Security Advisory Dashboard
Matches lists advisories you record here (custom entries) plus any legacy CVE rows still in the database. Watchdog does not pull OSV, NVD, or R2 for new CVEs. Monitored RPMs is the inventory from build artifacts, refreshed on a schedule. Resolve rows from a detail page when appropriate (e.g. backport).
Active means not marked resolved. Monitored count ignores release (package filter applies). CVE counts only change when you add advisories or if older CVE rows remain in the database. If monitored RPM count is zero, log in as admin and use DB diagnostics to confirm this Watchdog uses the same Postgres as the build API.
Matches
| Type | ID | CVE / Title | Package | Version | Severity | Upstream | Fix | Fixed hint | Handled as | Affected Oreon releases | Actions |
|---|
Monitored RPMs
Distinct name plus version-release from successful build artifacts (source package name must match the binary RPM name). Refreshed on the Watchdog schedule (admins can trigger a refresh). CVE columns count database rows only.
| Package | Version | Last synced | CVE rows | Open CVEs |
|---|