVE-2021-33467: https://nvd.nist.gov/vuln/detail/CVE-2021-33467
> - yasm: CVE-2021-33468: https://nvd.nist.gov/vuln/detail/CVE-2021-33468
> - yasm: CVE-2023-30402: https://nvd.nist.gov/vuln/detail/CVE-2023-30402
> - yasm: CVE-2023-31972: https://nvd.nist.gov/vuln/detail/CVE-2023-31972
> - yasm: CVE-2023-31973: https://nvd.nist.gov/vuln/detail/CVE-2023-31973
> - yasm: CVE-2023-31974: https://nvd.nist.gov/vuln/detail/CVE-2023-31974
> - yasm: CVE-2023-51258: https://nvd.nist.gov/vuln/detail/CVE-2023-51258
>
> ====================
>
> Removed this week (18):
>
> - audiofile: CVE-2018-13440: https://nvd.nist.gov/vuln/detail/CVE-2018-13440
> - audiofile: CVE-2018-17095: https://nvd.nist.gov/vuln/detail/CVE-2018-17095
> - audiofile: CVE-2019-13147: https://nvd.nist.gov/vuln/detail/CVE-2019-13147
> - audiofile: CVE-2020-18781: https://nvd.nist.gov/vuln/detail/CVE-2020-18781
> - audiofile: CVE-2022-24599: https://nvd.nist.gov/vuln/detail/CVE-2022-24599
> - hostapd: CVE-2022-37660: https://nvd.nist.gov/vuln/detail/CVE-2022-37660
> - jasper: CVE-2023-51257: https://nvd.nist.gov/vuln/detail/CVE-2023-51257
> - proftpd: CVE-2001-0027: https://nvd.nist.gov/vuln/detail/CVE-2001-0027
> - pure-ftpd: CVE-2024-48208: https://nvd.nist.gov/vuln/detail/CVE-2024-48208
> - redis: CVE-2022-3734: https://nvd.nist.gov/vuln/detail/CVE-2022-3734
> - redis: CVE-2025-21605: https://nvd.nist.gov/vuln/detail/CVE-2025-21605
> - redis: CVE-2025-46817: https://nvd.nist.gov/vuln/detail/CVE-2025-46817
> - redis: CVE-2025-46818: https://nvd.nist.gov/vuln/detail/CVE-2025-46818
> - redis: CVE-2025-46819: https://nvd.nist.gov/vuln/detail/CVE-2025-46819
> - rsyslog: CVE-2015-3243: https://nvd.nist.gov/vuln/detail/CVE-2015-3243
> - rtmpdump: CVE-2015-8270: https://nvd.nist.gov/vuln/detail/CVE-2015-8270
> - rtmpdump: CVE-2015-8271: https://nvd.nist.gov/vuln/detail/CVE-2015-8271
> - rtmpdump: CVE-2015-8272: https://nvd.nist.gov/vuln/detail/CVE-2015-8272
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#121769): https://lists.openembedded.org/g/openembedded-devel/message/121769
> Mute This Topic: https://lists.openembedded.org/mt/116334907/3619737
> Group Owner: openembedded-devel+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [ankur.tyagi85@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [oe] CVE report - scarthgap - 2025-11-17
2025-11-18 11:14 ` [oe] " Ankur Tyagi
@ 2025-11-18 11:22 ` Gyorgy Sarvari
0 siblings, 0 replies; 3+ messages in thread
From: Gyorgy Sarvari @ 2025-11-18 11:22 UTC (permalink / raw)
To: Ankur Tyagi; +Cc: openembedded-devel
On 11/18/25 12:14, Ankur Tyagi wrote:
> Hi Gyorgy,
>
> On Mon, Nov 17, 2025 at 10:38 PM Gyorgy Sarvari via
> lists.openembedded.org <skandigraun=gmail.com@lists.openembedded.org>
