Home
last modified time | relevance | path

Searched full:nvd (Results 1 – 25 of 56) sorted by relevance

123

/openbmc/openbmc/poky/meta/recipes-core/meta/
H A Dcve-update-nvd2-native.bb1 SUMMARY = "Updates the NVD CVE database"
5 # This product uses the NVD API but is not endorsed or certified by the NVD.
17 NVDCVE_URL ?= "https://services.nvd.nist.gov/rest/json/cves/2.0"
19 # If you have a NVD API key (https://nvd.nist.gov/developers/request-an-api-key)
30 # update. By default: the maximum allowed value from NVD: 120 days (120*24*60*60)
34 # Number of attempts for each http query to nvd server before giving up
48 Update NVD database with API 2.0
64 # The NVD database changes once a day, so no need to update more frequently
141 Request next part of the NVD database
142 NVD API documentation: https://nvd.nist.gov/developers/vulnerabilities
[all …]
/openbmc/openbmc/poky/meta/classes/
H A Dcve-check.bbclass67 # Replace NVD DB check status for a given CVE. Each of CVE has to be mentioned
307 Connect to the NVD database and find unpatched cves.
444 cursor = conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,))
451 cve_data[row[0]]["NVD-summary"] = row[1]
452 cve_data[row[0]]["NVD-scorev2"] = row[2]
453 cve_data[row[0]]["NVD-scorev3"] = row[3]
454 cve_data[row[0]]["NVD-scorev4"] = row[4]
455 cve_data[row[0]]["NVD-modified"] = row[5]
456 cve_data[row[0]]["NVD-vector"] = row[6]
457 cve_data[row[0]]["NVD-vectorString"] = row[7]
[all …]
H A Dvex.bbclass41 # Replace NVD DB check status for a given CVE. Each of CVE has to be mentioned
239 nvd_link = "https://nvd.nist.gov/vuln/detail/"
281 if 'NVD-summary' in cve_data[cve]:
282 cve_item["summary"] = cve_data[cve]["NVD-summary"]
283 cve_item["scorev2"] = cve_data[cve]["NVD-scorev2"]
284 cve_item["scorev3"] = cve_data[cve]["NVD-scorev3"]
285 cve_item["scorev4"] = cve_data[cve]["NVD-scorev4"]
286 cve_item["vector"] = cve_data[cve]["NVD-vector"]
287 cve_item["vectorString"] = cve_data[cve]["NVD-vectorString"]
/openbmc/openbmc/poky/meta/conf/distro/include/
H A Dcve-extra-exclusions.inc18 # strace https://nvd.nist.gov/vuln/detail/CVE-2000-0006
22 # epiphany https://nvd.nist.gov/vuln/detail/CVE-2005-0238
30 # glibc https://nvd.nist.gov/vuln/detail/CVE-2010-4756
37 # go https://nvd.nist.gov/vuln/detail/CVE-2020-29509
38 # go https://nvd.nist.gov/vuln/detail/CVE-2020-29511
68 # qemu:qemu-native:qemu-system-native https://nvd.nist.gov/vuln/detail/CVE-2021-20255
74 # qemu:qemu-native:qemu-system-native https://nvd.nist.gov/vuln/detail/CVE-2019-12067
80 # nasm:nasm-native https://nvd.nist.gov/vuln/detail/CVE-2020-18974
/openbmc/openbmc/poky/documentation/dev-manual/
H A Dvulnerabilities.rst48 - metadata about the CVE issue such as description and NVD link
60 By default, no NVD API key is used to retrieve data from the CVE database, which
61 results in larger delays between NVD API requests. See the :term:`NVDCVE_API_KEY`
62 documentation on how to request and set a NVD API key.
79 MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2016-6354
90 MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-6293
114 upstream `NIST CVE database <https://nvd.nist.gov/>`__.
128 Note that if the CVE entries in the NVD database contain bugs or have missing or incomplete
131 NVD about CVE entries can be provided through the `NVD contact form <https://nvd.nist.gov/info/cont…
239 to fix those issues in the CVE database (NVD in the case of OE-core and Poky)
[all …]
/openbmc/openbmc/poky/meta/conf/
H A Dcve-check-map.conf3 # used by this class internally when fix is detected (NVD DB version check or CVE patch file)
7 # use when NVD DB does not mention patched versions of stable/LTS branches which have upstream CVE …
9 # use when NVD DB does not mention correct version or does not mention any verion at all
25 # use when NVD DB wrongly indicates vulnerability which is actually for a different component
/openbmc/openbmc/poky/meta/recipes-core/ovmf/
H A Dovmf_git.bb37 CVE_STATUS[CVE-2014-4859] = "fixed-version: The CPE in the NVD database doesn't reflect correctly t…
38 CVE_STATUS[CVE-2014-4860] = "fixed-version: The CPE in the NVD database doesn't reflect correctly t…
39 CVE_STATUS[CVE-2019-14553] = "fixed-version: The CPE in the NVD database doesn't reflect correctly …
