...
There are 8 CVEs with a CVSS score >= 9.0. These are exceptions requested here:
Release 57: Akraino CVE and KHV Vulnerability Exception Request
| CVE-ID | CVSS | NVD | Fix/Notes | |||||
| CVE-2016-1585 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2016-1585 | No fix available TODO: File exception request | |||||
| CVE-2021-20223 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-20223 | CVE-2022-0318 | 9.8 | Fix released in libsqlite 3.31.1-4ubuntu0.4 TODO: Check libsqlite3-0 version, update if possible and re-run. https://nvd.nist.gov/vuln/detail/CVE-2022-0318 | |||
| CVE-2022-19270318 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-19270318 | Fix not yet available TODO: Check for recent updates to vim, update if possible and re-run. If no updates available, file exception request. | |||||
| CVE-2022-1927CVE-2022-37434 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-374341927 | Fix not yet available TODO: Same as CVE-2022-0318 | |||||
| CVE-2022-37434 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-37434 | No fix available (for zlib1g, zlib1g-dev) TODO: File exception request | |||||
| CVE-2022-1012 | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1012 | Fix released in linux-image 5.4.0-126.142 TODO: Check kernel version (linux-image-5.4.0-109-generic?) and check for updates. Update if possible and re-run. | |||||
| CVE-2022-10121586 | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-1012-1586 | Fix released in libpcre 10.34-7ubuntu0.1 TODO: Check for updates to libpcre. Update if possible and re-run. | |||||
| CVE-2022- | 15861587 | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2022- | 15861587 | Fix released in libpcre 10.34-7ubuntu0.1 TODO: Same as | CVE-2022-1587 | 9.1 | https://nvd.nist.gov/vuln/detail/ CVE-2022- 15871586 |
Lynis
Nexus URL (run via Bluval, without fixes):
...