From 992e3f42de48b05fd2b2e9dc79185156666be2ff Mon Sep 17 00:00:00 2001 From: henrirosten Date: Sat, 26 Oct 2024 03:59:16 +0000 Subject: [PATCH] Automatic vulnerability report update --- reports/main/data.csv | 56 +++++++++---------- ...6_64-linux.lenovo-x1-carbon-gen11-debug.md | 28 ++++++---- 2 files changed, 46 insertions(+), 38 deletions(-) diff --git a/reports/main/data.csv b/reports/main/data.csv index a90788f..2a4dc6d 100644 --- a/reports/main/data.csv +++ b/reports/main/data.csv @@ -19,11 +19,12 @@ https://github.com/NixOS/nixpkgs/pull/345737" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-23741","https://nvd.nist.gov/vuln/detail/CVE-2024-23741","hyper","9.8","0.14.30","","","","2024A0000023741","False","","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-21524","https://nvd.nist.gov/vuln/detail/CVE-2024-21524","stringbuilder","9.1","0.5.1","0.5.1","0.5.1","haskell:stringbuilder","2024A0000021524","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-21485","https://nvd.nist.gov/vuln/detail/CVE-2024-21485","dash","5.4","0.5.12","","","","2024A0000021485","False","","err_missing_repology_version","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-9287","https://nvd.nist.gov/vuln/detail/CVE-2024-9287","python","","2.7.18.8","3.13.0","3.13.0","python","2024A0000009287","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","MAL-2024-9233","https://osv.dev/MAL-2024-9233","foldl","","1.4.16","1.4.17","1.4.17","haskell:foldl","2024A0000009233","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-9143","https://nvd.nist.gov/vuln/detail/CVE-2024-9143","openssl","","3.3.2","3.3.2","3.4.0","openssl","2024A0000009143","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8354","https://nvd.nist.gov/vuln/detail/CVE-2024-8354","qemu","5.5","9.1.0","9.1.0","9.1.1","qemu","2024A0000008354","False","","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8354","https://nvd.nist.gov/vuln/detail/CVE-2024-8354","qemu","5.5","9.1.0","9.1.1","9.1.1","qemu","2024A0000008354","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8088","https://nvd.nist.gov/vuln/detail/CVE-2024-8088","python","","2.7.18.8","3.13.0","3.13.0","python","2024A0000008088","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-7592","https://nvd.nist.gov/vuln/detail/CVE-2024-7592","python","7.5","2.7.18.8","3.13.0","3.13.0","python","2024A0000007592","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/100658 https://github.com/NixOS/nixpkgs/pull/107488 @@ -31,7 +32,7 @@ https://github.com/NixOS/nixpkgs/pull/214110 https://github.com/NixOS/nixpkgs/pull/226656 https://github.com/NixOS/nixpkgs/pull/333926" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-6923","https://nvd.nist.gov/vuln/detail/CVE-2024-6923","python","5.5","2.7.18.8","3.13.0","3.13.0","python","2024A0000006923","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/335172" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-6505","https://nvd.nist.gov/vuln/detail/CVE-2024-6505","qemu","6.8","9.1.0","9.1.0","9.1.1","qemu","2024A0000006505","False","","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-6505","https://nvd.nist.gov/vuln/detail/CVE-2024-6505","qemu","6.8","9.1.0","9.1.1","9.1.1","qemu","2024A0000006505","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/351100" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-6232","https://nvd.nist.gov/vuln/detail/CVE-2024-6232","python","7.5","2.7.18.8","3.13.0","3.13.0","python","2024A0000006232","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/100658 https://github.com/NixOS/nixpkgs/pull/107488 https://github.com/NixOS/nixpkgs/pull/214110 @@ -172,7 +173,7 @@ https://github.com/NixOS/nixpkgs/pull/264266" https://github.com/NixOS/nixpkgs/pull/256150 https://github.com/NixOS/nixpkgs/pull/264266" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-2754","https://nvd.nist.gov/vuln/detail/CVE-2023-2754","warp","6.8","3.3.31","3.4.1","3.4.3","haskell:warp","2023A0000002754","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-2680","https://nvd.nist.gov/vuln/detail/CVE-2023-2680","qemu","8.2","9.1.0","9.1.0","9.1.1","qemu","2023A0000002680","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/305402" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-2680","https://nvd.nist.gov/vuln/detail/CVE-2023-2680","qemu","8.2","9.1.0","9.1.1","9.1.1","qemu","2023A0000002680","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/305402" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-2121","https://nvd.nist.gov/vuln/detail/CVE-2023-2121","vault","5.4","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000002121","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/236911 https://github.com/NixOS/nixpkgs/pull/239559 https://github.com/NixOS/nixpkgs/pull/239571" @@ -181,11 +182,11 @@ https://github.com/NixOS/nixpkgs/pull/239559 https://github.com/NixOS/nixpkgs/pull/239571" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-1862","https://nvd.nist.gov/vuln/detail/CVE-2023-1862","warp","7.3","3.3.31","3.4.1","3.4.3","haskell:warp","2023A0000001862","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-1412","https://nvd.nist.gov/vuln/detail/CVE-2023-1412","warp","7.8","3.3.31","3.4.1","3.4.3","haskell:warp","2023A0000001412","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-1386","https://nvd.nist.gov/vuln/detail/CVE-2023-1386","qemu","7.8","9.1.0","9.1.0","9.1.1","qemu","2023A0000001386","False","Revisit when fixed upstream: https://github.com/v9fs/linux/issues/29.","fix_not_available","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-1386","https://nvd.nist.gov/vuln/detail/CVE-2023-1386","qemu","7.8","9.1.0","9.1.1","9.1.1","qemu","2023A0000001386","False","Revisit when fixed upstream: https://github.com/v9fs/linux/issues/29.","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1344","https://osv.dev/OSV-2023-1344","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001344","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1329","https://osv.dev/OSV-2023-1329","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001329","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1307","https://osv.dev/OSV-2023-1307","libbpf","","1.4.6","1.4.6","1.4.6","libbpf","2023A0000001307","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1170","https://osv.dev/OSV-2023-1170","vulkan-loader","","1.3.290.0","1.3.290.0","1.3.299","vulkan-loader","2023A0000001170","False","","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1170","https://osv.dev/OSV-2023-1170","vulkan-loader","","1.3.290.0","1.3.290.0","1.3.300","vulkan-loader","2023A0000001170","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1129","https://osv.dev/OSV-2023-1129","libheif","","1.18.2","1.18.2","1.18.2","libheif","2023A0000001129","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-877","https://osv.dev/OSV-2023-877","libbpf","","1.4.6","1.4.6","1.4.6","libbpf","2023A0000000877","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-862","https://osv.dev/OSV-2023-862","gstreamer","","1.24.7","1.24.7","1.24.8","gstreamer","2023A0000000862","False","","err_not_vulnerable_based_on_repology","" @@ -198,7 +199,7 @@ https://github.com/NixOS/nixpkgs/pull/239571" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0620","https://nvd.nist.gov/vuln/detail/CVE-2023-0620","vault","6.7","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000620","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-505","https://osv.dev/OSV-2023-505","file","","5.45","5.45","5.45","file","2023A0000000505","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-395","https://osv.dev/OSV-2023-395","opensc","","0.25.1","0.25.1","0.25.1","opensc","2023A0000000395","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-390","https://osv.dev/OSV-2023-390","qemu","","9.1.0","9.1.0","9.1.1","qemu","2023A0000000390","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-390","https://osv.dev/OSV-2023-390","qemu","","9.1.0","9.1.1","9.1.1","qemu","2023A0000000390","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-364","https://osv.dev/OSV-2023-364","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000364","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-327","https://osv.dev/OSV-2023-327","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000327","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-298","https://osv.dev/OSV-2023-298","cairo","","1.18.2","1.17.13","1.17.13","ruby:cairo","2023A0000000298","False","","err_not_vulnerable_based_on_repology","" @@ -337,7 +338,6 @@ https://github.com/NixOS/nixpkgs/pull/170659" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-1276","https://osv.dev/OSV-2022-1276","openvpn","","2.6.12","2.6.12","2.6.12","openvpn","2022A0000001276","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-1201","https://osv.dev/OSV-2022-1201","opensc","","0.25.1","0.25.1","0.25.1","opensc","2022A0000001201","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-1188","https://osv.dev/OSV-2022-1188","opensc","","0.25.1","0.25.1","0.25.1","opensc","2022A0000001188","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-1108","https://osv.dev/OSV-2022-1108","ruby","","3.3.5","3.3.5","3.3.5","ruby","2022A0000001108","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0-r1.cabal","3.2.2.0","3.2.4.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0","3.2.2.0","3.2.4.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-908","https://osv.dev/OSV-2022-908","bluez","","5.78","5.78","5.78","bluez","2022A0000000908","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" @@ -349,7 +349,7 @@ https://github.com/NixOS/nixpkgs/pull/170659" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-785","https://osv.dev/OSV-2022-785","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000785","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-725","https://osv.dev/OSV-2022-725","libjxl","","0.10.3","0.10.3","0.11.0","libjxl","2022A0000000725","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-608","https://osv.dev/OSV-2022-608","libjxl","","0.10.3","0.10.3","0.11.0","libjxl","2022A0000000608","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-581","https://osv.dev/OSV-2022-581","qemu","","9.1.0","9.1.0","9.1.1","qemu","2022A0000000581","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-581","https://osv.dev/OSV-2022-581","qemu","","9.1.0","9.1.1","9.1.1","qemu","2022A0000000581","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-572","https://osv.dev/OSV-2022-572","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000572","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-530","https://osv.dev/OSV-2022-530","espeak-ng","","1.51.1","","","","2022A0000000530","False","Unclear if this is still valid.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-524","https://osv.dev/OSV-2022-524","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2022A0000000524","False","","err_not_vulnerable_based_on_repology","" @@ -694,11 +694,12 @@ https://github.com/NixOS/nixpkgs/pull/345737" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-23741","https://nvd.nist.gov/vuln/detail/CVE-2024-23741","hyper","9.8","0.14.30","","","","2024A0000023741","False","","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-21524","https://nvd.nist.gov/vuln/detail/CVE-2024-21524","stringbuilder","9.1","0.5.1","0.5.1","0.5.1","haskell:stringbuilder","2024A0000021524","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-21485","https://nvd.nist.gov/vuln/detail/CVE-2024-21485","dash","5.4","0.5.12","","","","2024A0000021485","False","","err_missing_repology_version","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-9287","https://nvd.nist.gov/vuln/detail/CVE-2024-9287","python","","2.7.18.8","3.13.0","3.13.0","python","2024A0000009287","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","MAL-2024-9233","https://osv.dev/MAL-2024-9233","foldl","","1.4.16","1.4.17","1.4.17","haskell:foldl","2024A0000009233","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-9143","https://nvd.nist.gov/vuln/detail/CVE-2024-9143","openssl","","3.3.2","3.3.2","3.4.0","openssl","2024A0000009143","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8354","https://nvd.nist.gov/vuln/detail/CVE-2024-8354","qemu","5.5","9.1.0","9.1.0","9.1.1","qemu","2024A0000008354","False","","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8354","https://nvd.nist.gov/vuln/detail/CVE-2024-8354","qemu","5.5","9.1.0","9.1.1","9.1.1","qemu","2024A0000008354","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8088","https://nvd.nist.gov/vuln/detail/CVE-2024-8088","python","","2.7.18.8","3.13.0","3.13.0","python","2024A0000008088","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-7592","https://nvd.nist.gov/vuln/detail/CVE-2024-7592","python","7.5","2.7.18.8","3.13.0","3.13.0","python","2024A0000007592","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/100658 https://github.com/NixOS/nixpkgs/pull/107488 @@ -706,7 +707,7 @@ https://github.com/NixOS/nixpkgs/pull/214110 https://github.com/NixOS/nixpkgs/pull/226656 https://github.com/NixOS/nixpkgs/pull/333926" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-6923","https://nvd.nist.gov/vuln/detail/CVE-2024-6923","python","5.5","2.7.18.8","3.13.0","3.13.0","python","2024A0000006923","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/335172" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-6505","https://nvd.nist.gov/vuln/detail/CVE-2024-6505","qemu","6.8","9.1.0","9.1.0","9.1.1","qemu","2024A0000006505","False","","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-6505","https://nvd.nist.gov/vuln/detail/CVE-2024-6505","qemu","6.8","9.1.0","9.1.1","9.1.1","qemu","2024A0000006505","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/351100" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-6232","https://nvd.nist.gov/vuln/detail/CVE-2024-6232","python","7.5","2.7.18.8","3.13.0","3.13.0","python","2024A0000006232","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/100658 https://github.com/NixOS/nixpkgs/pull/107488 https://github.com/NixOS/nixpkgs/pull/214110 @@ -847,7 +848,7 @@ https://github.com/NixOS/nixpkgs/pull/264266" https://github.com/NixOS/nixpkgs/pull/256150 https://github.com/NixOS/nixpkgs/pull/264266" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-2754","https://nvd.nist.gov/vuln/detail/CVE-2023-2754","warp","6.8","3.3.31","3.4.1","3.4.3","haskell:warp","2023A0000002754","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-2680","https://nvd.nist.gov/vuln/detail/CVE-2023-2680","qemu","8.2","9.1.0","9.1.0","9.1.1","qemu","2023A0000002680","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/305402" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-2680","https://nvd.nist.gov/vuln/detail/CVE-2023-2680","qemu","8.2","9.1.0","9.1.1","9.1.1","qemu","2023A0000002680","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/305402" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-2121","https://nvd.nist.gov/vuln/detail/CVE-2023-2121","vault","5.4","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000002121","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/236911 https://github.com/NixOS/nixpkgs/pull/239559 https://github.com/NixOS/nixpkgs/pull/239571" @@ -856,11 +857,11 @@ https://github.com/NixOS/nixpkgs/pull/239559 https://github.com/NixOS/nixpkgs/pull/239571" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-1862","https://nvd.nist.gov/vuln/detail/CVE-2023-1862","warp","7.3","3.3.31","3.4.1","3.4.3","haskell:warp","2023A0000001862","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-1412","https://nvd.nist.gov/vuln/detail/CVE-2023-1412","warp","7.8","3.3.31","3.4.1","3.4.3","haskell:warp","2023A0000001412","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-1386","https://nvd.nist.gov/vuln/detail/CVE-2023-1386","qemu","7.8","9.1.0","9.1.0","9.1.1","qemu","2023A0000001386","False","Revisit when fixed upstream: https://github.com/v9fs/linux/issues/29.","fix_not_available","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-1386","https://nvd.nist.gov/vuln/detail/CVE-2023-1386","qemu","7.8","9.1.0","9.1.1","9.1.1","qemu","2023A0000001386","False","Revisit when fixed upstream: https://github.com/v9fs/linux/issues/29.","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1344","https://osv.dev/OSV-2023-1344","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001344","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1329","https://osv.dev/OSV-2023-1329","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001329","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1307","https://osv.dev/OSV-2023-1307","libbpf","","1.4.6","1.4.6","1.4.6","libbpf","2023A0000001307","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1170","https://osv.dev/OSV-2023-1170","vulkan-loader","","1.3.290.0","1.3.290.0","1.3.299","vulkan-loader","2023A0000001170","False","","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1170","https://osv.dev/OSV-2023-1170","vulkan-loader","","1.3.290.0","1.3.290.0","1.3.300","vulkan-loader","2023A0000001170","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1129","https://osv.dev/OSV-2023-1129","libheif","","1.18.2","1.18.2","1.18.2","libheif","2023A0000001129","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-877","https://osv.dev/OSV-2023-877","libbpf","","1.4.6","1.4.6","1.4.6","libbpf","2023A0000000877","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-862","https://osv.dev/OSV-2023-862","gstreamer","","1.24.7","1.24.7","1.24.8","gstreamer","2023A0000000862","False","","err_not_vulnerable_based_on_repology","" @@ -873,7 +874,7 @@ https://github.com/NixOS/nixpkgs/pull/239571" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-0620","https://nvd.nist.gov/vuln/detail/CVE-2023-0620","vault","6.7","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000620","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-505","https://osv.dev/OSV-2023-505","file","","5.45","5.45","5.45","file","2023A0000000505","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-395","https://osv.dev/OSV-2023-395","opensc","","0.25.1","0.25.1","0.25.1","opensc","2023A0000000395","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-390","https://osv.dev/OSV-2023-390","qemu","","9.1.0","9.1.0","9.1.1","qemu","2023A0000000390","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-390","https://osv.dev/OSV-2023-390","qemu","","9.1.0","9.1.1","9.1.1","qemu","2023A0000000390","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-364","https://osv.dev/OSV-2023-364","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000364","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-327","https://osv.dev/OSV-2023-327","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000327","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-298","https://osv.dev/OSV-2023-298","cairo","","1.18.2","1.17.13","1.17.13","ruby:cairo","2023A0000000298","False","","err_not_vulnerable_based_on_repology","" @@ -1012,7 +1013,6 @@ https://github.com/NixOS/nixpkgs/pull/170659" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-1276","https://osv.dev/OSV-2022-1276","openvpn","","2.6.12","2.6.12","2.6.12","openvpn","2022A0000001276","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-1201","https://osv.dev/OSV-2022-1201","opensc","","0.25.1","0.25.1","0.25.1","opensc","2022A0000001201","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-1188","https://osv.dev/OSV-2022-1188","opensc","","0.25.1","0.25.1","0.25.1","opensc","2022A0000001188","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-1108","https://osv.dev/OSV-2022-1108","ruby","","3.3.5","3.3.5","3.3.5","ruby","2022A0000001108","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0-r1.cabal","3.2.2.0","3.2.4.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0","3.2.2.0","3.2.4.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-908","https://osv.dev/OSV-2022-908","bluez","","5.78","5.78","5.78","bluez","2022A0000000908","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" @@ -1024,7 +1024,7 @@ https://github.com/NixOS/nixpkgs/pull/170659" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-785","https://osv.dev/OSV-2022-785","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000785","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-725","https://osv.dev/OSV-2022-725","libjxl","","0.10.3","0.10.3","0.11.0","libjxl","2022A0000000725","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-608","https://osv.dev/OSV-2022-608","libjxl","","0.10.3","0.10.3","0.11.0","libjxl","2022A0000000608","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-581","https://osv.dev/OSV-2022-581","qemu","","9.1.0","9.1.0","9.1.1","qemu","2022A0000000581","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-581","https://osv.dev/OSV-2022-581","qemu","","9.1.0","9.1.1","9.1.1","qemu","2022A0000000581","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-572","https://osv.dev/OSV-2022-572","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000572","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-530","https://osv.dev/OSV-2022-530","espeak-ng","","1.51.1","","","","2022A0000000530","False","Unclear if this is still valid.