Skip to content
Tools / BirdNET-Analyzer / Security

Security Deep Dive

BirdNET-Analyzer

Security posture and CVE patch evidence from tracked releases.

Back to Tool

7 critical dependency CVEs affects v2.4.0.

Audit transitive dependencies; consider upgrading or pinning replacements.

✗ Signed ✗ SLSA ✓ SBOM ✗ Security policy Monthly cadence · 29d median Active maintainer

Trust Signals — 3 of 9 Present

Evidence already collected from releases and repository metadata.

3/9 Present
Signed releases Absent
Latest release artifact signature None
Last verified: 16d ago
SLSA provenance Absent
Attestation predicate level Latest release
Last verified: 16d ago
SBOM published Present
GitHub SBOM API Latest release
Last verified: 28d ago
SECURITY.md Absent
GitHub repository metadata Repository policy
Checked: 18d ago
Release cadence: monthly Present
29d median over recent releases Release history
Latest release: 6mo ago
Maintainer active Present
Recent commit activity Repository
Last commit: 12d ago
Checksums (SHA256SUMS) Not active yet
SHA256SUMS or equivalent Release asset
Latest release: 6mo ago
GitHub Actions attestation Not active yet
actions/attest-build-provenance Workflow file
Latest release: 6mo ago
Signing assets Not active yet
.sig, .crt, cosign.pub, or similar Release asset
Latest release: 6mo ago
3.8/10 Security Score
Dependency Exposure 446 transitive dependency CVEs found in the latest SBOM. 7 critical.

Security Score

A composite score aggregating Scorecard performance, CVE patch history, OpenSSF badge tier, and dependency vulnerability exposure. Score ≥ 7.0 is healthy; < 4.0 warrants attention.

epss

0.25 / 0.5

No EPSS data

freshness

1.00 / 1.0

12d stale

scorecard

2.00 / 4.0

⚠ Estimated — not yet collected

cve health

0.00 / 2.5

⚠ No direct scan — 7c/130h transitive CVEs

patch speed

0.50 / 0.5

⚠ Estimated — no CVE patch history

kev exposure

1.50 / 1.5

No KEV exposure

supply chain risk

-1.50 / 10.0

Risk 100.0/100

Score breakdown

schema v2

Vulnerability posture

vulnerability posture

0.0

25%

direct cves: clear cve scan: estimated

Release responsiveness

release responsiveness

10.0

5%

patch speed days: no_history

Dependency exposure

dependency exposure

0.0

10%

supply chain risk: 100.0 transitive cves: 7c/130h

Provenance trust

provenance trust

5.0

40%

scorecard score: estimated openssf badge: none

Maintainer health

maintainer health

10.0

10%

activity freshness: 12d

Operational risk

operational risk

8.5

10%

kev exposure: clear epss max: none
How is this calculated?

The six dimensions group the legacy score signals into weighted categories: direct vulnerability status, patch responsiveness, dependency exposure, provenance checks, maintainer activity, and exploitability risk. The flat component values above remain available for compatibility.

Supply Chain Risk

Risk 100.0/100
7 Transitive critical CVEs
0 KEV-transitive CVEs
89% Dependency freshness

OpenSSF Badge

OpenSSF none

Badge indicates adherence to open-source best practices.

Dependency Vulnerabilities

16 dependencies scanned View full dependency list →

Scanning the SBOM (Software Bill of Materials) of the latest release for known vulnerabilities in transitive dependencies.

