Skip to content

Commit

Permalink
Automatic vulnerability report update
Browse files Browse the repository at this point in the history
  • Loading branch information
@henrirosten @github-actions
henrirosten authored and github-actions[bot] committed Aug 19, 2024
1 parent 3a7637a commit cebc204
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 8 deletions.
12 changes: 6 additions & 6 deletions reports/main/data.csv
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
"target","flakeref","pintype","vuln_id","url","package","severity","version_local","version_nixpkgs","version_upstream","package_repology","sortcol","whitelist","whitelist_comment","classify","nixpkgs_pr"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-fwr7-v2mv-hh25","https://osv.dev/GHSA-fwr7-v2mv-hh25","async","","2.2.5","2.2.5","2.2.5","haskell:async","2024A1719187200","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-41965","https://nvd.nist.gov/vuln/detail/CVE-2024-41965","vim","4.2","9.1.0595","9.1.0595","9.1.0679","vim","2024A0000041965","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-41965","https://nvd.nist.gov/vuln/detail/CVE-2024-41965","vim","4.2","9.1.0595","9.1.0595","9.1.0680","vim","2024A0000041965","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
https://github.com/NixOS/nixpkgs/pull/335269"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-41957","https://nvd.nist.gov/vuln/detail/CVE-2024-41957","vim","5.3","9.1.0595","9.1.0595","9.1.0679","vim","2024A0000041957","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-41957","https://nvd.nist.gov/vuln/detail/CVE-2024-41957","vim","5.3","9.1.0595","9.1.0595","9.1.0680","vim","2024A0000041957","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
https://github.com/NixOS/nixpkgs/pull/335269"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-35328","https://nvd.nist.gov/vuln/detail/CVE-2024-35328","libyaml","7.5","0.2.5","0.2.5","0.2.5","libyaml","2024A0000035328","False","","fix_not_available",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-35326","https://nvd.nist.gov/vuln/detail/CVE-2024-35326","libyaml","9.8","0.2.5","0.2.5","0.2.5","libyaml","2024A0000035326","False","","fix_not_available",""
Expand Down Expand Up @@ -455,9 +455,9 @@ https://github.com/NixOS/nixpkgs/pull/205374"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2002-0059","https://nvd.nist.gov/vuln/detail/CVE-2002-0059","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2002A0000000059","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-1999-0475","https://nvd.nist.gov/vuln/detail/CVE-1999-0475","procmail","","3.24","3.24","3.24","procmail","1999A0000000475","False","","fix_not_available",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-fwr7-v2mv-hh25","https://osv.dev/GHSA-fwr7-v2mv-hh25","async","","2.2.5","2.2.5","2.2.5","haskell:async","2024A1719187200","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-41965","https://nvd.nist.gov/vuln/detail/CVE-2024-41965","vim","4.2","9.1.0595","9.1.0595","9.1.0679","vim","2024A0000041965","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-41965","https://nvd.nist.gov/vuln/detail/CVE-2024-41965","vim","4.2","9.1.0595","9.1.0595","9.1.0680","vim","2024A0000041965","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
https://github.com/NixOS/nixpkgs/pull/335269"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-41957","https://nvd.nist.gov/vuln/detail/CVE-2024-41957","vim","5.3","9.1.0595","9.1.0595","9.1.0679","vim","2024A0000041957","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-41957","https://nvd.nist.gov/vuln/detail/CVE-2024-41957","vim","5.3","9.1.0595","9.1.0595","9.1.0680","vim","2024A0000041957","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
https://github.com/NixOS/nixpkgs/pull/335269"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-35328","https://nvd.nist.gov/vuln/detail/CVE-2024-35328","libyaml","7.5","0.2.5","0.2.5","0.2.5","libyaml","2024A0000035328","False","","fix_not_available",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-35326","https://nvd.nist.gov/vuln/detail/CVE-2024-35326","libyaml","9.8","0.2.5","0.2.5","0.2.5","libyaml","2024A0000035326","False","","fix_not_available",""