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-524","https://osv.dev/OSV-2022-524","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2022A0000000524","False","","err_not_vulnerable_based_on_repology","" @@ -1369,11 +1369,12 @@ https://github.com/NixOS/nixpkgs/pull/345737" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-23741","https://nvd.nist.gov/vuln/detail/CVE-2024-23741","hyper","9.8","0.14.30","","","","2024A0000023741","False","","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-21524","https://nvd.nist.gov/vuln/detail/CVE-2024-21524","stringbuilder","9.1","0.5.1","0.5.1","0.5.1","haskell:stringbuilder","2024A0000021524","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-21485","https://nvd.nist.gov/vuln/detail/CVE-2024-21485","dash","5.4","0.5.12","","","","2024A0000021485","False","","err_missing_repology_version","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-9287","https://nvd.nist.gov/vuln/detail/CVE-2024-9287","python","","2.7.18.8","3.13.0","3.13.0","python","2024A0000009287","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","MAL-2024-9233","https://osv.dev/MAL-2024-9233","foldl","","1.4.16","1.4.17","1.4.17","haskell:foldl","2024A0000009233","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-9143","https://nvd.nist.gov/vuln/detail/CVE-2024-9143","openssl","","3.3.2","3.3.2","3.4.0","openssl","2024A0000009143","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8354","https://nvd.nist.gov/vuln/detail/CVE-2024-8354","qemu","5.5","9.1.0","9.1.0","9.1.1","qemu","2024A0000008354","False","","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8354","https://nvd.nist.gov/vuln/detail/CVE-2024-8354","qemu","5.5","9.1.1","9.1.1","9.1.1","qemu","2024A0000008354","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8088","https://nvd.nist.gov/vuln/detail/CVE-2024-8088","python","","2.7.18.8","3.13.0","3.13.0","python","2024A0000008088","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-7592","https://nvd.nist.gov/vuln/detail/CVE-2024-7592","python","7.5","2.7.18.8","3.13.0","3.13.0","python","2024A0000007592","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/100658 https://github.com/NixOS/nixpkgs/pull/107488 @@ -1381,7 +1382,7 @@ https://github.com/NixOS/nixpkgs/pull/214110 https://github.com/NixOS/nixpkgs/pull/226656 https://github.com/NixOS/nixpkgs/pull/333926" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-6923","https://nvd.nist.gov/vuln/detail/CVE-2024-6923","python","5.5","2.7.18.8","3.13.0","3.13.0","python","2024A0000006923","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/335172" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-6505","https://nvd.nist.gov/vuln/detail/CVE-2024-6505","qemu","6.8","9.1.0","9.1.0","9.1.1","qemu","2024A0000006505","False","","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-6505","https://nvd.nist.gov/vuln/detail/CVE-2024-6505","qemu","6.8","9.1.1","9.1.1","9.1.1","qemu","2024A0000006505","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/351100" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-6232","https://nvd.nist.gov/vuln/detail/CVE-2024-6232","python","7.5","2.7.18.8","3.13.0","3.13.0","python","2024A0000006232","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/100658 https://github.com/NixOS/nixpkgs/pull/107488 https://github.com/NixOS/nixpkgs/pull/214110 @@ -1522,7 +1523,7 @@ https://github.com/NixOS/nixpkgs/pull/264266" https://github.com/NixOS/nixpkgs/pull/256150 https://github.com/NixOS/nixpkgs/pull/264266" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-2754","https://nvd.nist.gov/vuln/detail/CVE-2023-2754","warp","6.8","3.3.31","3.4.1","3.4.3","haskell:warp","2023A0000002754","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-2680","https://nvd.nist.gov/vuln/detail/CVE-2023-2680","qemu","8.2","9.1.0","9.1.0","9.1.1","qemu","2023A0000002680","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/305402" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-2680","https://nvd.nist.gov/vuln/detail/CVE-2023-2680","qemu","8.2","9.1.1","9.1.1","9.1.1","qemu","2023A0000002680","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/305402" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-2121","https://nvd.nist.gov/vuln/detail/CVE-2023-2121","vault","5.4","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000002121","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/236911 https://github.com/NixOS/nixpkgs/pull/239559 https://github.com/NixOS/nixpkgs/pull/239571" @@ -1531,11 +1532,11 @@ https://github.com/NixOS/nixpkgs/pull/239559 https://github.com/NixOS/nixpkgs/pull/239571" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-1862","https://nvd.nist.gov/vuln/detail/CVE-2023-1862","warp","7.3","3.3.31","3.4.1","3.4.3","haskell:warp","2023A0000001862","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-1412","https://nvd.nist.gov/vuln/detail/CVE-2023-1412","warp","7.8","3.3.31","3.4.1","3.4.3","haskell:warp","2023A0000001412","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-1386","https://nvd.nist.gov/vuln/detail/CVE-2023-1386","qemu","7.8","9.1.0","9.1.0","9.1.1","qemu","2023A0000001386","False","Revisit when fixed upstream: https://github.com/v9fs/linux/issues/29.","fix_not_available","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-1386","https://nvd.nist.gov/vuln/detail/CVE-2023-1386","qemu","7.8","9.1.1","9.1.1","9.1.1","qemu","2023A0000001386","False","Revisit when fixed upstream: https://github.com/v9fs/linux/issues/29.","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1344","https://osv.dev/OSV-2023-1344","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001344","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1329","https://osv.dev/OSV-2023-1329","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001329","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1307","https://osv.dev/OSV-2023-1307","libbpf","","1.4.6","1.4.6","1.4.6","libbpf","2023A0000001307","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1170","https://osv.dev/OSV-2023-1170","vulkan-loader","","1.3.290.0","1.3.290.0","1.3.299","vulkan-loader","2023A0000001170","False","","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1170","https://osv.dev/OSV-2023-1170","vulkan-loader","","1.3.290.0","1.3.290.0","1.3.300","vulkan-loader","2023A0000001170","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1129","https://osv.dev/OSV-2023-1129","libheif","","1.18.2","1.18.2","1.18.2","libheif","2023A0000001129","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-877","https://osv.dev/OSV-2023-877","libbpf","","1.4.6","1.4.6","1.4.6","libbpf","2023A0000000877","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-862","https://osv.dev/OSV-2023-862","gstreamer","","1.24.7","1.24.7","1.24.8","gstreamer","2023A0000000862","False","","err_not_vulnerable_based_on_repology","" @@ -1548,7 +1549,7 @@ https://github.com/NixOS/nixpkgs/pull/239571" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-0620","https://nvd.nist.gov/vuln/detail/CVE-2023-0620","vault","6.7","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000620","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-505","https://osv.dev/OSV-2023-505","file","","5.45","5.45","5.45","file","2023A0000000505","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-395","https://osv.dev/OSV-2023-395","opensc","","0.25.1","0.25.1","0.25.1","opensc","2023A0000000395","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-390","https://osv.dev/OSV-2023-390","qemu","","9.1.0","9.1.0","9.1.1","qemu","2023A0000000390","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-390","https://osv.dev/OSV-2023-390","qemu","","9.1.1","9.1.1","9.1.1","qemu","2023A0000000390","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-364","https://osv.dev/OSV-2023-364","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000364","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-327","https://osv.dev/OSV-2023-327","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000327","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-298","https://osv.dev/OSV-2023-298","cairo","","1.18.2","1.17.13","1.17.13","ruby:cairo","2023A0000000298","False","","err_not_vulnerable_based_on_repology","" @@ -1687,7 +1688,6 @@ https://github.com/NixOS/nixpkgs/pull/170659" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-1276","https://osv.dev/OSV-2022-1276","openvpn","","2.6.12","2.6.12","2.6.12","openvpn","2022A0000001276","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-1201","https://osv.dev/OSV-2022-1201","opensc","","0.25.1","0.25.1","0.25.1","opensc","2022A0000001201","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-1188","https://osv.dev/OSV-2022-1188","opensc","","0.25.1","0.25.1","0.25.1","opensc","2022A0000001188","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-1108","https://osv.dev/OSV-2022-1108","ruby","","3.3.5","3.3.5","3.3.5","ruby","2022A0000001108","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0-r1.cabal","3.2.2.0","3.2.4.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0","3.2.2.0","3.2.4.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-908","https://osv.dev/OSV-2022-908","bluez","","5.78","5.78","5.78","bluez","2022A0000000908","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" @@ -1699,7 +1699,7 @@ https://github.com/NixOS/nixpkgs/pull/170659" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-785","https://osv.dev/OSV-2022-785","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000785","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-725","https://osv.dev/OSV-2022-725","libjxl","","0.10.3","0.10.3","0.11.0","libjxl","2022A0000000725","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-608","https://osv.dev/OSV-2022-608","libjxl","","0.10.3","0.10.3","0.11.0","libjxl","2022A0000000608","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-581","https://osv.dev/OSV-2022-581","qemu","","9.1.0","9.1.0","9.1.1","qemu","2022A0000000581","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-581","https://osv.dev/OSV-2022-581","qemu","","9.1.1","9.1.1","9.1.1","qemu","2022A0000000581","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-572","https://osv.dev/OSV-2022-572","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000572","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-530","https://osv.dev/OSV-2022-530","espeak-ng","","1.51.1","","","","2022A0000000530","False","Unclear if this is still valid.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-524","https://osv.dev/OSV-2022-524","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2022A0000000524","False","","err_not_vulnerable_based_on_repology","" @@ -1796,7 +1796,7 @@ https://github.com/NixOS/nixpkgs/pull/333926" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-23215","https://nvd.nist.gov/vuln/detail/CVE-2021-23215","openexr","5.5","2.5.10","","","","2021A0000023215","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d which went to 2.5.5.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-23169","https://nvd.nist.gov/vuln/detail/CVE-2021-23169","openexr","8.8","2.5.10","","","","2021A0000023169","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-21684","https://nvd.nist.gov/vuln/detail/CVE-2021-21684","git","6.1","2.46.1","","","","2021A0000021684","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-20255","https://nvd.nist.gov/vuln/detail/CVE-2021-20255","qemu","5.5","9.1.0","","","","2021A0000020255","True","Upstream patch not merged: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html. No point fixing this in nixpkgs as long as it is not fixed upstream.","err_missing_repology_version","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-20255","https://nvd.nist.gov/vuln/detail/CVE-2021-20255","qemu","5.5","9.1.1","","","","2021A0000020255","True","Upstream patch not merged: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html. No point fixing this in nixpkgs as long as it is not fixed upstream.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-20240","https://nvd.nist.gov/vuln/detail/CVE-2021-20240","gdk-pixbuf","8.8","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2021A0000020240","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/312036 https://github.com/NixOS/nixpkgs/pull/314686" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-4336","https://nvd.nist.gov/vuln/detail/CVE-2021-4336","ninja","9.8","1.12.1","","","","2021A0000004336","True","Incorrect package: nixpkgs 'ninja' refers https://github.com/ninja-build/ninja, not https://github.com/ITRS-Group/monitor-ninja.","err_missing_repology_version","" @@ -1834,7 +1834,7 @@ https://github.com/NixOS/nixpkgs/pull/333926" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-1110","https://osv.dev/OSV-2021-1110","espeak-ng","","1.51.1","","","","2021A0000001110","False","Unclear if this is still valid.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-1041","https://osv.dev/OSV-2021-1041","espeak-ng","","1.51.1","","","","2021A0000001041","False","Unclear if this is still valid.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-1024","https://osv.dev/OSV-2021-1024","espeak-ng","","1.51.1","","","","2021A0000001024","False","Unclear if this is still valid.","err_missing_repology_version","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-820","https://osv.dev/OSV-2021-820","qemu","","9.1.0","","","","2021A0000000820","True","Fixed based on https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2.","err_missing_repology_version","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-820","https://osv.dev/OSV-2021-820","qemu","","9.1.1","","","","2021A0000000820","True","Fixed based on https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-802","https://osv.dev/OSV-2021-802","espeak-ng","","1.51.1","","","","2021A0000000802","False","Unclear if this is still valid.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-787","https://osv.dev/OSV-2021-787","espeak-ng","","1.51.1","","","","2021A0000000787","False","Unclear if this is still valid.