diff --git a/reports/main/data.csv b/reports/main/data.csv index a3f5647..15200be 100644 --- a/reports/main/data.csv +++ b/reports/main/data.csv @@ -35,7 +35,8 @@ https://github.com/NixOS/nixpkgs/pull/339878" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5-r7.cabal","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8088","https://nvd.nist.gov/vuln/detail/CVE-2024-8088","python","","2.7.18.8","3.13.0rc2","3.12.6","python","2024A0000008088","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8006","https://nvd.nist.gov/vuln/detail/CVE-2024-8006","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2024A0000008006","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8006","https://nvd.nist.gov/vuln/detail/CVE-2024-8006","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2024A0000008006","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181 +https://github.com/NixOS/nixpkgs/pull/344303" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-7592","https://nvd.nist.gov/vuln/detail/CVE-2024-7592","python","7.5","2.7.18.8","3.13.0rc2","3.12.6","python","2024A0000007592","False","","fix_update_to_version_nixpkgs","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-7348","https://nvd.nist.gov/vuln/detail/CVE-2024-7348","postgresql","7.5","15.7","16.4","16.4","postgresql","2024A0000007348","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/334479" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-7272","https://nvd.nist.gov/vuln/detail/CVE-2024-7272","ffmpeg","8.8","4.4.4","","","","2024A0000007272","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/333021" @@ -124,7 +125,8 @@ https://github.com/NixOS/nixpkgs/pull/221841" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-24999","https://nvd.nist.gov/vuln/detail/CVE-2023-24999","vault","8.1","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000024999","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/221835 https://github.com/NixOS/nixpkgs/pull/221841" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-24329","https://nvd.nist.gov/vuln/detail/CVE-2023-24329","python","7.5","2.7.18.8","3.13.0rc2","3.12.6","python","2023A0000024329","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/236448" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-7256","https://nvd.nist.gov/vuln/detail/CVE-2023-7256","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2023A0000007256","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-7256","https://nvd.nist.gov/vuln/detail/CVE-2023-7256","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2023A0000007256","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181 +https://github.com/NixOS/nixpkgs/pull/344303" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-7216","https://nvd.nist.gov/vuln/detail/CVE-2023-7216","cpio","5.3","2.15","2.15","2.15","cpio","2023A0000007216","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","1.3.1","1.3.1","1.3.1","zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","0.6.3.0-r4.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology","" @@ -590,7 +592,8 @@ https://github.com/NixOS/nixpkgs/pull/339878" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5-r7.cabal","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8088","https://nvd.nist.gov/vuln/detail/CVE-2024-8088","python","","2.7.18.8","3.13.0rc2","3.12.6","python","2024A0000008088","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8006","https://nvd.nist.gov/vuln/detail/CVE-2024-8006","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2024A0000008006","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8006","https://nvd.nist.gov/vuln/detail/CVE-2024-8006","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2024A0000008006","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181 +https://github.com/NixOS/nixpkgs/pull/344303" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-7592","https://nvd.nist.gov/vuln/detail/CVE-2024-7592","python","7.5","2.7.18.8","3.13.0rc2","3.12.6","python","2024A0000007592","False","","fix_update_to_version_nixpkgs","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-7348","https://nvd.nist.gov/vuln/detail/CVE-2024-7348","postgresql","7.5","15.7","16.4","16.4","postgresql","2024A0000007348","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/334479" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-7272","https://nvd.nist.gov/vuln/detail/CVE-2024-7272","ffmpeg","8.8","4.4.4","","","","2024A0000007272","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/333021" @@ -679,7 +682,8 @@ https://github.com/NixOS/nixpkgs/pull/221841" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-24999","https://nvd.nist.gov/vuln/detail/CVE-2023-24999","vault","8.1","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000024999","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/221835 https://github.com/NixOS/nixpkgs/pull/221841" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-24329","https://nvd.nist.gov/vuln/detail/CVE-2023-24329","python","7.5","2.7.18.8","3.13.0rc2","3.12.6","python","2023A0000024329","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/236448" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-7256","https://nvd.nist.gov/vuln/detail/CVE-2023-7256","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2023A0000007256","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-7256","https://nvd.nist.gov/vuln/detail/CVE-2023-7256","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2023A0000007256","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181 +https://github.com/NixOS/nixpkgs/pull/344303" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-7216","https://nvd.nist.gov/vuln/detail/CVE-2023-7216","cpio","5.3","2.15","2.15","2.15","cpio","2023A0000007216","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","1.3.1","1.3.1","1.3.1","zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","0.6.3.0-r4.