Versions Compared

Old Version 12

changes.mady.by.user Srinivasan Selvam

Saved on

compared with

New Version Current

changes.mady.by.user Todd Malsbary

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

1.6.1+dfsg.3-2ubuntu1

Blueprints that have vulnerabilities with a CVSS score >= 9.0 and meet the following criteria should submit their information in the chart below to have the vulnerability considered for an exception:

  • Running at least the minimum OS version required by the Akraino Security Sub-Committee
    • Ubuntu
    • CentOS
    • Debian
    • Fedora
    • Suse Enterprise Server

Legend

Ubuntu Priority/Score Descriptions

Not VulnerablePackages which do not exist in the archive, are not affected by the vulnerability or have a fix applied in the archive.
PendingA fix has been applied and updated packages are awaiting arrival into the archive. For example, this might be used when wider testing is requested for the updated package.
UnknownOpen vulnerability where the priority is currently unknown and needs to be triaged.
NegligibleOpen vulnerability that may be a problem but otherwise does not impose a security risk due to various factors. Examples include when the vulnerability is only theoretical in nature, requires a very special situation, has almost no install base or does no real damage. These typically will not receive security updates unless there is an easy fix and some other issue causes an update.
LowOpen vulnerability that is a problem but does very little damage or is otherwise hard to exploit due to small user base or other factors such as requiring specific environment, uncommon configuration, user assistance, etc. These tend to be included in security updates only when higher priority issues require an update or if many low priority issues have built up.
MediumOpen vulnerability that is a real problem and is exploitable for many users of the affected software. Examples include network daemon denial of service, cross-site scripting and gaining user privileges.
HighOpen vulnerability that is a real problem and is exploitable for many users in the default configuration of the affected software. Examples include serious remote denial of service of the system, local root privilege escalations or local data theft.
CriticalOpen vulnerability that is a world-burning problem and is exploitable for most Ubuntu users. Examples include remote root privilege escalations or remote data theft.


CVE #BlueprintBlueprint OS/VerURL Showing OS Patch Not AvailableContact NameContact EmailCommentCVE-2019-12900Connected Vehicle Blueprint (CVB)Centos 7.8
CVE #BlueprintBlueprint OS/VerURL Showing OS Patch Not AvailableContact NameContact EmailCommentVendor CVSS ScoreVendor Patch AvailableException Status
CVE-2016-1585KubeEdge Edge Service BlueprintUbuntu 20.04https://ubuntu.com/security/CVE-2016-1585

Yin Ding Hao Xu

yin.ding@futurewei.com

Medium

NoApproved
CVE-2017-8283KubeEdge Edge Service BlueprintUbuntu 20.04https://ubuntu.com/security/CVE-2017-8283

Yin Ding Hao Xu

yin.ding@futurewei.com

Negligible

NoApproved
CVE-2018-20839KubeEdge Edge Service BlueprintUbuntu 20.04https://ubuntu.com/security/CVE-2018-20839

Yin Ding Hao Xu

yin.ding@futurewei.com

Medium

NoApproved
CVE-2019-19814KubeEdge Edge Service BlueprintUbuntu 20.04https://ubuntu.com/security/CVE-2019-19814

Yin Ding Hao Xu

yin.ding@futurewei.com

Low

NoApproved
CVE-2013-1910ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2013-1910Srinivasan Selvamsrinivasanselvam2014@gmail.com
MediumNoApproved
CVE-2016-1585ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-1585

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2016-5407ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-5407Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-7944ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7944Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

No

Approved

CVE-2016-7947ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7947Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

No

Approved


CVE-2016-7948ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7948Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-7949ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7949Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-7950ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7950Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-7951ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-7951Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-8735ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-8735Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

Released (6.0.45+dfsg-1ubuntu0.1)

Explanation:

We are using same version of integrated OS package as mentioned as released by ubuntu for Package dfsg.  But still issue thrown.

It is not an issue from our side.  This issue is with Vuls or Ubuntu. 