40 CVE_STATUS[CVE-2019-14559] = "fixed-version: The CPE in the NVD database doesn't reflect correctly …
41 CVE_STATUS[CVE-2019-14562] = "fixed-version: The CPE in the NVD database doesn't reflect correctly …
42 CVE_STATUS[CVE-2019-14563] = "fixed-version: The CPE in the NVD database doesn't reflect correctly …
43 CVE_STATUS[CVE-2019-14575] = "fixed-version: The CPE in the NVD database doesn't reflect correctly …
44 CVE_STATUS[CVE-2019-14586] = "fixed-version: The CPE in the NVD database doesn't reflect correctly …
45 CVE_STATUS[CVE-2019-14587] = "fixed-version: The CPE in the NVD database doesn't reflect correctly …
/openbmc/openbmc/poky/meta/recipes-multimedia/libtiff/
H A Dtiff_4.7.0.bb19 CVE_STATUS[CVE-2023-52356] = "fixed-version: Fixed since 4.7.0, NVD tracks this as version-less vul…
20 CVE_STATUS[CVE-2023-6228] = "fixed-version: Fixed since 4.7.0, NVD tracks this as version-less vuln…
21 CVE_STATUS[CVE-2023-6277] = "fixed-version: Fixed since 4.7.0, NVD tracks this as version-less vuln…
/openbmc/openbmc/poky/meta/recipes-core/glibc/
H A Dglibc_2.40.bb4 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022
5 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023
6 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024
13 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025
/openbmc/u-boot/drivers/mtd/
H A DKconfig32 option. Visit <http://www.amd.com/products/nvd/overview/cfi.html>
43 option. Visit <http://www.amd.com/products/nvd/overview/cfi.html>
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-support/pidgin/
H A Dpidgin_2.14.13.bb18 CVE_STATUS[CVE-2010-1624] = "fixed-version: The CPE in the NVD database doesn't reflect correctly t…
19 CVE_STATUS[CVE-2011-3594] = "fixed-version: The CPE in the NVD database doesn't reflect correctly t…
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-graphics/jasper/
H A Djasper_4.2.4.bb9 CVE_STATUS[CVE-2015-8751] = "fixed-version: The CPE in the NVD database doesn't reflect correctly t…
/openbmc/openbmc/poky/documentation/migration-guides/
H A Dmigration-4.2.rst54 .. _migration-4.2-new-nvd-api:
56 Fetching the NVD vulnerability database through the 2.0 API
59 This new version adds a new fetcher for the NVD database using the 2.0 API,
/openbmc/openbmc/poky/meta/recipes-devtools/json-c/
H A Djson-c_0.18.bb14 # NVD uses full tag name including date
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-extended/libimobiledevice/
H A Dlibplist_git.bb19 CVE_STATUS_LIBLIST[status] = "fixed-version: The CPE in the NVD database doesn't reflect correctly …
H A Dlibplist_2.6.0.bb17 CVE_STATUS_LIBLIST[status] = "fixed-version: The CPE in the NVD database doesn't reflect correctly …
/openbmc/openbmc/meta-openembedded/meta-networking/recipes-support/spice/
H A Dspice_git.bb26 CVE_STATUS[CVE-2018-10893] = "fixed-version: patched already, caused by inaccurate CPE in the NVD d…
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-extended/sanlock/
H A Dsanlock_3.9.5.bb24 CVE_STATUS[CVE-2012-5638] = "fixed-version: The CPE in the NVD database doesn't reflect correctly t…
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-support/atop/
H A Datop_2.4.0.bb29 CVE_STATUS[CVE-2011-3618] = "fixed-version: The CPE in the NVD database doesn't reflect correctly t…
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-devtools/uw-imap/
H A Duw-imap_2007f.bb27 CVE_STATUS[CVE-2005-0198] = "fixed-version: The CPE in the NVD database doesn't reflect correctly t…
/openbmc/openbmc/meta-security/recipes-security/ecryptfs-utils/files/
H A Decryptfs-utils-CVE-2016-6224.patch14 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6224
/openbmc/openbmc/poky/meta/recipes-extended/ghostscript/
H A Dghostscript_10.04.0.bb71 # some entries in NVD uses gpl_ghostscript
/openbmc/openbmc/meta-openembedded/meta-networking/recipes-protocols/openflow/
H A Dopenflow_git.bb29 because two CPE collides when checking the NVD database"
/openbmc/openbmc/poky/scripts/
H A Dcve-json-to-text.py134 lines += "MORE INFORMATION: https://nvd.nist.gov/vuln/detail/%s\n" % issue["id"]
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-extended/sblim-sfcb/
H A Dsblim-sfcb_1.4.9.bb36 CVE_STATUS[CVE-2012-3381] = "fixed-version: The CPE in the NVD database doesn't reflect correctly t…

123