> wrote:
>> List of all open CVEs (138, out of which new this week: 1):
>>
>> - apache2: CVE-2025-3891: https://nvd.nist.gov/vuln/detail/CVE-2025-3891
>> - botan: CVE-2024-39312: https://nvd.nist.gov/vuln/detail/CVE-2024-39312
>> - botan: CVE-2024-50382: https://nvd.nist.gov/vuln/detail/CVE-2024-50382
>> - botan: CVE-2024-50383: https://nvd.nist.gov/vuln/detail/CVE-2024-50383
>> - dhrystone: CVE-2020-23026: https://nvd.nist.gov/vuln/detail/CVE-2020-23026
>> - emacs: CVE-2024-53920: https://nvd.nist.gov/vuln/detail/CVE-2024-53920
>> - ez-ipupdate: CVE-2003-0887: https://nvd.nist.gov/vuln/detail/CVE-2003-0887
>> - freerdp3: CVE-2025-4478: https://nvd.nist.gov/vuln/detail/CVE-2025-4478
>> - [NEW] frr: CVE-2024-44070: https://nvd.nist.gov/vuln/detail/CVE-2024-44070
> This CVE was fixed in version 9.1.2
> (https://github.com/FRRouting/frr/releases/tag/frr-9.1.2) and current
> recipe version is 9.1.3
> I believe CPE is incorrect in this case
> (https://nvd.nist.gov/vuln/search#/nvd/home?cpeFilterMode=cpe&cpeName=cpe:2.3:a:frrouting:frrouting:9.1.3:*:*:*:*:*:*:*&resultType=records)
>
> If we agree then I'll send a patch for this.
I don't see this particularly controversial :)
If this is the case, then you can just set the CVE_STATUS to
"backported-patch: ..." and call it a day. The CVE reports frequently
miss these, when a project has multiple active branches.
>
>> - frr: CVE-2025-61099: https://nvd.nist.gov/vuln/detail/CVE-2025-61099
>> - frr: CVE-2025-61100: https://nvd.nist.gov/vuln/detail/CVE-2025-61100
>> - frr: CVE-2025-61101: https://nvd.nist.gov/vuln/detail/CVE-2025-61101
>> - frr: CVE-2025-61102: https://nvd.nist.gov/vuln/detail/CVE-2025-61102
>> - frr: CVE-2025-61103: https://nvd.nist.gov/vuln/detail/CVE-2025-61103
>> - frr: CVE-2025-61104: https://nvd.nist.gov/vuln/detail/CVE-2025-61104
>> - frr: CVE-2025-61105: https://nvd.nist.gov/vuln/detail/CVE-2025-61105
>> - frr: CVE-2025-61106: https://nvd.nist.gov/vuln/detail/CVE-2025-61106
>> - frr: CVE-2025-61107: https://nvd.nist.gov/vuln/detail/CVE-2025-61107
>> - giflib: CVE-2024-45993: https://nvd.nist.gov/vuln/detail/CVE-2024-45993
>> - gimp: CVE-2007-3741: https://nvd.nist.gov/vuln/detail/CVE-2007-3741
>> - gimp: CVE-2025-5473: https://nvd.nist.gov/vuln/detail/CVE-2025-5473
>> - hdf5: CVE-2025-2912: https://nvd.nist.gov/vuln/detail/CVE-2025-2912
>> - hdf5: CVE-2025-2926: https://nvd.nist.gov/vuln/detail/CVE-2025-2926
>> - hdf5: CVE-2025-6270: https://nvd.nist.gov/vuln/detail/CVE-2025-6270
>> - id3lib: CVE-2007-4460: https://nvd.nist.gov/vuln/detail/CVE-2007-4460
>> - imagemagick: CVE-2023-5341: https://nvd.nist.gov/vuln/detail/CVE-2023-5341