Proof:

Image Added

Approved

CVE-2017-10684ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-10684Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-10685ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-10685Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-12424ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-12424Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-12562ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-12562Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-15088ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-15088Srinivasan Selvamsrinivasanselvam2014@gmail.com

Negligible

NoApproved
CVE-2017-18342ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-18342Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-7614ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-7614Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-8283ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-8283Srinivasan Selvamsrinivasanselvam2014@gmail.com

Negligible

NoApproved
CVE-2018-12699ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2018-12699Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2018-20839ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2018-20839Srinivasan Selvamsrinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2019-17041ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-17041Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-17042ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-17042Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-17571ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-17571Srinivasan Selvamsrinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2020-10683ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2020-10683Srinivasan Selvamsrinivasanselvam2014@gmail.com

Medium

Released (1.6.1+dfsg.3-2ubuntu1.1)

Explanation:
This is OS integrated package and we are using 1.6.1+dfsg.3-2ubuntu1 same updated latest release version.  This is an issue with Vuls / Ubuntu not from our side.

Proof:

Image Added

Approved
CVE-2020-1938ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2020-1938Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-19814ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-19814Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-19816ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2019-19816Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

Package:  linux

For ubuntu 16.04, status is Needed.

Package not available for ubuntu 16.04

Image Added

Approved
CVE-2016-9584ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2016-9584Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

Package:  libical

For Ubuntu 16.04, status is Needed for Libical Package.

Package not available for ubuntu 16.04

Image Added

Approved
CVE-2017-5209ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-5209Srinivasan Selvamsrinivasanselvam2014@gmail.com


Negligible

NoApproved
CVE-2017-5545ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-5545Srinivasan Selvamsrinivasanselvam2014@gmail.com

Negligible

NoApproved
CVE-2017-6969ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-6969Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-7226ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-7226Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-8872ELIOT IOTGatewayUbuntu 16.04https://ubuntu.com/security/CVE-2017-8872Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-15505ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-15505

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Moderate

8.0

NoApproved
CVE-2014-9939ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2014-9939Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

1.2

No

Approved
CVE-2017-12652ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2017-12652Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

3.7


There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

Approved
CVE-2018-16428ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2018-16428Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

5.1

No

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Approved
CVE-2019-11068ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-11068Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

6.3

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

Approved
CVE-2019-12450ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-12450Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

6.6

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

Approved


CVE-2019-12900ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-12900Srinivasan Selvamsrinivasanselvam2014@gmail.com

Low

4.0

No

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Approved
CVE-2019-9169ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-9169Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

6.5

No (Will not fix)

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Approved
CVE-2018-20836ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2018-20836Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

7.0

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

Approved
CVE-2019-2201ELIOT uCPECentOS 7.8https://access.redhat.com/security/cve/CVE-2019-2201Srinivasan Selvamsrinivasanselvam2014@gmail.com

Moderate

7.8

No (Will not fix)

There is no proper documents from CENTOS  for unfixed vulnerabilities.  We cannot compare/refer RHEL 7 docs with CENTOS 7.8 since, RHEL is completely different OS

Approved
CVE-2018-18439EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2018-18439

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Negligible

Not vulnerable (2019.07+dfsg-1ubuntu4~18.04.1)

Screenshot:

Image Added

Approved
CVE-2020-8432EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2020-8432

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2016-1585EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2016-1585

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2017-18342EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2017-18342

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-8283EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2017-8283

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Negligible

18.04 Not vulnerable

1.18..24ubuntu1

Image Added

Image Added

Approved
CVE-2018-11236EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2018-11236

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Medium

glibc:  Fix 2.27-3ubuntu1.2

Explanation:

We are using same version of integrated OS package updated as mentioned as released by ubuntu for Package glibc.  But still issue thrown.

It is not an issue from our side.  This issue is with Vuls or Ubuntu.

Proof: Image Added

Approved
CVE-2018-20839EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2018-20839

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Medium

NoApproved
CVE-2019-11059EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-11059

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

18.04 LTSNot Vulnerable

2019.07+dfsg-1ubuntu4~18.04.1

Screenshots:

Image Added

Image Added

Approved


CVE-2019-14192EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14192

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14193EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14193

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14194EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14194

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14195EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14195

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14196EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14196

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14198EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14198

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14199EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14199

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14200EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14200

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14201EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14201

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14202EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14202

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14203EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14203

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-14204EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14204

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-9169EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-9169

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-10220EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-10220

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Medium

linux

Minimum 4.15.0-88.88

Explanation:

We are using the latest patch of linux kernel.  Since we are using updated patch.  Still issues thrown.