Critical

7

High

130

Medium

201

Low

106

Unknown

2

Still affecting latest (4) All (446)
Critical 7 High 130 Medium 201 Low 106 Unknown 2
CVE Severity KEV Dependency Affected version Cleared in release
CVE-2018-7575 critical tensorflow
CVE-2020-15212 critical tensorflow
CVE-2020-15214 critical tensorflow
CVE-2021-41208 critical tensorflow
CVE-2023-25668 critical tensorflow
CVE-2023-47248 critical pyarrow
GHSA-h6gw-r52c-724r critical tensorflow
CVE-2013-1633 high setuptools
CVE-2018-10055 high tensorflow
CVE-2018-21233 high tensorflow
CVE-2018-7576 high tensorflow
CVE-2018-7577 high tensorflow
CVE-2018-8825 high tensorflow
CVE-2019-12408 high pyarrow
CVE-2019-12410 high pyarrow
CVE-2019-9635 high tensorflow
CVE-2020-15193 high tensorflow
CVE-2020-15199 high tensorflow
CVE-2020-15200 high tensorflow
CVE-2020-15202 high tensorflow
CVE-2020-15203 high tensorflow
CVE-2020-15206 high tensorflow
CVE-2020-15208 high tensorflow
CVE-2020-15209 high tensorflow
CVE-2020-15210 high tensorflow
CVE-2020-15265 high tensorflow
CVE-2020-26269 high tensorflow
CVE-2021-29591 high tensorflow
CVE-2021-37635 high tensorflow
CVE-2021-37637 high tensorflow
CVE-2021-37638 high tensorflow
CVE-2021-37639 high tensorflow
CVE-2021-37643 high tensorflow
CVE-2021-37647 high tensorflow
CVE-2021-37648 high tensorflow
CVE-2021-37649 high tensorflow
CVE-2021-37650 high tensorflow
CVE-2021-37651 high tensorflow
CVE-2021-37652 high tensorflow
CVE-2021-37654 high tensorflow
CVE-2021-37655 high tensorflow
CVE-2021-37659 high tensorflow
CVE-2021-37663 high tensorflow
CVE-2021-37664 high tensorflow
CVE-2021-37665 high tensorflow
CVE-2021-37666 high tensorflow
CVE-2021-37667 high tensorflow
CVE-2021-37671 high tensorflow
CVE-2021-37676 high tensorflow
CVE-2021-37678 high tensorflow
CVE-2021-37679 high tensorflow
CVE-2021-37681 high tensorflow
CVE-2021-37688 high tensorflow
CVE-2021-37689 high tensorflow
CVE-2021-41201 high tensorflow
CVE-2021-41203 high tensorflow
CVE-2021-41206 high tensorflow
CVE-2021-41210 high tensorflow
CVE-2021-41211 high tensorflow
CVE-2021-41212 high tensorflow
CVE-2021-41214 high tensorflow
CVE-2021-41219 high tensorflow
CVE-2021-41220 high tensorflow
CVE-2021-41221 high tensorflow
CVE-2022-21726 high tensorflow
CVE-2022-21727 high tensorflow
CVE-2022-21728 high tensorflow
CVE-2022-21729 high tensorflow
CVE-2022-21730 high tensorflow
CVE-2022-21731 high tensorflow
CVE-2022-21734 high tensorflow
CVE-2022-21735 high tensorflow
CVE-2022-21736 high tensorflow
CVE-2022-21737 high tensorflow
CVE-2022-21738 high tensorflow
CVE-2022-21739 high tensorflow
CVE-2022-21740 high tensorflow
CVE-2022-21741 high tensorflow
CVE-2022-23557 high tensorflow
CVE-2022-23558 high tensorflow
CVE-2022-23559 high tensorflow
CVE-2022-23560 high tensorflow
CVE-2022-23561 high tensorflow
CVE-2022-23562 high tensorflow
CVE-2022-23563 high tensorflow
CVE-2022-23564 high tensorflow