>> - imagemagick: CVE-2024-41817: https://nvd.nist.gov/vuln/detail/CVE-2024-41817
>> - imagemagick: CVE-2025-53014: https://nvd.nist.gov/vuln/detail/CVE-2025-53014
>> - imagemagick: CVE-2025-53015: https://nvd.nist.gov/vuln/detail/CVE-2025-53015
>> - imagemagick: CVE-2025-53019: https://nvd.nist.gov/vuln/detail/CVE-2025-53019
>> - imagemagick: CVE-2025-53101: https://nvd.nist.gov/vuln/detail/CVE-2025-53101
>> - imagemagick: CVE-2025-55004: https://nvd.nist.gov/vuln/detail/CVE-2025-55004
>> - imagemagick: CVE-2025-55005: https://nvd.nist.gov/vuln/detail/CVE-2025-55005
>> - imagemagick: CVE-2025-55154: https://nvd.nist.gov/vuln/detail/CVE-2025-55154
>> - imagemagick: CVE-2025-55160: https://nvd.nist.gov/vuln/detail/CVE-2025-55160
>> - imagemagick: CVE-2025-55212: https://nvd.nist.gov/vuln/detail/CVE-2025-55212
>> - imagemagick: CVE-2025-55298: https://nvd.nist.gov/vuln/detail/CVE-2025-55298
>> - imagemagick: CVE-2025-57803: https://nvd.nist.gov/vuln/detail/CVE-2025-57803
>> - imagemagick: CVE-2025-57807: https://nvd.nist.gov/vuln/detail/CVE-2025-57807
>> - imagemagick: CVE-2025-62171: https://nvd.nist.gov/vuln/detail/CVE-2025-62171
>> - imagemagick: CVE-2025-62594: https://nvd.nist.gov/vuln/detail/CVE-2025-62594
>> - iptraf-ng: CVE-2024-52949: https://nvd.nist.gov/vuln/detail/CVE-2024-52949
>> - libao: CVE-2017-11548: https://nvd.nist.gov/vuln/detail/CVE-2017-11548
>> - libavif: CVE-2025-48174: https://nvd.nist.gov/vuln/detail/CVE-2025-48174
>> - libcdio: CVE-2024-36600: https://nvd.nist.gov/vuln/detail/CVE-2024-36600
>> - libmemcached: CVE-2023-27478: https://nvd.nist.gov/vuln/detail/CVE-2023-27478
>> - libtar: CVE-2013-4420: https://nvd.nist.gov/vuln/detail/CVE-2013-4420
>> - libtar: CVE-2021-33643: https://nvd.nist.gov/vuln/detail/CVE-2021-33643
>> - libtar: CVE-2021-33644: https://nvd.nist.gov/vuln/detail/CVE-2021-33644
>> - libtar: CVE-2021-33645: https://nvd.nist.gov/vuln/detail/CVE-2021-33645
>> - libtar: CVE-2021-33646: https://nvd.nist.gov/vuln/detail/CVE-2021-33646
>> - libvpx: CVE-2024-5197: https://nvd.nist.gov/vuln/detail/CVE-2024-5197
>> - libwmf: CVE-2009-1364: https://nvd.nist.gov/vuln/detail/CVE-2009-1364
>> - libwmf: CVE-2015-0848: https://nvd.nist.gov/vuln/detail/CVE-2015-0848
>> - libwmf: CVE-2015-4588: https://nvd.nist.gov/vuln/detail/CVE-2015-4588
>> - libwmf: CVE-2015-4695: https://nvd.nist.gov/vuln/detail/CVE-2015-4695
>> - libwmf: CVE-2015-4696: https://nvd.nist.gov/vuln/detail/CVE-2015-4696
>> - libwmf: CVE-2016-9011: https://nvd.nist.gov/vuln/detail/CVE-2016-9011
>> - links: CVE-2008-3319: https://nvd.nist.gov/vuln/detail/CVE-2008-3319
>> - linuxptp: CVE-2024-42861: https://nvd.nist.gov/vuln/detail/CVE-2024-42861
>> - minio: CVE-2018-1000538: https://nvd.nist.gov/vuln/detail/CVE-2018-1000538