This is an issue from Vuls / Ubuntu not from our side

Screenshot:

Image Added

4.15.0-118-generic installed

Approved
CVE-2019-19814EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-19814

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2019-19816EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-19816

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

linux

4.15.0-88.88 minimum required

Explanation:

We are using the latest patch of linux kernel.  Eventhough we are using updated patch,  Still issues thrown.

This is an issue from Vuls / Ubuntu not from our side

Screenshot:

Image Added

4.15.0-118-generic installed

Approved
CVE-2019-14197EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14197

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Low

NoApproved
CVE-2017-12652The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2017-12652

zifan wu

wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Low

3.7

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-11068The AI Edge: Federated ML application at the edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-11068

zifan wu

wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Low

6.3

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-12450The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-12450

zifan wu

wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

6.6

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-12900The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-12900

zifan wu

wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

LOW

4.0

NoApproved
CVE-2018-20836The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2018-20836

zifan wu

wuzifan0817@gmail.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

7.0

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-8506The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8506

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

6.3

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8535The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8535

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

6.3

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8536The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8536

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

6.3

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8544The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8544

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

6.3

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved

CVE-2019-8669The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8669

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8672The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8672

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8676The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8676

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8684The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8684

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8688The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8688

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8689The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8689

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8814The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8814

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8815The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8815

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-8816The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2019-8816

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2020-3868The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3868

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2020-3895The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3895

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2020-3897The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3897

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.Moderate 8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2020-3899The AI Edge: Federated ML application at edgeCentos7.8https://nvd.nist.gov/vuln/detail/CVE-2020-3899

zifan wu

wuzifan0817@gmail.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.Moderate 8.8

webkitgtk4 - Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020

webkitgtk3 - Will not fix

Approved
CVE-2019-2201

The AI Edge: School/Education Video Security Monitoring

CentOS

8.2

https://access.redhat.com/security/cve/CVE-2019-2201@Hechun Zhangzhanghechun@baidu.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.Moderate 7.8NoApproved
CVE-2019-12900The AI Edge: School/Education Video Security Monitoring

CentOS

8.2

https://access.redhat.com/security/cve/CVE-2019-12900@Hechun Zhangzhanghechun@baidu.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Low

4.0

NoApproved
CVE-2019-18218The AI Edge: School/Education Video Security Monitoring

CentOS

8.2

https://access.redhat.com/security/cve/CVE-2019-18218@Hechun Zhangzhanghechun@baidu.comThis is a bug for the host machine, not for the runtime environment for the Blueprint.

Moderate

9.8

NoApproved
CVE-2018-16428The AI Edge: School/Education Video Security Monitoring

CentOS

8.2

https://access.redhat.com/security/cve/CVE-2018-16428@Hechun Zhangzhanghechun@baidu.com

Low

5.1

NoApproved
CVE-2019-14889The AI Edge: School/Education Video Security Monitoring

CentOS

8.2

https://access.redhat.com/security/cve/CVE-2019-14889@Hechun Zhangzhanghechun@baidu.com
Low

Package:  libssh2 not affected

Package:  libssh fixed 11/3/2020 in RHSA-2020:4545

Approved; must apply update to next release
CVE-2016-1585ICNUbuntu 18.04https://ubuntu.com/security/CVE-2016-1585

@Kuralamdhan Ramakrishnan

kuralamudhan.ramakrishnan@intel.com

Medium

No

Approved

CVE-2017-18342ICNUbuntu 18.04https://ubuntu.com/security/CVE-2017-18342@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.com

Low

NoApproved
CVE-2017-8283ICNUbuntu 18.04https://ubuntu.com/security/CVE-2017-8283@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.com

Negligible

18.04 Not vulnerable

1.18..24ubuntu1

Image Added

Image Added

Approved
CVE-2018-20839ICNUbuntu 18.04https://ubuntu.com/security/CVE-2018-20839

@Kuralamdhan Ramakrishnan

kuralamudhan.ramakrishnan@intel.com

Medium

NoApproved
CVE-2019-19814ICNUbuntu 18.04https://ubuntu.com/security/CVE-2019-19814