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-777","https://osv.dev/OSV-2021-777","libxml2","","2.13.4","","","","2021A0000000777","True","Fixed by https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f5ccada05ddd4a1ff8e399ad39fc7cd4bd33325, which went to 2.9.13. Therefore, this issue is fixed in 2.10.4.","err_missing_repology_version","" @@ -1890,7 +1890,7 @@ https://github.com/NixOS/nixpkgs/pull/84664" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14553","https://nvd.nist.gov/vuln/detail/CVE-2019-14553","edk2","4.9","202408","","","","2019A0000014553","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-12749","https://nvd.nist.gov/vuln/detail/CVE-2019-12749","dbus","7.1","1","","","","2019A0000012749","True","Fixed with https://github.com/NixOS/nixpkgs/pull/63021 (dbus version '1' in nixpkgs currently refers 1.14.8).","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-12749","https://nvd.nist.gov/vuln/detail/CVE-2019-12749","dbus","7.1","0.9.7","","","","2019A0000012749","True","Fixed with https://github.com/NixOS/nixpkgs/pull/63021 (dbus version '1' in nixpkgs currently refers 1.14.8).","err_missing_repology_version","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-12067","https://nvd.nist.gov/vuln/detail/CVE-2019-12067","qemu","6.5","9.1.0","","","","2019A0000012067","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-12067","https://nvd.nist.gov/vuln/detail/CVE-2019-12067","qemu","6.5","9.1.1","","","","2019A0000012067","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-11644","https://nvd.nist.gov/vuln/detail/CVE-2019-11644","safe","7.8","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2019A0000011644","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-11644","https://nvd.nist.gov/vuln/detail/CVE-2019-11644","safe","7.8","0.3.21","0.3.21","0.3.21","haskell:safe","2019A0000011644","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-10010","https://nvd.nist.gov/vuln/detail/CVE-2019-10010","commonmark","6.1","0.2.6","0.2.6","0.2.6.1","haskell:commonmark","2019A0000010010","False","","err_not_vulnerable_based_on_repology","" @@ -1907,7 +1907,7 @@ https://github.com/NixOS/nixpkgs/pull/333926" https://github.com/NixOS/nixpkgs/pull/166451 https://github.com/NixOS/nixpkgs/pull/167084 https://github.com/NixOS/nixpkgs/pull/205374" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-18438","https://nvd.nist.gov/vuln/detail/CVE-2018-18438","qemu","5.5","9.1.0","","","","2018A0000018438","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-18438","https://nvd.nist.gov/vuln/detail/CVE-2018-18438","qemu","5.5","9.1.1","","","","2018A0000018438","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-14628","https://nvd.nist.gov/vuln/detail/CVE-2018-14628","samba","4.3","4.20.4","4.20.4","4.21.1","samba","2018A0000014628","False","","fix_not_available","https://github.com/NixOS/nixpkgs/pull/270419" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-13162","https://nvd.nist.gov/vuln/detail/CVE-2018-13162","alex","7.5","3.4.0.1","3.4.0.1","3.5.1.0","alex","2018A0000013162","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-7263","https://nvd.nist.gov/vuln/detail/CVE-2018-7263","libmad","9.8","0.15.1b","","","","2018A0000007263","True","Based on https://github.com/NixOS/nixpkgs/issues/57154, issue is fixed by https://github.com/NixOS/nixpkgs/commit/92edb0610923fab5a9dcc59b94652f1e8a5ea1ed.","err_missing_repology_version","" diff --git a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md index feb6565..dd4e5ed 100644 --- a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md +++ b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md @@ -6,7 +6,7 @@ SPDX-License-Identifier: CC-BY-SA-4.0 # Vulnerability Report -This vulnerability report is generated for Ghaf target `github:tiiuae/ghaf?ref=main#packages.x86_64-linux.lenovo-x1-carbon-gen11-debug` revision https://github.com/tiiuae/ghaf/commit/5d5ae6d5fcee689c6ca31488cc6ed054221eadfe. The tables on this page include known vulnerabilities impacting buildtime or runtime dependencies of the given target. +This vulnerability report is generated for Ghaf target `github:tiiuae/ghaf?ref=main#packages.x86_64-linux.lenovo-x1-carbon-gen11-debug` revision https://github.com/tiiuae/ghaf/commit/285596115982fd3eb53ebd358b1dbcc3c5128414. The tables on this page include known vulnerabilities impacting buildtime or runtime dependencies of the given target. This report is automatically generated as specified on the [Vulnerability Scan](../../.github/workflows/vulnerability-scan.yml) GitHub action workflow. It uses the tooling from [sbomnix](https://github.com/tiiuae/sbomnix) repository, such as [vulnxscan](https://github.com/tiiuae/sbomnix/tree/main/scripts/vulnxscan), as well as the manual analysis results maintained in the [manual_analysis.csv](../../manual_analysis.csv) file. @@ -46,7 +46,11 @@ Following table lists vulnerabilities currently impacting the Ghaf target that h Consider [whitelisting](../../manual_analysis.csv) possible false positives based on manual analysis, or - if determined valid - help nixpkgs community fix the following issues in nixpkgs: -```No vulnerabilities``` + +| vuln_id | package | severity | version_local | nix_unstable | upstream | comment | +|-----------------------------------------------------------------|-----------|------------|-----------------|----------------|------------|-----------| +| [CVE-2024-9287](https://nvd.nist.gov/vuln/detail/CVE-2024-9287) | python | | 2.7.18.8 | 3.13.0 | 3.13.0 | | + ## All Vulnerabilities Impacting Ghaf @@ -113,7 +117,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [CVE-2014-9830](https://nvd.nist.gov/vuln/detail/CVE-2014-9830) | imagemagick | 8.8 | 7.1.1-39 | 7.1.1-39 | 7.1.1.39 | | | [CVE-2014-9828](https://nvd.nist.gov/vuln/detail/CVE-2014-9828) | imagemagick | 8.8 | 7.1.1-39 | 7.1.1-39 | 7.1.1.39 | | | [CVE-2014-9827](https://nvd.nist.gov/vuln/detail/CVE-2014-9827) | imagemagick | 8.8 | 7.1.1-39 | 7.1.1-39 | 7.1.1.39 | | -| [CVE-2023-2680](https://nvd.nist.gov/vuln/detail/CVE-2023-2680) | qemu | 8.2 | 9.1.0 | 9.1.0 | 9.1.1 | *[[PR](https://github.com/NixOS/nixpkgs/pull/305402)]* | +| [CVE-2023-2680](https://nvd.nist.gov/vuln/detail/CVE-2023-2680) | qemu | 8.2 | 9.1.0 | 9.1.1 | 9.1.1 | *[[PR](https://github.com/NixOS/nixpkgs/pull/305402)]* | | [CVE-2023-39323](https://nvd.nist.gov/vuln/detail/CVE-2023-39323) | go | 8.1 | 1.21.0-linux-amd | 1.23.2 | 1.23.2 | | | [CVE-2023-24999](https://nvd.nist.gov/vuln/detail/CVE-2023-24999) | vault | 8.1 | 0.3.1.5-r8.cabal | 0.3.1.5 | 0.3.1.5 | *[[PR](https://github.com/NixOS/nixpkgs/pull/221835), [PR](https://github.com/NixOS/nixpkgs/pull/221841)]* | | [CVE-2023-24999](https://nvd.nist.gov/vuln/detail/CVE-2023-24999) | vault | 8.1 | 0.3.1.5 | 0.3.1.5 | 0.3.1.5 | *[[PR](https://github.com/NixOS/nixpkgs/pull/221835), [PR](https://github.com/NixOS/nixpkgs/pull/221841)]* | @@ -127,7 +131,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [CVE-2023-32643](https://nvd.nist.gov/vuln/detail/CVE-2023-32643) | glib | 7.8 | 0.18.5 | 