View Source

Blueprints that have vulnerabilities with a CVSS score >= 9.0 and meet the following criteria should submit their information in the chart below to have the vulnerability considered for an exception:

Running at least the minimum OS version required by the Akraino Security Sub-Committee
- Ubuntu
- CentOS
- Debian
- Fedora
- Suse Enterprise Server

CVE #	Blueprint	Blueprint OS/Ver	URL Showing OS Patch Not Available	Contact Name	Contact Email	Comment
CVE-2019-12900	Connected Vehicle Blueprint (CVB)	Centos 7.8	https://access.redhat.com/security/cve/CVE-2019-12900	abhimanyu	abhimanyu@parserlabs.com	We need exception request for this CVE as it is not yet fixed for 7.X version
CVE-2019-12900	IEC Type4-AR/VVR oriented Edge Stack	Centos 7.8	https://access.redhat.com/security/cve/CVE-2019-12900	abhimanyu	abhimanyu@parserlabs.com	We need exception request for this CVE as it is not yet fixed for 7.X version
CVE-2016-1585	KubeEdge Edge Service Blueprint	Ubuntu 20.04	https://nvd.nist.gov/vuln/detail/CVE-2016-1585	Yin Ding	yin.ding@futurewei.com
CVE-2017-8283	KubeEdge Edge Service Blueprint	Ubuntu 20.04	https://nvd.nist.gov/vuln/detail/CVE-2017-8283	Yin Ding	yin.ding@futurewei.com
CVE-2018-20839	KubeEdge Edge Service Blueprint	Ubuntu 20.04	https://nvd.nist.gov/vuln/detail/CVE-2018-20839	Yin Ding	yin.ding@futurewei.com
CVE-2019-19814	KubeEdge Edge Service Blueprint	Ubuntu 20.04	https://nvd.nist.gov/vuln/detail/CVE-2019-19814	Yin Ding	yin.ding@futurewei.com