@Kuralamdhan Ramakrishnan

kuralamudhan.ramakrishnan@intel.com

Low

NoApproved
CVE-2019-17041ICNUbuntu 18.04https://ubuntu.com/security/CVE-2019-17041@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.com

Low

NoApproved
CVE-2019-17042ICNUbuntu 18.04https://ubuntu.com/security/CVE-2019-17042@Kuralamdhan Ramakrishnankuralamudhan.ramakrishnan@intel.com

Low

NoApproved
CVE-2021-33574ICNUbuntu 20.04https://ubuntu.com/security/CVE-2021-33574Kuralamudhan Ramakrishnankuralamudhan.ramakrishnan@intel.com
LowNo
CVE-2019-19814ICNUbuntu 20.04https://ubuntu.com/security/CVE-2019-19814

Kuralamudhan Ramakrishnan

kuralamudhan.ramakrishnan@intel.com
LowNo

CVE-2021-35942

ICNUbuntu 20.04https://ubuntu.com/security/CVE-2021-35942

Kuralamudhan Ramakrishnan

kuralamudhan.ramakrishnan@intel.comVendor status is "Released" and ICN is using the referenced glibc version, however vuls is still reporting thisLowYes
CVE-2017-12652RECCentOS 7.8https://access.redhat.com/security/cve/CVE-2017-12652

Paul Carver

pcarver@att.com

Low

3.7

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-11068RECCentOS 7.8https://access.redhat.com/security/cve/CVE-2019-11068

Paul Carver

pcarver@att.com

Moderate

6.8

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-12450RECCentOS 7.8https://access.redhat.com/security/cve/CVE-2019-12450

Paul Carver

pcarver@att.com

Moderate

6.6

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-17006RECCentOS 7.8https://access.redhat.com/security/cve/CVE-2019-12450

Paul Carver

pcarver@att.com

Moderate

8.1

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-5482RECCentOS 7.8https://access.redhat.com/security/cve/CVE-2019-12450

Paul Carver

pcarver@att.com

Moderate

6.3

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2017-12652 Connected Vehicle Blueprint (CVB)CentOS 7.8https://nvd.nist.gov/vuln/detail/CVE-2017-12652abhimanyu

abhimanyu@parserlabs.com


We need exception request for this CVE as it is not yet fixed for 7.X version

Low

3.7

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-5482Connected Vehicle Blueprint (CVB)CentOS 7.8https://nvd.nist.gov/vuln/detail/CVE-2019-5482abhimanyu

abhimanyu@parserlabs.com


We need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

6.3

Fixed in RHEL 7 But not in CentOS 7.8 as of 9/29/2020Approved
CVE-2019-17006IEC Type4-AR/VR oriented Edge StackCentOS 7.9
https://access.redhat.com/security/cve/CVE-2019-
12900
17006
abhimanyu

Eaton Zhang

abhimanyu@parserlabs
eatonzhang@tencent.comWe need exception request for this
CVE as
CVE as it is not yet fixed for 7.X version

Moderate

8.1

CVE-2019-12900IEC Type4-AR/VVR oriented Edge Stack

It is cause by nss before 3.46, but the version is already 3.53.1. But still issue thrown.

It is not an issue from our side.  This issue is with Vuls or CentOS.

Image Added

Approved - the nss version shown is the correct version per RedHat
CVE-2017-126525G MEC/Slice System to Support Cloud Gaming, HD Video and Live Broadcasting BlueprintCentOS 7.6
Centos 7.8
https://access.redhat.com/security/cve/CVE-
2019
2017-
12900
12652
abhimanyu

Zigeng Fu

abhimanyu@parserlabs
eaganfu@tencent.comWe need exception request for this CVE as it is not yet fixed for 7.X version
CVE-2016-1585KubeEdge Edge Service BlueprintUbuntu 20.04https://ubuntu.com/security/CVE-2016-1585

Yin Ding Hao Xu

yin.ding@futurewei.comCVE-2017-8283KubeEdge Edge Service Blueprint

Low

3.7

NoApproved
CVE-2019-54825G MEC/Slice System to Support Cloud Gaming, HD Video and Live Broadcasting BlueprintCentOS 7.6
Ubuntu 20.04
https://
ubuntu
access.redhat.com/security/cve/CVE-
2017-8283