>> - minio: CVE-2020-11012: https://nvd.nist.gov/vuln/detail/CVE-2020-11012
>> - minio: CVE-2021-21287: https://nvd.nist.gov/vuln/detail/CVE-2021-21287
>> - minio: CVE-2021-21362: https://nvd.nist.gov/vuln/detail/CVE-2021-21362
>> - minio: CVE-2021-21390: https://nvd.nist.gov/vuln/detail/CVE-2021-21390
>> - minio: CVE-2021-43858: https://nvd.nist.gov/vuln/detail/CVE-2021-43858
>> - minio: CVE-2022-35919: https://nvd.nist.gov/vuln/detail/CVE-2022-35919
>> - minio: CVE-2023-28433: https://nvd.nist.gov/vuln/detail/CVE-2023-28433
>> - minio: CVE-2023-28434: https://nvd.nist.gov/vuln/detail/CVE-2023-28434
>> - nbdkit: CVE-2025-47711: https://nvd.nist.gov/vuln/detail/CVE-2025-47711
>> - nbdkit: CVE-2025-47712: https://nvd.nist.gov/vuln/detail/CVE-2025-47712
>> - openflow: CVE-2018-1000155: https://nvd.nist.gov/vuln/detail/CVE-2018-1000155
>> - openjpeg: CVE-2023-39327: https://nvd.nist.gov/vuln/detail/CVE-2023-39327
>> - openjpeg: CVE-2023-39328: https://nvd.nist.gov/vuln/detail/CVE-2023-39328
>> - openjpeg: CVE-2023-39329: https://nvd.nist.gov/vuln/detail/CVE-2023-39329
>> - opusfile: CVE-2022-47021: https://nvd.nist.gov/vuln/detail/CVE-2022-47021
>> - p7zip: CVE-2022-47069: https://nvd.nist.gov/vuln/detail/CVE-2022-47069
>> - pidgin: CVE-2022-26491: https://nvd.nist.gov/vuln/detail/CVE-2022-26491
>> - proftpd: CVE-2023-48795: https://nvd.nist.gov/vuln/detail/CVE-2023-48795
>> - redis: CVE-2022-0543: https://nvd.nist.gov/vuln/detail/CVE-2022-0543
>> - redis: CVE-2025-27151: https://nvd.nist.gov/vuln/detail/CVE-2025-27151
>> - sassc: CVE-2022-43357: https://nvd.nist.gov/vuln/detail/CVE-2022-43357
>> - smarty: CVE-2020-10375: https://nvd.nist.gov/vuln/detail/CVE-2020-10375
>> - sngrep: CVE-2024-35434: https://nvd.nist.gov/vuln/detail/CVE-2024-35434
>> - spice: CVE-2016-0749: https://nvd.nist.gov/vuln/detail/CVE-2016-0749
>> - spice: CVE-2016-2150: https://nvd.nist.gov/vuln/detail/CVE-2016-2150
>> - spice-gtk: CVE-2012-4425: https://nvd.nist.gov/vuln/detail/CVE-2012-4425
>> - sthttpd: CVE-2021-26843: https://nvd.nist.gov/vuln/detail/CVE-2021-26843
>> - synergy: CVE-2020-15117: https://nvd.nist.gov/vuln/detail/CVE-2020-15117
>> - tcpreplay: CVE-2025-9384: https://nvd.nist.gov/vuln/detail/CVE-2025-9384
>> - tcpreplay: CVE-2025-9385: https://nvd.nist.gov/vuln/detail/CVE-2025-9385
>> - tcpreplay: CVE-2025-9386: https://nvd.nist.gov/vuln/detail/CVE-2025-9386
>> - uw-imap: CVE-2018-19518: https://nvd.nist.gov/vuln/detail/CVE-2018-19518
>> - webkitgtk3: CVE-2025-6558: https://nvd.nist.gov/vuln/detail/CVE-2025-6558
>> - webmin: CVE-2017-15644: https://nvd.nist.gov/vuln/detail/CVE-2017-15644
>> - webmin: CVE-2017-15645: https://nvd.nist.gov/vuln/detail/CVE-2017-15645
