WIND RIVER SECURITY CENTER

Wind River is committed to active threat monitoring, rapid assessment, proactive customer notification, and timely fixes. This page brings together useful resources to help you navigate an evolving threat landscape.

 

cve Resources

 

Access our searchable database of Common Vulnerabilities and Exposures (CVEs).

Search the database

Recent CVEs

    -->
  • CVE-2021-44833 | Dec 12, 2021

    The CLI 1.0.0 for Amazon AWS OpenSearch has weak permissions for the configuration file.

  • CVE-2021-44726 | Dec 8, 2021

    KNIME Server before 4.13.4 allows XSS via the old WebPortal login page.

  • CVE-2021-44725 | Dec 8, 2021

    KNIME Server before 4.13.4 allows directory traversal in a request for a client profile.

  • CVE-2021-4471 | Dec 10, 2021

    syscall: don’t close fd 0 on ForkExec error

SEARCH FOR PATCHES

 

Find and access all of
our patches in our
Product Documentation

public release keys

 

Wind River protocol includes the use of PGP keys to sign our software. Use this public release key to sign content from your project:

Linux

Vulnerability Notices

 

Wind River® is committed to active threat monitoring, rapid assessment and prioritization, proactive customer notification, and timely fixes. Check out the remediation information on some of the latest security vulnerabilities.

REPORT A VULNERABILITY

 

If you have information about a security issue or vulnerability with a Wind River product or technology, you can report the issue below.
A member of the Wind River security team will review your submission and work with you in resolving the issue.

REPORT VULNERABILITY