Yin Ding Hao Xu

yin.ding@futurewei.com
2019-5482

Zigeng Fu

eaganfu@tencent.comWe need exception request for this CVE as it is not yet fixed for 7.X version

Moderate

6.3

NoApproved
CVE-2016-1585Network Cloud and Tungsten FabricUbuntu 16
CVE-2018-20839KubeEdge Edge Service BlueprintUbuntu 20
.04https://ubuntu.com/security/CVE-
2018
2016-
20839

Yin Ding Hao Xu

yin.ding@futurewei
1585

 Sukhdev Kapur

sukhdevkapur@gmail.com

Medium

NoApproved
CVE-
2019
2017-
19814KubeEdge Edge Service Blueprint
10684Network Cloud and Tungsten FabricUbuntu
20
16.04https://ubuntu.com/security/CVE-
2019
2017-
19814

Yin Ding Hao Xu

yin.ding@futurewei.comCVE-2016-1585ELIOT IOTGateway
10684

 Sukhdev Kapur

sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-10685Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2016
2017-
1585
10685
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail.com
sukhdevkapur@gmail.com

Low

NoApproved
CVE-
2016
2017-
5407ELIOT IOTGateway
12424Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2016
2017-
5407
12424
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-
2016
2017-
7944ELIOT IOTGateway
15088Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2016
2017-
7944
15088
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Negligible

NoApproved
CVE-
2016
2017-
7947ELIOT IOTGateway
18342Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2016
2017-
7947
18342
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-
2016
2017-
7948ELIOT IOTGateway
7614Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2016
2017-
7948
7614
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-
2016
2017-
7949ELIOT IOTGateway
8283Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2016
2017-
7949
8283
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Negligible

NoApproved
CVE-
2016
2018-
7950ELIOT IOTGateway
12699Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2016
2018-
7950
12699
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-
2016-7951ELIOT IOTGateway
2018-20839Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2016
2018-
7951
20839
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Medium

NoApproved
CVE-
2016
2019-
8735ELIOT IOTGateway
17041Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2016
2019-
8735
17041
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-
2017
2019-
10684ELIOT IOTGateway
17042Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2017
2019-
10684
17042
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-
2017
2019-
10685ELIOT IOTGateway
19814Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2017
2019-
10685
19814
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-
2017
2019-
12424ELIOT IOTGateway
19816Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2017
2019-
12424
19816
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

Package:  linux

For ubuntu 16.04, status is Needed.

Package not available for ubuntu 16.04

Image Added

Approved
CVE-2017-
12562ELIOT IOTGateway
6969Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-
12562
6969
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-
15041ELIOT IOTGateway
7226Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-
15041
7226
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-2017-
15088ELIOT IOTGateway
8872Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-2017-
15088
8872
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com

Low

NoApproved
CVE-
2017
2019-
18342ELIOT IOTGateway
13224Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2017
2019-
18342
13224
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com
MediumNoApproved
CVE-
2017
2019-
7614ELIOT IOTGateway
19012Network Cloud and Tungsten FabricUbuntu 16.04https://ubuntu.com/security/CVE-
2017
2019-
7614
19012
Srinivasan Selvam

 Sukhdev Kapur

srinivasanselvam2014@gmail
sukhdevkapur@gmail.com
MediumNoApproved
CVE-2017-8283
ELIOT IOTGateway
PCEIUbuntu
16
18.04https://ubuntu.com/security/
CVE
cve-2017-8283
Srinivasan Selvam
Oleg Berzin
srinivasanselvam2014@gmail

oberzin@equinix.com



NegligibleNoApproved
CVE-
2018
2019-
12699
19814
ELIOT IOTGateway
PCEIUbuntu
16
18.04https://ubuntu.com/security/
CVE
cve-
2018
2019-
12699
19814
Srinivasan Selvam
Oleg Berzin
srinivasanselvam2014@gmail
oberzin@equinix.com
LowNoApproved
CVE-
2018
2016-
20839
1585
ELIOT IOTGateway
PCEIUbuntu
16
18.04https://ubuntu.com/security/CVE-
2018
2016-
20839
1585
Srinivasan Selvam