0.13.11.0 | 0.13.11.0 | | | [CVE-2023-6597](https://nvd.nist.gov/vuln/detail/CVE-2023-6597) | python | 7.8 | 2.7.18.8 | 3.13.0 | 3.13.0 | *[[PR](https://github.com/NixOS/nixpkgs/pull/298006), [PR](https://github.com/NixOS/nixpkgs/pull/299123), [PR](https://github.com/NixOS/nixpkgs/pull/299125)]* | | [CVE-2023-1412](https://nvd.nist.gov/vuln/detail/CVE-2023-1412) | warp | 7.8 | 3.3.31 | 3.4.1 | 3.4.3 | | -| [CVE-2023-1386](https://nvd.nist.gov/vuln/detail/CVE-2023-1386) | qemu | 7.8 | 9.1.0 | 9.1.0 | 9.1.1 | Revisit when fixed upstream: [link](https://github.com/v9fs/linux/issues/29). | +| [CVE-2023-1386](https://nvd.nist.gov/vuln/detail/CVE-2023-1386) | qemu | 7.8 | 9.1.0 | 9.1.1 | 9.1.1 | Revisit when fixed upstream: [link](https://github.com/v9fs/linux/issues/29). | | [CVE-2023-0652](https://nvd.nist.gov/vuln/detail/CVE-2023-0652) | warp | 7.8 | 3.3.31 | 3.4.1 | 3.4.3 | | | [CVE-2022-45868](https://nvd.nist.gov/vuln/detail/CVE-2022-45868) | h2 | 7.8 | 0.4.6 | | | | | [CVE-2022-45868](https://nvd.nist.gov/vuln/detail/CVE-2022-45868) | h2 | 7.8 | 0.3.26 | | | | @@ -220,7 +224,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [CVE-2022-37967](https://nvd.nist.gov/vuln/detail/CVE-2022-37967) | samba | 7.2 | 4.20.4 | 4.20.4 | 4.21.1 | | | [CVE-2024-4030](https://nvd.nist.gov/vuln/detail/CVE-2024-4030) | python | 7.1 | 2.7.18.8 | 3.13.0 | 3.13.0 | | | [CVE-2022-26488](https://nvd.nist.gov/vuln/detail/CVE-2022-26488) | python | 7.0 | 2.7.18.8 | 3.13.0 | 3.13.0 | | -| [CVE-2024-6505](https://nvd.nist.gov/vuln/detail/CVE-2024-6505) | qemu | 6.8 | 9.1.0 | 9.1.0 | 9.1.1 | | +| [CVE-2024-6505](https://nvd.nist.gov/vuln/detail/CVE-2024-6505) | qemu | 6.8 | 9.1.0 | 9.1.1 | 9.1.1 | *[[PR](https://github.com/NixOS/nixpkgs/pull/351100)]* | | [CVE-2023-2754](https://nvd.nist.gov/vuln/detail/CVE-2023-2754) | warp | 6.8 | 3.3.31 | 3.4.1 | 3.4.3 | | | [CVE-2023-0620](https://nvd.nist.gov/vuln/detail/CVE-2023-0620) | vault | 6.7 | 0.3.1.5-r8.cabal | 0.3.1.5 | 0.3.1.5 | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]* | | [CVE-2023-0620](https://nvd.nist.gov/vuln/detail/CVE-2023-0620) | vault | 6.7 | 0.3.1.5 | 0.3.1.5 | 0.3.1.5 | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]* | @@ -269,7 +273,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [CVE-2021-23336](https://nvd.nist.gov/vuln/detail/CVE-2021-23336) | python | 5.9 | 2.7.18.8 | 3.13.0 | 3.13.0 | *[[PR](https://github.com/NixOS/nixpkgs/pull/117037), [PR](https://github.com/NixOS/nixpkgs/pull/117082), [PR](https://github.com/NixOS/nixpkgs/pull/118403), [PR](https://github.com/NixOS/nixpkgs/pull/226656), [PR](https://github.com/NixOS/nixpkgs/pull/333926)]* | | [CVE-2021-3572](https://nvd.nist.gov/vuln/detail/CVE-2021-3572) | pip | 5.7 | 20.3.4-source | 24.0 | 24.2 | | | [CVE-2024-24789](https://nvd.nist.gov/vuln/detail/CVE-2024-24789) | go | 5.5 | 1.21.0-linux-amd | 1.23.2 | 1.23.2 | *[[PR](https://github.com/NixOS/nixpkgs/pull/319485), [PR](https://github.com/NixOS/nixpkgs/pull/345737)]* | -| [CVE-2024-8354](https://nvd.nist.gov/vuln/detail/CVE-2024-8354) | qemu | 5.5 | 9.1.0 | 9.1.0 | 9.1.1 | | +| [CVE-2024-8354](https://nvd.nist.gov/vuln/detail/CVE-2024-8354) | qemu | 5.5 | 9.1.0 | 9.1.1 | 9.1.1 | | | [CVE-2024-6923](https://nvd.nist.gov/vuln/detail/CVE-2024-6923) | python | 5.5 | 2.7.18.8 | 3.13.0 | 3.13.0 | *[[PR](https://github.com/NixOS/nixpkgs/pull/335172)]* | | [CVE-2023-51258](https://nvd.nist.gov/vuln/detail/CVE-2023-51258) | yasm | 5.5 | 1.3.0 | 1.3.0 | 1.3.0 | | | [CVE-2023-32665](https://nvd.nist.gov/vuln/detail/CVE-2023-32665) | glib | 5.5 | 0.20.4 | | | | @@ -381,6 +385,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [CVE-2023-4016](https://nvd.nist.gov/vuln/detail/CVE-2023-4016) | procps | 3.3 | 3.3.17-binlore | | | See: [link](https://gitlab.com/procps-ng/procps/-/issues/297). Notice: repology package name is procps-ng: [link](https://repology.org/project/procps-ng/versions). *[[PR](https://github.com/NixOS/nixpkgs/pull/256065), [PR](https://github.com/NixOS/nixpkgs/pull/256150), [PR](https://github.com/NixOS/nixpkgs/pull/264266)]* | | [GHSA-pxg6-pf52-xh8x](https://osv.dev/GHSA-pxg6-pf52-xh8x) | cookie | | 0.4.6 | 0.5.0 | 0.5.0 | | | [GHSA-fwr7-v2mv-hh25](https://osv.dev/GHSA-fwr7-v2mv-hh25) | async | | 2.2.5 | 2.2.5 | 2.2.5 | | +| [CVE-2024-9287](https://nvd.nist.gov/vuln/detail/CVE-2024-9287) | python | | 2.7.18.8 | 3.13.0 | 3.13.0 | | | [MAL-2024-9233](https://osv.dev/MAL-2024-9233) | foldl | | 1.4.16 | 1.4.17 | 1.4.17 | | | [CVE-2024-9143](https://nvd.nist.gov/vuln/detail/CVE-2024-9143) | openssl | | 3.3.2 | 3.3.2 | 3.4.0 | | | [CVE-2024-8088](https://nvd.nist.gov/vuln/detail/CVE-2024-8088) | python | | 2.7.18.8 | 3.13.0 | 3.13.0 | | @@ -409,14 +414,14 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [OSV-2023-1344](https://osv.dev/OSV-2023-1344) | jq | | 1.7.1 | 1.7.1 | 1.7.1 | | | [OSV-2023-1329](https://osv.dev/OSV-2023-1329) | jq | | 1.7.1 | 1.7.1 | 1.7.1 | | | [OSV-2023-1307](https://osv.dev/OSV-2023-1307) | libbpf | | 1.4.6 | 1.4.6 | 1.4.6 | | -| [OSV-2023-1170](https://osv.dev/OSV-2023-1170) | vulkan-loader | | 1.3.290.0 | 1.3.290.0 | 1.3.299 | | +| [OSV-2023-1170](https://osv.dev/OSV-2023-1170) | vulkan-loader | | 1.3.290.0 | 1.3.290.0 | 1.3.300 | | | [OSV-2023-1129](https://osv.dev/OSV-2023-1129) | libheif | | 1.18.2 | 1.18.2 | 1.18.2 | | | [OSV-2023-877](https://osv.dev/OSV-2023-877) | libbpf | | 1.4.6 | 1.4.6 | 1.4.6 | | | [OSV-2023-862](https://osv.dev/OSV-2023-862) | gstreamer | | 1.24.7 | 1.24.7 | 1.24.8 | | | [OSV-2023-675](https://osv.dev/OSV-2023-675) | flac | | 1.4.3 | 1.4.3 | 1.4.3 | | | [OSV-2023-505](https://osv.dev/OSV-2023-505) | file | | 5.45 | 5.45 | 5.45 | Unclear if this is still valid. | | [OSV-2023-395](https://osv.dev/OSV-2023-395) | opensc | | 0.25.1 | 0.25.1 | 0.25.1 | | -| [OSV-2023-390](https://osv.dev/OSV-2023-390) | qemu | | 9.1.0 | 9.1.0 | 9.1.1 | Unclear if this is still valid. | +| [OSV-2023-390](https://osv.dev/OSV-2023-390) | qemu | | 9.1.0 | 9.1.1 | 9.1.1 | Unclear if this is still valid. | | [OSV-2023-364](https://osv.dev/OSV-2023-364) | hunspell | | 1.7.2 | 1.7.2 | 1.7.2 | | | [OSV-2023-327](https://osv.dev/OSV-2023-327) | hunspell | | 1.7.2 | 1.7.2 | 1.7.2 | | | [OSV-2023-298](https://osv.dev/OSV-2023-298) | cairo | | 1.18.2 | 1.17.13 | 1.17.13 | | @@ -426,7 +431,6 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [OSV-2022-1276](https://osv.dev/OSV-2022-1276) | openvpn | | 2.6.12 | 2.6.12 | 2.6.12 | | | [OSV-2022-1201](https://osv.dev/OSV-2022-1201) | opensc | | 0.25.1 | 0.25.1 | 0.25.1 | | | [OSV-2022-1188](https://osv.dev/OSV-2022-1188) | opensc | | 0.25.1 | 0.25.1 | 0.25.1 | | -| [OSV-2022-1108](https://osv.dev/OSV-2022-1108) | ruby | | 3.3.5 | 3.3.5 | 3.3.5 | | | [OSV-2022-908](https://osv.dev/OSV-2022-908) | bluez | | 5.78 | 5.78 | 5.78 | Unclear if this is still valid. | | [OSV-2022-896](https://osv.dev/OSV-2022-896) | libsass | | 3.6.6 | 3.6.6 | 3.6.6 | Unclear if this is still valid. | | [OSV-2022-882](https://osv.dev/OSV-2022-882) | hunspell | | 1.7.2 | 1.7.2 | 1.7.2 | | @@ -435,7 +439,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [OSV-2022-785](https://osv.dev/OSV-2022-785) | dnsmasq | | 2.90 | 2.90 | 2.90 | | | [OSV-2022-725](https://osv.dev/OSV-2022-725) | libjxl | | 0.10.3 | 0.10.3 | 0.11.0 | Unclear if this is still valid. | | [OSV-2022-608](https://osv.dev/OSV-2022-608) | libjxl | | 0.10.3 | 0.10.3 | 0.11.0 | Unclear if this is still valid. | -| [OSV-2022-581](https://osv.dev/OSV-2022-581) | qemu | | 9.1.0 | 9.1.0 | 9.1.1 | Unclear if this is still valid. | +| [OSV-2022-581](https://osv.dev/OSV-2022-581) | qemu | | 9.1.0 | 9.1.1 | 9.1.1 | Unclear if this is still valid. | | [OSV-2022-572](https://osv.dev/OSV-2022-572) | dnsmasq | | 2.90 | 2.90 | 2.90 | | | [OSV-2022-530](https://osv.dev/OSV-2022-530) | espeak-ng | | 1.51.1 | | | Unclear if this is still valid. | | [OSV-2022-524](https://osv.dev/OSV-2022-524) | ghostscript | | 10.04.0 | 10.04.0 | 10.04.0 | | @@ -540,6 +544,7 @@ Following table lists vulnerabilities that would otherwise have been included to | [CVE-2019-14860](https://nvd.nist.gov/vuln/detail/CVE-2019-14860) | fuse | 6.5 | 2.9.9-closefrom- | Incorrect package: Issue concerns redhat fuse ([link](https://developers.redhat.com/products/fuse/overview)) not libfuse [link](https://github.com/libfuse/libfuse/) which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives. | | [CVE-2019-14860](https://nvd.nist.gov/vuln/detail/CVE-2019-14860) | fuse | 6.5 | 2.9.9 | Incorrect package: Issue concerns redhat fuse ([link](https://developers.redhat.com/products/fuse/overview)) not libfuse [link](https://github.com/libfuse/libfuse/) which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives. | | [CVE-2019-14587](https://nvd.nist.gov/vuln/detail/CVE-2019-14587) | edk2 | 6.5 | 202408 | NVD data issue: CPE entry does not correctly state the version numbers. | +| [CVE-2019-12067](https://nvd.nist.gov/vuln/detail/CVE-2019-12067) | qemu | 6.5 | 9.1.1 | NVD data issue: CPE entry does not correctly state the version numbers. | | [CVE-2019-12067](https://nvd.nist.gov/vuln/detail/CVE-2019-12067) | qemu | 6.5 | 9.1.0 | NVD data issue: CPE entry does not correctly state the version numbers. | | [CVE-2016-2781](https://nvd.nist.gov/vuln/detail/CVE-2016-2781) | coreutils | 6.5 | 9.5 | NVD data issue: CPE entry does not correctly state the version numbers. | | [CVE-2021-39205](https://nvd.nist.gov/vuln/detail/CVE-2021-39205) | jitsi-meet | 6.1 | 1.0.8043 | Does not impact the version in nixpkgs as mentioned in [link](https://github.com/NixOS/nixpkgs/issues/142979#issuecomment-964291845). | @@ -566,12 +571,14 @@ Following table lists vulnerabilities that would otherwise have been included to | [CVE-2021-26945](https://nvd.nist.gov/vuln/detail/CVE-2021-26945) | openexr | 5.5 | 2.5.10 | Fix patch [link](https://github.com/AcademySoftwareFoundation/openexr/pull/930/commits/b73ec53bd24ba116d7bf48ebdc868301c596706e) modifies a file that is not available in openexr 2. Thus, the fix doesn't apply to 2.5.8. | | [CVE-2021-26260](https://nvd.nist.gov/vuln/detail/CVE-2021-26260) | openexr | 5.5 | 2.5.10 | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d) which went to 2.5.5. | | [CVE-2021-23215](https://nvd.nist.gov/vuln/detail/CVE-2021-23215) | openexr | 5.5 | 2.5.10 | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d) which went to 2.5.5. | +| [CVE-2021-20255](https://nvd.nist.gov/vuln/detail/CVE-2021-20255) | qemu | 5.5 | 9.1.1 | Upstream patch not merged: [link](https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html). No point fixing this in nixpkgs as long as it is not fixed upstream. | | [CVE-2021-20255](https://nvd.nist.gov/vuln/detail/CVE-2021-20255) | qemu | 5.5 | 9.1.0 | Upstream patch not merged: [link](https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html). No point fixing this in nixpkgs as long as it is not fixed upstream. | | [CVE-2021-3605](https://nvd.nist.gov/vuln/detail/CVE-2021-3605) | openexr | 5.5 | 2.5.10 | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7. | | [CVE-2021-3598](https://nvd.nist.gov/vuln/detail/CVE-2021-3598) | openexr | 5.5 | 2.5.10 | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7. | | [CVE-2019-20633](https://nvd.nist.gov/vuln/detail/CVE-2019-20633) | patch | 5.5 | 2.7.6 | Upstream patch is not merged: [link](https://savannah.gnu.org/bugs/index.php?56683). Not sure why this isn't fixed upstream. No point fixing this in nixpkgs as long as it is not fixed upstream. | | [CVE-2019-14562](https://nvd.nist.gov/vuln/detail/CVE-2019-14562) | edk2 | 5.5 | 202408 | NVD data issue: CPE entry does not correctly state the version numbers. | | [CVE-2019-6293](https://nvd.nist.gov/vuln/detail/CVE-2019-6293) | flex | 5.5 | 2.6.4 | NVD data issue: CPE entry does not correctly state the version numbers. | +| [CVE-2018-18438](https://nvd.nist.gov/vuln/detail/CVE-2018-18438) | qemu | 5.5 | 9.1.1 | NVD data issue: CPE entry does not correctly state the version numbers. | | [CVE-2018-18438](https://nvd.nist.gov/vuln/detail/CVE-2018-18438) | qemu | 5.5 | 9.1.0 | NVD data issue: CPE entry does not correctly state the version numbers. | | [CVE-2016-4493](https://nvd.nist.gov/vuln/detail/CVE-2016-4493) | libiberty | 5.5 | 13.3.0 | NVD data issue: CPE entry does not correctly state the version numbers. | | [CVE-2016-4491](https://nvd.nist.gov/vuln/detail/CVE-2016-4491) | libiberty | 5.5 | 13.3.0 | NVD data issue: CPE entry does not correctly state the version numbers. | @@ -593,6 +600,7 @@ Following table lists vulnerabilities that would otherwise have been included to | [GHSA-6898-wx94-8jq8](https://osv.dev/GHSA-6898-wx94-8jq8) | libnotify | | 0.8.3 | Incorrect package: Issue refers node-libnotify [link](https://github.com/mytrile/node-libnotify), whereas nixpkgs refers gnome-libnotify [link](https://gitlab.gnome.org/GNOME/libnotify). | | [OSV-2023-137](https://osv.dev/OSV-2023-137) | harfbuzz | | 9.0.0 | Based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56510#c2), the issue is fixed in range [link](https://github.com/harfbuzz/harfbuzz/compare/67e01c1292821e7b6fc2ab13acddb84ab41b2187...60841e26187576bff477c1a09ee2ffe544844abc) all of which have been merged in 7.1.0. | | [MAL-2022-4301](https://osv.dev/MAL-2022-4301) | libidn2 | | 2.3.7 | Incorrect package: Issue refers npm libidn2, whereas, nixpkgs refers libidn2 [link](https://gitlab.com/libidn/libidn2). | +| [OSV-2021-820](https://osv.dev/OSV-2021-820) | qemu | | 9.1.1 | Fixed based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2). | | [OSV-2021-820](https://osv.dev/OSV-2021-820) | qemu | | 9.1.0 | Fixed based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2). | | [OSV-2021-777](https://osv.dev/OSV-2021-777) | libxml2 | | 2.13.4 | Fixed by [link](https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f5ccada05ddd4a1ff8e399ad39fc7cd4bd33325), which went to 2.9.13. Therefore, this issue is fixed in 2.10.4. | | [CVE-2012-3509](https://nvd.nist.gov/vuln/detail/CVE-2012-3509) | libiberty | | 13.3.0 | NVD data issue: CPE entry does not correctly state the version numbers. |