Expand Down Expand Up @@ -910,9 +910,9 @@ https://github.com/NixOS/nixpkgs/pull/205374"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2002-0059","https://nvd.nist.gov/vuln/detail/CVE-2002-0059","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2002A0000000059","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-1999-0475","https://nvd.nist.gov/vuln/detail/CVE-1999-0475","procmail","","3.24","3.24","3.24","procmail","1999A0000000475","False","","fix_not_available",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-fwr7-v2mv-hh25","https://osv.dev/GHSA-fwr7-v2mv-hh25","async","","2.2.5","2.2.5","2.2.5","haskell:async","2024A1719187200","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-41965","https://nvd.nist.gov/vuln/detail/CVE-2024-41965","vim","4.2","9.1.0595","9.1.0595","9.1.0679","vim","2024A0000041965","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-41965","https://nvd.nist.gov/vuln/detail/CVE-2024-41965","vim","4.2","9.1.0595","9.1.0595","9.1.0680","vim","2024A0000041965","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
https://github.com/NixOS/nixpkgs/pull/335269"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-41957","https://nvd.nist.gov/vuln/detail/CVE-2024-41957","vim","5.3","9.1.0595","9.1.0595","9.1.0679","vim","2024A0000041957","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-41957","https://nvd.nist.gov/vuln/detail/CVE-2024-41957","vim","5.3","9.1.0595","9.1.0595","9.1.0680","vim","2024A0000041957","False","","fix_update_to_version_upstream","https://github.com/NixOS/nixpkgs/pull/335213
https://github.com/NixOS/nixpkgs/pull/335269"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-35328","https://nvd.nist.gov/vuln/detail/CVE-2024-35328","libyaml","7.5","0.2.5","0.2.5","0.2.5","libyaml","2024A0000035328","False","","fix_not_available",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-35326","https://nvd.nist.gov/vuln/detail/CVE-2024-35326","libyaml","9.8","0.2.5","0.2.5","0.2.5","libyaml","2024A0000035326","False","","fix_not_available",""
Expand Down
4 changes: 2 additions & 2 deletions reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -240,7 +240,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base
| [CVE-2021-41802](https://nvd.nist.gov/vuln/detail/CVE-2021-41802) | vault | 5.4 | 0.3.1.5-r7.cabal | 0.3.1.5 | 0.3.1.5 | |
| [CVE-2021-41802](https://nvd.nist.gov/vuln/detail/CVE-2021-41802) | vault | 5.4 | 0.3.1.5 | 0.3.1.5 | 0.3.1.5 | |
| [CVE-2020-2136](https://nvd.nist.gov/vuln/detail/CVE-2020-2136) | git | 5.4 | 2.45.2 | 2.45.2 | 2.46.0 | *[[PR](https://github.com/NixOS/nixpkgs/pull/82872), [PR](https://github.com/NixOS/nixpkgs/pull/84664)]* |
| [CVE-2024-41957](https://nvd.nist.gov/vuln/detail/CVE-2024-41957) | vim | 5.3 | 9.1.0595 | 9.1.0595 | 9.1.0679 | *[[PR](https://github.com/NixOS/nixpkgs/pull/335213), [PR](https://github.com/NixOS/nixpkgs/pull/335269)]* |
| [CVE-2024-41957](https://nvd.nist.gov/vuln/detail/CVE-2024-41957) | vim | 5.3 | 9.1.0595 | 9.1.0595 | 9.1.0680 | *[[PR](https://github.com/NixOS/nixpkgs/pull/335213), [PR](https://github.com/NixOS/nixpkgs/pull/335269)]* |
| [CVE-2023-40217](https://nvd.nist.gov/vuln/detail/CVE-2023-40217) | python | 5.3 | 2.7.18.8 | 3.13.0rc1 | 3.12.5 | |
| [CVE-2023-7216](https://nvd.nist.gov/vuln/detail/CVE-2023-7216) | cpio | 5.3 | 2.15 | 2.15 | 2.15 | |
| [CVE-2022-41316](https://nvd.nist.gov/vuln/detail/CVE-2022-41316) | vault | 5.3 | 0.3.1.5-r7.cabal | 0.3.1.5 | 0.3.1.5 | |
Expand Down Expand Up @@ -272,7 +272,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base
| [CVE-2021-40834](https://nvd.nist.gov/vuln/detail/CVE-2021-40834) | safe | 4.3 | 0.3.21-r1.cabal | 0.3.21 | 0.3.21 | |
| [CVE-2021-40834](https://nvd.nist.gov/vuln/detail/CVE-2021-40834) | safe | 4.3 | 0.3.21 | 0.3.21 | 0.3.21 | |
| [CVE-2018-14628](https://nvd.nist.gov/vuln/detail/CVE-2018-14628) | samba | 4.3 | 4.20.1 | 4.20.1 | 4.20.4 | *[[PR](https://github.com/NixOS/nixpkgs/pull/270419)]* |
| [CVE-2024-41965](https://nvd.nist.gov/vuln/detail/CVE-2024-41965) | vim | 4.2 | 9.1.0595 | 9.1.0595 | 9.1.0679 | *[[PR](https://github.com/NixOS/nixpkgs/pull/335213), [PR](https://github.com/NixOS/nixpkgs/pull/335269)]* |
| [CVE-2024-41965](https://nvd.nist.gov/vuln/detail/CVE-2024-41965) | vim | 4.2 | 9.1.0595 | 9.1.0595 | 9.1.0680 | *[[PR](https://github.com/NixOS/nixpkgs/pull/335213), [PR](https://github.com/NixOS/nixpkgs/pull/335269)]* |
| [CVE-2021-33596](https://nvd.nist.gov/vuln/detail/CVE-2021-33596) | safe | 4.1 | 0.3.21-r1.cabal | 0.3.21 | 0.3.21 | |
| [CVE-2021-33596](https://nvd.nist.gov/vuln/detail/CVE-2021-33596) | safe | 4.1 | 0.3.21 | 0.3.21 | 0.3.21 | |
| [CVE-2023-28322](https://nvd.nist.gov/vuln/detail/CVE-2023-28322) | curl | 3.7 | 0.4.46 | | | *[[PR](https://github.com/NixOS/nixpkgs/pull/232531), [PR](https://github.com/NixOS/nixpkgs/pull/232535)]* |
Expand Down

0 comments on commit cebc204

Please sign in to comment.