Oleg Berzin

srinivasanselvam2014@gmail
oberzin@equinix.com

Medium

NoApproved
CVE-
2019
2017-
17041
18342
ELIOT IOTGateway
PCEIUbuntu
16
18.04https://ubuntu.com/security/CVE-
2019
2017-
17041
18342
Srinivasan Selvam

Oleg Berzin

srinivasanselvam2014@gmail
oberzin@equinix.com

Low

NoApproved
CVE-
2019
2018-
17042
20839
ELIOT IOTGateway
PCEIUbuntu
16
18.04https://ubuntu.com/security/CVE-
2019
2018-
17042
20839
Srinivasan Selvam

Oleg Berzin

srinivasanselvam2014@gmail
oberzin@equinix.com

Medium

NoApproved
CVE-2019-
17571
17041
ELIOT IOTGateway
PCEIUbuntu
16
18.04https://ubuntu.com/security/CVE-2019-
17571
17041
Srinivasan Selvam

Oleg Berzin

srinivasanselvam2014@gmail
oberzin@equinix.com

Low

NoApproved
CVE-
2020
2019-
10683
17042
ELIOT IOTGateway
PCEIUbuntu
16
18.04https://ubuntu.com/security/CVE-
2020
2019-
10683
17042
Srinivasan Selvam

Oleg Berzin

srinivasanselvam2014@gmail
oberzin@equinix.com

Low

NoApproved
CVE-
2020
2016-
1938
9085
ELIOT IOTGateway
IEC TYPE3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2020
2016-
1938
9085
Srinivasan Selvam
hanyu ding
srinivasanselvam2014@gmail
dinghanyu@chinamobile.com
LowNoApproved
CVE-
2019
2017-
19814
18201
ELIOT IOTGateway
IEC TYPE3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2019
2017-
19814
18201
Srinivasan Selvam
hanyu ding
srinivasanselvam2014@gmail
dinghanyu@chinamobile.com
MediumNoApproved
CVE-
2019
2017-
19816
9525
ELIOT IOTGateway
IEC TYPE3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2019
2017-
19816
9525
Srinivasan Selvam
hanyu ding
srinivasanselvam2014@gmail
dinghanyu@chinamobile.com
LowNoApproved
CVE-
2016
2019-
9584
10160
ELIOT IOTGateway
IEC TYPE3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2016
2019-
9584
10160
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 
lowNoApproved
CVE-
2017
2019-
5209
18276
ELIOT IOTGateway
IEC TYPE3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2019-
5209
18276
Srinivasan Selvam
hanyu ding
srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 
lowNoApproved
CVE-
2017
2020-
5545
27619
ELIOT IOTGateway
IEC TYPE3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2020-
5545
27619
Srinivasan Selvam
hanyu ding
srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 
lowNoApproved
CVE-
2017
2021-
6969
3177
ELIOT IOTGateway
IEC Type3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2021-
6969
3177
Srinivasan Selvam
hanyu ding
srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 
lowNoApproved
CVE-
2017
2016-
7226
9180
ELIOT IOTGateway
IEC Type3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2016-
7226
9180
Srinivasan Selvam
hanyu ding
srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 
LowNoApproved
CVE-
2017
2019-
8872
13103
ELIOT IOTGateway
IEC Type3Ubuntu
16
18.04https://
ubuntu.com/security
nvd.nist.gov/vuln/detail/CVE-
2017
2019-
8872
13103
Srinivasan Selvam
hanyu ding
srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 
lowNoApproved
CVE-2019-
15505
9948
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access
nvd.
redhat
nist.
com
gov/
security
vuln/
cve
detail/CVE-2019-
15505
9948
Srinivasan Selvam
hanyu ding
srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 
lowNoApproved
CVE-
2014
2019-
9939
14192
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access.redhat
ubuntu.com/security
/cve
/CVE-
2014
2019-
9939
14192
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2017
2019-
12652
14193
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access
ubuntu.
redhat.
com/security/
cve/
CVE-
2017
2019-
12652
14193
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2018
2019-
16428
14194
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access
ubuntu.
redhat.
com/security/
cve/
CVE-
2018
2019-
16428
14194
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-2019-
11068
14195
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access.redhat
ubuntu.com/security/
cve/
CVE-2019-
11068
14195
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-2019-
12450
14196
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access
ubuntu.
redhat.
com/security
/cve
/CVE-2019-
12450
14196
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-2019-
12900
14198
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access
ubuntu.
redhat.
com/security/
cve/
CVE-2019-
12900Srinivasan Selvam
14198