>> - webmin: CVE-2017-15646: https://nvd.nist.gov/vuln/detail/CVE-2017-15646
>> - webmin: CVE-2017-17089: https://nvd.nist.gov/vuln/detail/CVE-2017-17089
>> - webmin: CVE-2019-12840: https://nvd.nist.gov/vuln/detail/CVE-2019-12840
>> - webmin: CVE-2019-15107: https://nvd.nist.gov/vuln/detail/CVE-2019-15107
>> - webmin: CVE-2019-15641: https://nvd.nist.gov/vuln/detail/CVE-2019-15641
>> - webmin: CVE-2019-15642: https://nvd.nist.gov/vuln/detail/CVE-2019-15642
>> - webmin: CVE-2020-12670: https://nvd.nist.gov/vuln/detail/CVE-2020-12670
>> - webmin: CVE-2020-35606: https://nvd.nist.gov/vuln/detail/CVE-2020-35606
>> - webmin: CVE-2020-8820: https://nvd.nist.gov/vuln/detail/CVE-2020-8820
>> - webmin: CVE-2020-8821: https://nvd.nist.gov/vuln/detail/CVE-2020-8821
>> - webmin: CVE-2022-0824: https://nvd.nist.gov/vuln/detail/CVE-2022-0824
>> - webmin: CVE-2022-0829: https://nvd.nist.gov/vuln/detail/CVE-2022-0829
>> - webmin: CVE-2022-30708: https://nvd.nist.gov/vuln/detail/CVE-2022-30708
>> - webmin: CVE-2022-36446: https://nvd.nist.gov/vuln/detail/CVE-2022-36446
>> - webmin: CVE-2023-43309: https://nvd.nist.gov/vuln/detail/CVE-2023-43309
>> - webmin: CVE-2023-52046: https://nvd.nist.gov/vuln/detail/CVE-2023-52046
>> - webmin: CVE-2024-36450: https://nvd.nist.gov/vuln/detail/CVE-2024-36450
>> - webmin: CVE-2024-36451: https://nvd.nist.gov/vuln/detail/CVE-2024-36451
>> - webmin: CVE-2024-36452: https://nvd.nist.gov/vuln/detail/CVE-2024-36452
>> - webmin: CVE-2024-36453: https://nvd.nist.gov/vuln/detail/CVE-2024-36453
>> - webmin: CVE-2024-45692: https://nvd.nist.gov/vuln/detail/CVE-2024-45692
>> - weechat: CVE-2024-46613: https://nvd.nist.gov/vuln/detail/CVE-2024-46613
>> - yasm: CVE-2021-33454: https://nvd.nist.gov/vuln/detail/CVE-2021-33454
>> - yasm: CVE-2021-33455: https://nvd.nist.gov/vuln/detail/CVE-2021-33455
>> - yasm: CVE-2021-33456: https://nvd.nist.gov/vuln/detail/CVE-2021-33456
>> - yasm: CVE-2021-33457: https://nvd.nist.gov/vuln/detail/CVE-2021-33457
>> - yasm: CVE-2021-33458: https://nvd.nist.gov/vuln/detail/CVE-2021-33458
>> - yasm: CVE-2021-33459: https://nvd.nist.gov/vuln/detail/CVE-2021-33459
>> - yasm: CVE-2021-33460: https://nvd.nist.gov/vuln/detail/CVE-2021-33460
>> - yasm: CVE-2021-33461: https://nvd.nist.gov/vuln/detail/CVE-2021-33461
>> - yasm: CVE-2021-33462: https://nvd.nist.gov/vuln/detail/CVE-2021-33462
>> - yasm: CVE-2021-33463: https://nvd.nist.gov/vuln/detail/CVE-2021-33463
>> - yasm: CVE-2021-33464: https://nvd.nist.gov/vuln/detail/CVE-2021-33464
>> - yasm: CVE-2021-33465: https://nvd.nist.gov/vuln/detail/CVE-2021-33465
>> - yasm: CVE-2021-33466: https://nvd.nist.gov/vuln/detail/CVE-2021-33466