CVE-2022-23565 high tensorflow
CVE-2022-23566 high tensorflow
CVE-2022-23567 high tensorflow
CVE-2022-23568 high tensorflow
CVE-2022-23569 high tensorflow
CVE-2022-23570 high tensorflow
CVE-2022-23571 high tensorflow
CVE-2022-23572 high tensorflow
CVE-2022-23573 high tensorflow
CVE-2022-23574 high tensorflow
CVE-2022-23575 high tensorflow
CVE-2022-23576 high tensorflow
CVE-2022-23577 high tensorflow
CVE-2022-23584 high tensorflow
CVE-2022-23587 high tensorflow
CVE-2022-23591 high tensorflow
CVE-2022-23592 high tensorflow
CVE-2022-23593 high tensorflow
CVE-2022-23594 high tensorflow
CVE-2022-29208 high tensorflow
CVE-2022-29216 high tensorflow
CVE-2022-35937 high tensorflow
CVE-2022-35939 high tensorflow
CVE-2022-40897 high setuptools
CVE-2022-41894 high tensorflow
CVE-2022-41900 high tensorflow
CVE-2022-41902 high tensorflow
CVE-2023-25658 high tensorflow
CVE-2023-25659 high tensorflow
CVE-2023-25660 high tensorflow
CVE-2023-25662 high tensorflow
CVE-2023-25663 high tensorflow
CVE-2023-25664 high tensorflow
CVE-2023-25665 high tensorflow
CVE-2023-25666 high tensorflow
CVE-2023-25669 high tensorflow
CVE-2023-25670 high tensorflow
CVE-2023-25671 high tensorflow
CVE-2023-25672 high tensorflow
CVE-2023-25673 high tensorflow
CVE-2023-25674 high tensorflow
CVE-2023-25675 high tensorflow
CVE-2023-25676 high tensorflow
CVE-2023-25801 high tensorflow
CVE-2023-27579 high tensorflow
CVE-2023-33976 high tensorflow
CVE-2024-6345 high setuptools
CVE-2025-47273 high setuptools
CVE-2026-28414 high gradio 5.46.1
CVE-2026-28416 high gradio 5.46.1
GHSA-43q8-3fv7-pr5x high tensorflow
CVE-2020-15190 medium tensorflow
CVE-2020-15191 medium tensorflow
CVE-2020-15192 medium tensorflow
CVE-2020-15194 medium tensorflow
CVE-2020-15195 medium tensorflow
CVE-2020-15196 medium tensorflow
CVE-2020-15197 medium tensorflow
CVE-2020-15198 medium tensorflow
CVE-2020-15201 medium tensorflow
CVE-2020-15204 medium tensorflow
CVE-2020-15205 medium tensorflow
CVE-2020-15207 medium tensorflow
CVE-2020-15211 medium tensorflow
CVE-2020-15213 medium tensorflow
CVE-2020-15266 medium tensorflow
CVE-2020-26266 medium tensorflow
CVE-2020-26268 medium tensorflow
CVE-2020-26270 medium tensorflow
CVE-2020-26271 medium tensorflow
CVE-2021-29592 medium tensorflow
CVE-2021-29601 medium tensorflow
CVE-2021-29605 medium tensorflow
CVE-2021-29606 medium tensorflow
CVE-2021-29607 medium tensorflow
CVE-2021-29608 medium tensorflow
CVE-2021-29609 medium tensorflow
CVE-2021-29613 medium tensorflow
CVE-2021-29614 medium tensorflow
CVE-2021-37636 medium tensorflow
CVE-2021-37640 medium tensorflow
CVE-2021-37641 medium tensorflow
CVE-2021-37642 medium tensorflow
CVE-2021-37644 medium tensorflow
CVE-2021-37645 medium tensorflow
CVE-2021-37646 medium tensorflow
CVE-2021-37653 medium tensorflow
CVE-2021-37656 medium tensorflow
CVE-2021-37657 medium tensorflow
CVE-2021-37658 medium tensorflow