hanyu ding

dinghanyu@chinamobile.com 

Low

NoApproved
srinivasanselvam2014@gmail.com
CVE-2019-
9169
14199
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access
ubuntu.
redhat.
com/security/
cve/
CVE-2019-
9169
14199
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2018
2019-
20836
14200
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access
ubuntu.
redhat.
com/security
/cve
/CVE-
2018
2019-
20836
14200
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-2019-
2201
14201
ELIOT uCPE
IEC Type3Ubuntu 18.04
CentOS 7.8
https://
access
ubuntu.
redhat.
com/security/
cve/
CVE-2019-
2201
14201
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2018
2019-
18439EALT-Edge
14202IEC Type3Ubuntu 18.04https://ubuntu.com/security/CVE-
2018
2019-
18439
14202
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2020
2019-
8432EALT-Edge
14203IEC Type3Ubuntu 18.04https://ubuntu.com/security/CVE-
2020
2019-
8432
14203
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2016
2019-
1585EALT-Edge
17041IEC Type3Ubuntu 18.04https://ubuntu.com/security/CVE-
2016
2019-
1585
17041
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com

Low

NoApproved
CVE-
2017
2019-
18342EALT-Edge
17042IEC Type3Ubuntu 18.04https://ubuntu.com/security/CVE-
2017
2019-
18342
17042
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com

Low

NoApproved
CVE-
2017
2020-
8283EALT-Edge
8432IEC Type3Ubuntu 18.04https://ubuntu.com/security/CVE-
2017
2020-
8283
8432
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com

Low

NoApproved
CVE-
2018
2019-
11236EALT-Edge
14197IEC Type3Ubuntu 18.04https://ubuntu.com/security/CVE-
2018
2019-
11236
14197
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com

Low

NoApproved
CVE-
2018
2019-
20839EALT-Edge
14204IEC Type3Ubuntu 18.04https://ubuntu.com/security/CVE-
2018
2019-
20839
14204
Srinivasan Selvam

hanyu ding

srinivasanselvam2014@gmail
dinghanyu@chinamobile.com 

Low

NoApproved
CVE-
2019-11059EALT-Edge
2018-10103IEC Type 5

CentOS

8.2

Ubuntu 18.04

https://
ubuntu
access.redhat.com/security/cve/CVE-
2019
2018-
11059
10103
Srinivasan Selvam

yihui wang

srinivasanselvam2014@gmail
wangyihui@chinamobile.com
CVE-2019-14192EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14192

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Moderate


Package:  tcpdump

Description:  RHSA-2020:4760

Fixed Date:  11/3/20

Approved; must apply update to next release
CVE-2018-10105IEC Type 5

CentOS

8.2

CVE-2019-14193EALT-EdgeUbuntu 18.04

https://
ubuntu
access.redhat.com/security/cve/CVE-
2019
2018-
14193
10105
Srinivasan Selvam

yihui wang

srinivasanselvam2014@gmail
wangyihui@chinamobile.com
CVE-2019-14194EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14194

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Moderate

Package:  tcpdump

Description:  RHSA-2020:4760

Fixed Date:  11/3/20

Approved; must apply update to next release
CVE-2018-19325IEC Type 5

CentOS

8.2

CVE-2019-14195EALT-EdgeUbuntu 18.04

https://

ubuntu

access.redhat.com/security/cve/CVE-

2019

2018-

14195

Srinivasan Selvam

srinivasanselvam2014@gmail.comCVE-2019-14196EALT-EdgeUbuntu 18.04

14466

see note for CVE #

yihui wang

wangyihui@chinamobile.com
Low

Per

https://

ubuntu.com/security

nvd.nist.gov/vuln/detail/CVE-

2019-14196

Srinivasan Selvam

srinivasanselvam2014@gmail.com

2018-19325 this CVE is a duplicate of CVE-2018-14466, this later CVE should be the only one referenced moving forward.

