The ssl_srv.c file in your repository is an exact copy of the file that was modified when vulnerabilities CVE-2017-18187, CVE-2018-9988, and CVE-2018-9989 were patched in the original project. The copy in your project is of a version of the ssl_srv.c before the vulnerabilities were fixed.
The reduce.h file in your repository is an exact copy of the file that was modified when the CVE-2020-15207 vulnerability was patched in the original project.
The types.h file in your repository is an exact copy of the file that was modified when the CVE-2020-15208 vulnerability was patched in the original project.
The uECC.c file in your repository is an exact copy of the file that was modified when the CVE-2020-27209 vulnerability was patched in the original project.
The padding.h file in your repository is an exact copy of the file that was modified when the CVE-2021-29585 vulnerability was patched in the original project.
The common.h file in your repository is an exact copy of the file that was modified when the CVE-2022-23557 vulnerability was patched in the original project.
Thanks to University of Tartu, University of Tennessee and Northern Kentucky University for pointing these out while conducting analysis of orphaned vulnerabilities in open source projects
[ ] uECC
[ ] mbedtls
[ ] Tensorflow (not such a bit deal as we generally trust the models we use)
libs/crypto/mbedtls/library/ssl_srv.c
libs/tensorflow/tensorflow/lite/kernels/internal/reference/reduce.h
libs/tensorflow/tensorflow/lite/kernels/internal/types.h
targetlibs/nrf5x_12/external/micro-ecc/uECC.c
libs/tensorflow/tensorflow/lite/kernels/padding.h
libs/tensorflow/tensorflow/lite/kernels/internal/common.h
The ssl_srv.c file in your repository is an exact copy of the file that was modified when vulnerabilities CVE-2017-18187, CVE-2018-9988, and CVE-2018-9989 were patched in the original project. The copy in your project is of a version of the ssl_srv.c before the vulnerabilities were fixed.
The reduce.h file in your repository is an exact copy of the file that was modified when the CVE-2020-15207 vulnerability was patched in the original project.
The types.h file in your repository is an exact copy of the file that was modified when the CVE-2020-15208 vulnerability was patched in the original project.
The uECC.c file in your repository is an exact copy of the file that was modified when the CVE-2020-27209 vulnerability was patched in the original project.
The padding.h file in your repository is an exact copy of the file that was modified when the CVE-2021-29585 vulnerability was patched in the original project.
The common.h file in your repository is an exact copy of the file that was modified when the CVE-2022-23557 vulnerability was patched in the original project.
Thanks to University of Tartu, University of Tennessee and Northern Kentucky University for pointing these out while conducting analysis of orphaned vulnerabilities in open source projects