>> - yasm: CVE-2021-33467: https://nvd.nist.gov/vuln/detail/CVE-2021-33467
>> - yasm: CVE-2021-33468: https://nvd.nist.gov/vuln/detail/CVE-2021-33468
>> - yasm: CVE-2023-30402: https://nvd.nist.gov/vuln/detail/CVE-2023-30402
>> - yasm: CVE-2023-31972: https://nvd.nist.gov/vuln/detail/CVE-2023-31972
>> - yasm: CVE-2023-31973: https://nvd.nist.gov/vuln/detail/CVE-2023-31973
>> - yasm: CVE-2023-31974: https://nvd.nist.gov/vuln/detail/CVE-2023-31974
>> - yasm: CVE-2023-51258: https://nvd.nist.gov/vuln/detail/CVE-2023-51258
>>
>> ====================
>>
>> Removed this week (18):
>>
>> - audiofile: CVE-2018-13440: https://nvd.nist.gov/vuln/detail/CVE-2018-13440
>> - audiofile: CVE-2018-17095: https://nvd.nist.gov/vuln/detail/CVE-2018-17095
>> - audiofile: CVE-2019-13147: https://nvd.nist.gov/vuln/detail/CVE-2019-13147
>> - audiofile: CVE-2020-18781: https://nvd.nist.gov/vuln/detail/CVE-2020-18781
>> - audiofile: CVE-2022-24599: https://nvd.nist.gov/vuln/detail/CVE-2022-24599
>> - hostapd: CVE-2022-37660: https://nvd.nist.gov/vuln/detail/CVE-2022-37660
>> - jasper: CVE-2023-51257: https://nvd.nist.gov/vuln/detail/CVE-2023-51257
>> - proftpd: CVE-2001-0027: https://nvd.nist.gov/vuln/detail/CVE-2001-0027
>> - pure-ftpd: CVE-2024-48208: https://nvd.nist.gov/vuln/detail/CVE-2024-48208
>> - redis: CVE-2022-3734: https://nvd.nist.gov/vuln/detail/CVE-2022-3734
>> - redis: CVE-2025-21605: https://nvd.nist.gov/vuln/detail/CVE-2025-21605
>> - redis: CVE-2025-46817: https://nvd.nist.gov/vuln/detail/CVE-2025-46817
>> - redis: CVE-2025-46818: https://nvd.nist.gov/vuln/detail/CVE-2025-46818
>> - redis: CVE-2025-46819: https://nvd.nist.gov/vuln/detail/CVE-2025-46819
>> - rsyslog: CVE-2015-3243: https://nvd.nist.gov/vuln/detail/CVE-2015-3243
>> - rtmpdump: CVE-2015-8270: https://nvd.nist.gov/vuln/detail/CVE-2015-8270
>> - rtmpdump: CVE-2015-8271: https://nvd.nist.gov/vuln/detail/CVE-2015-8271
>> - rtmpdump: CVE-2015-8272: https://nvd.nist.gov/vuln/detail/CVE-2015-8272
>>
>> -=-=-=-=-=-=-=-=-=-=-=-
>> Links: You receive all messages sent to this group.
>> View/Reply Online (#121769): https://lists.openembedded.org/g/openembedded-devel/message/121769
>> Mute This Topic: https://lists.openembedded.org/mt/116334907/3619737
>> Group Owner: openembedded-devel+owner@lists.openembedded.org
>> Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [ankur.tyagi85@gmail.com]
>> -=-=-=-=-=-=-=-=-=-=-=-
>>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-11-18 11:23 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-11-17 9:38 CVE report - scarthgap - 2025-11-17 Gyorgy Sarvari
2025-11-18 11:14 ` [oe] " Ankur Tyagi
2025-11-18 11:22 ` Gyorgy Sarvari
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.