CVE-2021-37660 medium tensorflow
CVE-2021-37661 medium tensorflow
CVE-2021-37662 medium tensorflow
CVE-2021-37668 medium tensorflow
CVE-2021-37669 medium tensorflow
CVE-2021-37670 medium tensorflow
CVE-2021-37672 medium tensorflow
CVE-2021-37673 medium tensorflow
CVE-2021-37674 medium tensorflow
CVE-2021-37675 medium tensorflow
CVE-2021-37677 medium tensorflow
CVE-2021-37680 medium tensorflow
CVE-2021-37682 medium tensorflow
CVE-2021-37683 medium tensorflow
CVE-2021-37684 medium tensorflow
CVE-2021-37685 medium tensorflow
CVE-2021-37686 medium tensorflow
CVE-2021-37687 medium tensorflow
CVE-2021-37690 medium tensorflow
CVE-2021-37691 medium tensorflow
CVE-2021-37692 medium tensorflow
CVE-2021-41195 medium tensorflow
CVE-2021-41196 medium tensorflow
CVE-2021-41197 medium tensorflow
CVE-2021-41198 medium tensorflow
CVE-2021-41199 medium tensorflow
CVE-2021-41200 medium tensorflow
CVE-2021-41202 medium tensorflow
CVE-2021-41204 medium tensorflow
CVE-2021-41205 medium tensorflow
CVE-2021-41207 medium tensorflow
CVE-2021-41209 medium tensorflow
CVE-2021-41213 medium tensorflow
CVE-2021-41215 medium tensorflow
CVE-2021-41216 medium tensorflow
CVE-2021-41217 medium tensorflow
CVE-2021-41218 medium tensorflow
CVE-2021-41222 medium tensorflow
CVE-2021-41223 medium tensorflow
CVE-2021-41224 medium tensorflow
CVE-2021-41225 medium tensorflow
CVE-2021-41226 medium tensorflow
CVE-2021-41227 medium tensorflow
CVE-2021-41228 medium tensorflow
CVE-2022-21725 medium tensorflow
CVE-2022-21732 medium tensorflow
CVE-2022-21733 medium tensorflow
CVE-2022-23578 medium tensorflow
CVE-2022-23579 medium tensorflow
CVE-2022-23580 medium tensorflow
CVE-2022-23581 medium tensorflow
CVE-2022-23582 medium tensorflow
CVE-2022-23583 medium tensorflow
CVE-2022-23585 medium tensorflow
CVE-2022-23586 medium tensorflow
CVE-2022-23588 medium tensorflow
CVE-2022-23589 medium tensorflow
CVE-2022-23590 medium tensorflow
CVE-2022-23595 medium tensorflow
CVE-2022-29191 medium tensorflow
CVE-2022-29192 medium tensorflow
CVE-2022-29193 medium tensorflow
CVE-2022-29194 medium tensorflow
CVE-2022-29195 medium tensorflow
CVE-2022-29196 medium tensorflow
CVE-2022-29197 medium tensorflow
CVE-2022-29198 medium tensorflow
CVE-2022-29199 medium tensorflow
CVE-2022-29200 medium tensorflow
CVE-2022-29201 medium tensorflow
CVE-2022-29202 medium tensorflow
CVE-2022-29203 medium tensorflow
CVE-2022-29204 medium tensorflow
CVE-2022-29205 medium tensorflow
CVE-2022-29206 medium tensorflow
CVE-2022-29207 medium tensorflow
CVE-2022-29209 medium tensorflow
CVE-2022-29210 medium tensorflow
CVE-2022-29211 medium tensorflow
CVE-2022-29212 medium tensorflow
CVE-2022-29213 medium tensorflow
CVE-2022-35934 medium tensorflow
CVE-2022-35935 medium tensorflow
CVE-2022-35940 medium tensorflow
CVE-2022-35941 medium tensorflow
CVE-2022-35952 medium tensorflow
CVE-2022-35959 medium tensorflow
CVE-2022-35960 medium tensorflow