Package:  tcpdump

Description:  RHSA-2020:4760

Fixed Date:  11/3/20

Approved; must apply update to next release
CVE-2019-12900IEC Type 5

CentOS

8.2

https://access.redhat
CVE-2019-14198EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-14198

Srinivasan Selvam

srinivasanselvam2014@gmail.comCVE-2019-14199EALT-EdgeUbuntu 18.04https://ubuntu
.com/security/cve/CVE-2019-
14199
12900
Srinivasan Selvam

yihui wang

srinivasanselvam2014@gmail
wangyihui@chinamobile.com
LowNo; will not fixApproved
CVE-2019-
14200EALT-Edge
16746IEC Type 5

CentOS

8.2

Ubuntu 18.04

https://
ubuntu
access.redhat.com/security/cve/CVE-2019-
14200
16746
Srinivasan Selvam

yihui wang

srinivasanselvam2014@gmail
wangyihui@chinamobile.com

Moderate

No; will not fixApproved
CVE-2019-
14201EALT-Edge
14889IEC Type 5

CentOS

8.2

Ubuntu 18.04

https://
ubuntu
access.redhat.com/security/cve/CVE-2019-
14201
14889
Srinivasan Selvam

yihui wang

srinivasanselvam2014@gmail
wangyihui@chinamobile.com
Low

Package:  libssh2 not affected

Package:  libssh fixed 11/3/2020 in RHSA-2020:4545

Approved; must apply update to next release
CVE-2019-
14202EALT-Edge
17544IEC Type 5

CentOS

8.2

Ubuntu 18.04

https://
ubuntu
access.redhat.com/security/cve/CVE-2019-
14202
17544
Srinivasan Selvam

yihui wang

srinivasanselvam2014@gmail
wangyihui@chinamobile.com
LowNo; will not fixApproved
CVE-2019-
14203EALT-Edge
18604AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20
Ubuntu 18
.04https://ubuntu.com/security/CVE-2019-
14203

Srinivasan Selvam

srinivasanselvam2014@gmail.com
18604

Hechun Zhang

Hao Zhongwang

zhanghechun@baidu.com

Low

NoApproved
CVE-2020-14343AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20
CVE-2019-14204EALT-EdgeUbuntu 18
.04https://ubuntu.com/security/CVE-
2019-14204

Srinivasan Selvam

srinivasanselvam2014@gmail
2020-14343

Hechun Zhang

Hao Zhongwang

zhanghechun@baidu.com

Medium

NoApproved
CVE-
2019
2020-
9169EALT-Edge
27619AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20
Ubuntu 18
.04https://ubuntu.com/security/CVE-
2019-9169

Srinivasan Selvam

srinivasanselvam2014@gmail.com
2020-27619

Hechun Zhang

Hao Zhongwang

zhanghechun@baidu.com

Low

Specify version of Python being used.

Python 3.8 has a patch, other don't or not vulnerable on Ubuntu 20.04

Approved
CVE-2021-3177AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20
CVE-2019-10220EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-10220

Srinivasan Selvam

srinivasanselvam2014@gmail.comCVE-2019-19814EALT-EdgeUbuntu 18
.04https://ubuntu.com/security/CVE-
2019
2021-
19814
3177

Srinivasan Selvam

srinivasanselvam2014@gmail.com

Hechun Zhang

Hao Zhongwang

zhanghechun@baidu.com

Medium

Specify version of Python being used.

Python 3.8 has a patch, other don't or not vulnerable on Ubuntu 20.04

Approved
CVE-2016-9180AI Edge: Intelligent Vehicle-Infrastructure Cooperation System(I-VICS)Ubuntu 20
CVE-2019-19816EALT-EdgeUbuntu 18.04https://ubuntu.com/security/CVE-2019-19816

Srinivasan Selvam

srinivasanselvam2014@gmail.comCVE-2019-14197EALT-EdgeUbuntu 18
.04https://ubuntu.com/security/CVE-
2019-14197

Srinivasan Selvam

2016-9180

Hechun Zhang

Hao Zhongwang

zhanghechun@baidu.com

Low

NoApproved
srinivasanselvam2014@gmail.com