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology","" @@ -1127,7 +1131,8 @@ https://github.com/NixOS/nixpkgs/pull/339878" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5-r7.cabal","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8088","https://nvd.nist.gov/vuln/detail/CVE-2024-8088","python","","2.7.18.8","3.13.0rc2","3.12.6","python","2024A0000008088","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8006","https://nvd.nist.gov/vuln/detail/CVE-2024-8006","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2024A0000008006","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8006","https://nvd.nist.gov/vuln/detail/CVE-2024-8006","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2024A0000008006","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181 +https://github.com/NixOS/nixpkgs/pull/344303" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-7592","https://nvd.nist.gov/vuln/detail/CVE-2024-7592","python","7.5","2.7.18.8","3.13.0rc2","3.12.6","python","2024A0000007592","False","","fix_update_to_version_nixpkgs","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-6923","https://nvd.nist.gov/vuln/detail/CVE-2024-6923","python","5.5","2.7.18.8","3.13.0rc2","3.12.6","python","2024A0000006923","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/335172" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-6232","https://nvd.nist.gov/vuln/detail/CVE-2024-6232","python","7.5","2.7.18.8","3.13.0rc2","3.12.6","python","2024A0000006232","False","","fix_update_to_version_nixpkgs","" @@ -1204,7 +1209,8 @@ https://github.com/NixOS/nixpkgs/pull/221841" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-24999","https://nvd.nist.gov/vuln/detail/CVE-2023-24999","vault","8.1","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000024999","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/221835 https://github.com/NixOS/nixpkgs/pull/221841" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-24329","https://nvd.nist.gov/vuln/detail/CVE-2023-24329","python","7.5","2.7.18.8","3.13.0rc2","3.12.6","python","2023A0000024329","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/236448" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-7256","https://nvd.nist.gov/vuln/detail/CVE-2023-7256","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2023A0000007256","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-7256","https://nvd.nist.gov/vuln/detail/CVE-2023-7256","libpcap","4.4","1.10.4","1.10.4","1.10.5","libpcap","2023A0000007256","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/339181 +https://github.com/NixOS/nixpkgs/pull/344303" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-7216","https://nvd.nist.gov/vuln/detail/CVE-2023-7216","cpio","5.3","2.15","2.15","2.15","cpio","2023A0000007216","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","1.3.1","1.3.1","1.3.1","zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology","" diff --git a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md index 2134169..173bc18 100644 --- a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md +++ b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md @@ -6,7 +6,7 @@ SPDX-License-Identifier: CC-BY-SA-4.0 # Vulnerability Report -This vulnerability report is generated for Ghaf target `github:tiiuae/ghaf?ref=main#packages.x86_64-linux.lenovo-x1-carbon-gen11-debug` revision https://github.com/tiiuae/ghaf/commit/dcc041125ebe222fcff60115765541c7caf99e93. The tables on this page include known vulnerabilities impacting buildtime or runtime dependencies of the given target. +This vulnerability report is generated for Ghaf target `github:tiiuae/ghaf?ref=main#packages.x86_64-linux.lenovo-x1-carbon-gen11-debug` revision https://github.com/tiiuae/ghaf/commit/6c9f6cf38cb02a975fe9c9823ece0ffac61ab542. The tables on this page include known vulnerabilities impacting buildtime or runtime dependencies of the given target. This report is automatically generated as specified on the [Vulnerability Scan](../../.github/workflows/vulnerability-scan.yml) GitHub action workflow. It uses the tooling from [sbomnix](https://github.com/tiiuae/sbomnix) repository, such as [vulnxscan](https://github.com/tiiuae/sbomnix/tree/main/scripts/vulnxscan), as well as the manual analysis results maintained in the [manual_analysis.csv](../../manual_analysis.csv) file. @@ -331,8 +331,8 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [CVE-2024-43802](https://nvd.nist.gov/vuln/detail/CVE-2024-43802) | vim | 4.5 | 9.1.0595 | 9.1.0707 | 9.1.0741 | *[[PR](https://github.com/NixOS/nixpkgs/pull/338683)]* | | [CVE-2024-43790](https://nvd.nist.gov/vuln/detail/CVE-2024-43790) | vim | 4.5 | 9.1.0595 | 9.1.0707 | 9.1.0741 | | | [CVE-2024-43374](https://nvd.nist.gov/vuln/detail/CVE-2024-43374) | vim | 4.5 | 9.1.0595 | 9.1.0707 | 9.1.0741 | *[[PR](https://github.com/NixOS/nixpkgs/pull/335213), [PR](https://github.com/NixOS/nixpkgs/pull/335269)]* | -| [CVE-2024-8006](https://nvd.nist.gov/vuln/detail/CVE-2024-8006) | libpcap | 4.4 | 1.10.4 | 1.10.4 | 1.10.5 | *[[PR](https://github.com/NixOS/nixpkgs/pull/339181)]* | -| [CVE-2023-7256](https://nvd.nist.gov/vuln/detail/CVE-2023-7256) | libpcap | 4.4 | 1.10.4 | 1.10.4 | 1.10.5 | *[[PR](https://github.com/NixOS/nixpkgs/pull/339181)]* | +| [CVE-2024-8006](https://nvd.nist.gov/vuln/detail/CVE-2024-8006) | libpcap | 4.4 | 1.10.4 | 1.10.4 | 1.10.5 | *[[PR](https://github.com/NixOS/nixpkgs/pull/339181), [PR](https://github.com/NixOS/nixpkgs/pull/344303)]* | +| [CVE-2023-7256](https://nvd.nist.gov/vuln/detail/CVE-2023-7256) | libpcap | 4.4 | 1.10.4 | 1.10.4 | 1.10.5 | *[[PR](https://github.com/NixOS/nixpkgs/pull/339181), [PR](https://github.com/NixOS/nixpkgs/pull/344303)]* | | [CVE-2022-28873](https://nvd.nist.gov/vuln/detail/CVE-2022-28873) | safe | 4.3 | 0.3.21-r1.cabal | 0.3.21 | 0.3.21 | | | [CVE-2022-28873](https://nvd.nist.gov/vuln/detail/CVE-2022-28873) | safe | 4.3 | 0.3.21 | 0.3.21 | 0.3.21 | | | [CVE-2022-28870](https://nvd.nist.gov/vuln/detail/CVE-2022-28870) | safe | 4.3 | 0.3.21-r1.cabal | 0.3.21 | 0.3.21 | |