CVE-2022-35963 medium tensorflow
CVE-2022-35964 medium tensorflow
CVE-2022-35965 medium tensorflow
CVE-2022-35966 medium tensorflow
CVE-2022-35967 medium tensorflow
CVE-2022-35968 medium tensorflow
CVE-2022-35969 medium tensorflow
CVE-2022-35970 medium tensorflow
CVE-2022-35971 medium tensorflow
CVE-2022-35972 medium tensorflow
CVE-2022-35973 medium tensorflow
CVE-2022-35974 medium tensorflow
CVE-2022-35979 medium tensorflow
CVE-2022-35981 medium tensorflow
CVE-2022-35982 medium tensorflow
CVE-2022-35983 medium tensorflow
CVE-2022-35984 medium tensorflow
CVE-2022-35985 medium tensorflow
CVE-2022-35986 medium tensorflow
CVE-2022-35987 medium tensorflow
CVE-2022-35988 medium tensorflow
CVE-2022-35989 medium tensorflow
CVE-2022-35990 medium tensorflow
CVE-2022-35991 medium tensorflow
CVE-2022-35992 medium tensorflow
CVE-2022-35993 medium tensorflow
CVE-2022-35994 medium tensorflow
CVE-2022-35995 medium tensorflow
CVE-2022-35996 medium tensorflow
CVE-2022-35997 medium tensorflow
CVE-2022-35998 medium tensorflow
CVE-2022-35999 medium tensorflow
CVE-2022-36000 medium tensorflow
CVE-2022-36001 medium tensorflow
CVE-2022-36002 medium tensorflow
CVE-2022-36003 medium tensorflow
CVE-2022-36004 medium tensorflow
CVE-2022-36005 medium tensorflow
CVE-2022-36011 medium tensorflow
CVE-2022-36012 medium tensorflow
CVE-2022-36013 medium tensorflow
CVE-2022-36014 medium tensorflow
CVE-2022-36017 medium tensorflow
CVE-2022-36018 medium tensorflow
CVE-2022-36019 medium tensorflow
CVE-2022-36026 medium tensorflow
CVE-2022-36027 medium tensorflow
CVE-2022-41880 medium tensorflow
CVE-2022-41883 medium tensorflow
CVE-2022-41884 medium tensorflow
CVE-2022-41885 medium tensorflow
CVE-2022-41886 medium tensorflow
CVE-2022-41887 medium tensorflow
CVE-2022-41888 medium tensorflow
CVE-2022-41889 medium tensorflow
CVE-2022-41890 medium tensorflow
CVE-2022-41891 medium tensorflow
CVE-2022-41893 medium tensorflow
CVE-2022-41895 medium tensorflow
CVE-2022-41896 medium tensorflow
CVE-2022-41897 medium tensorflow
CVE-2022-41898 medium tensorflow
CVE-2022-41899 medium tensorflow
CVE-2022-41901 medium tensorflow
CVE-2022-41907 medium tensorflow
CVE-2022-41908 medium tensorflow
CVE-2022-41909 medium tensorflow
CVE-2022-41910 medium tensorflow
CVE-2022-41911 medium tensorflow
CVE-2023-25661 medium tensorflow
CVE-2023-25667 medium tensorflow
CVE-2026-28415 medium gradio 5.46.1
GHSA-mw6j-hh29-h379 medium tensorflow
GHSA-wcv5-vrvr-3rx2 medium tensorflow
CVE-2019-16778 low tensorflow
CVE-2020-26267 low tensorflow
CVE-2020-5215 low tensorflow
CVE-2021-29512 low tensorflow
CVE-2021-29513 low tensorflow
CVE-2021-29514 low tensorflow
CVE-2021-29515 low tensorflow
CVE-2021-29516 low tensorflow
CVE-2021-29517 low tensorflow
CVE-2021-29518 low tensorflow
CVE-2021-29519 low tensorflow
CVE-2021-29520 low tensorflow
CVE-2021-29521 low tensorflow
CVE-2021-29522 low tensorflow
CVE-2021-29523 low tensorflow
CVE-2021-29524 low tensorflow
CVE-2021-29525 low tensorflow
CVE-2021-29526 low tensorflow
CVE-2021-29527 low tensorflow
CVE-2021-29528 low tensorflow
CVE-2021-29529 low tensorflow
CVE-2021-29530 low tensorflow
CVE-2021-29531 low tensorflow
CVE-2021-29532 low tensorflow
CVE-2021-29533 low tensorflow
CVE-2021-29534 low tensorflow
CVE-2021-29535 low tensorflow
CVE-2021-29536 low tensorflow
CVE-2021-29537 low tensorflow
CVE-2021-29538 low tensorflow
CVE-2021-29539 low tensorflow
CVE-2021-29540 low tensorflow
CVE-2021-29541 low tensorflow
CVE-2021-29542 low tensorflow
CVE-2021-29543 low tensorflow
CVE-2021-29544 low tensorflow
CVE-2021-29545 low tensorflow
CVE-2021-29546 low tensorflow
CVE-2021-29547 low tensorflow
CVE-2021-29548 low tensorflow
CVE-2021-29549 low tensorflow
CVE-2021-29550 low tensorflow
CVE-2021-29551 low tensorflow
CVE-2021-29552 low tensorflow
CVE-2021-29553 low tensorflow
CVE-2021-29554 low tensorflow
CVE-2021-29555 low tensorflow
CVE-2021-29556 low tensorflow
CVE-2021-29557 low tensorflow
CVE-2021-29558 low tensorflow
CVE-2021-29559 low tensorflow
CVE-2021-29560 low tensorflow
CVE-2021-29561 low tensorflow
CVE-2021-29562 low tensorflow
CVE-2021-29563 low tensorflow
CVE-2021-29564 low tensorflow
CVE-2021-29565 low tensorflow
CVE-2021-29566 low tensorflow
CVE-2021-29567 low tensorflow
CVE-2021-29568 low tensorflow
CVE-2021-29569 low tensorflow
CVE-2021-29570 low tensorflow
CVE-2021-29571 low tensorflow
CVE-2021-29572 low tensorflow
CVE-2021-29573 low tensorflow
CVE-2021-29574 low tensorflow
CVE-2021-29575 low tensorflow
CVE-2021-29576 low tensorflow
CVE-2021-29577 low tensorflow
CVE-2021-29578 low tensorflow
CVE-2021-29579 low tensorflow
CVE-2021-29580 low tensorflow
CVE-2021-29581 low tensorflow
CVE-2021-29582 low tensorflow
CVE-2021-29583 low tensorflow
CVE-2021-29584 low tensorflow
CVE-2021-29585 low tensorflow
CVE-2021-29586 low tensorflow
CVE-2021-29587 low tensorflow
CVE-2021-29588 low tensorflow
CVE-2021-29589 low tensorflow
CVE-2021-29590 low tensorflow
CVE-2021-29593 low tensorflow
CVE-2021-29594 low tensorflow
CVE-2021-29595 low tensorflow
CVE-2021-29596 low tensorflow
CVE-2021-29597 low tensorflow
CVE-2021-29598 low tensorflow
CVE-2021-29599 low tensorflow
CVE-2021-29600 low tensorflow
CVE-2021-29602 low tensorflow
CVE-2021-29603 low tensorflow
CVE-2021-29604 low tensorflow
CVE-2021-29610 low tensorflow
CVE-2021-29611 low tensorflow
CVE-2021-29612 low tensorflow
CVE-2021-29615 low tensorflow
CVE-2021-29616 low tensorflow
CVE-2021-29617 low tensorflow
CVE-2021-29618 low tensorflow
CVE-2021-29619 low tensorflow
CVE-2022-36015 low tensorflow
CVE-2022-36016 low tensorflow
CVE-2026-27167 low gradio 5.46.1
GHSA-cqvq-fvhr-v6hc low tensorflow
GHSA-xf83-q765-xm6m low tensorflow
CVE-2024-52338 unknown pyarrow
OSV-2021-449 unknown tensorflow

Showing 446 of 446

Beta — feedback welcome: [email protected]