Skip to content

Commit

Permalink
Automatic vulnerability report update
Browse files Browse the repository at this point in the history
  • Loading branch information
@henrirosten @github-actions
henrirosten authored and github-actions[bot] committed Jan 12, 2025
1 parent 8fc0384 commit 2a28f17
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 7 deletions.
2 changes: 1 addition & 1 deletion reports/main/data.csv
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
"target","flakeref","pintype","vuln_id","url","package","severity","version_local","version_nixpkgs","version_upstream","package_repology","sortcol","whitelist","whitelist_comment","classify","nixpkgs_pr"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-pxg6-pf52-xh8x","https://osv.dev/GHSA-pxg6-pf52-xh8x","cookie","","0.4.6","0.5.0","0.5.0","haskell:cookie","2024A1728000000","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-fwr7-v2mv-hh25","https://osv.dev/GHSA-fwr7-v2mv-hh25","async","","2.2.5","2.2.5","2.2.5","haskell:async","2024A1719187200","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-56732","https://nvd.nist.gov/vuln/detail/CVE-2024-56732","harfbuzz","8.8","10.0.1","10.1.0","10.1.0","harfbuzz","2024A0000056732","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-56732","https://nvd.nist.gov/vuln/detail/CVE-2024-56732","harfbuzz","8.8","10.0.1","10.1.0","10.2.0","harfbuzz","2024A0000056732","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-50613","https://nvd.nist.gov/vuln/detail/CVE-2024-50613","libsndfile","6.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050613","False","","fix_not_available",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-50612","https://nvd.nist.gov/vuln/detail/CVE-2024-50612","libsndfile","5.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050612","False","","fix_not_available",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-50602","https://nvd.nist.gov/vuln/detail/CVE-2024-50602","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2024A0000050602","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/354155"
Expand Down
8 changes: 2 additions & 6 deletions reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,11 +48,7 @@ Following table lists vulnerabilities currently impacting the Ghaf target that h

Consider [whitelisting](../../manual_analysis.csv) possible false positives based on manual analysis, or - if determined valid - help nixpkgs community fix the following issues in nixpkgs:


| vuln_id | package | severity | version_local | nix_unstable | upstream | comment |
|------------------------------------------------|---------------|------------|-----------------|----------------|------------|-----------|
| [OSV-2023-1170](https://osv.dev/OSV-2023-1170) | vulkan-loader | | 1.3.296.0 | 1.3.296.0 | 1.4.304 | |

```No vulnerabilities```


## All Vulnerabilities Impacting Ghaf
Expand Down Expand Up @@ -102,7 +98,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base
| [CVE-2024-21524](https://nvd.nist.gov/vuln/detail/CVE-2024-21524) | stringbuilder | 9.1 | 0.5.1 | 0.5.1 | 0.5.1 | |
| [CVE-2023-5841](https://nvd.nist.gov/vuln/detail/CVE-2023-5841) | openexr | 9.1 | 2.5.10 | 3.2.4 | 3.3.2 | *[[PR](https://github.com/NixOS/nixpkgs/pull/300526), [PR](https://github.com/NixOS/nixpkgs/pull/346060), [PR](https://github.com/NixOS/nixpkgs/pull/349220), [PR](https://github.com/NixOS/nixpkgs/pull/352826)]* |
| [CVE-2021-4048](https://nvd.nist.gov/vuln/detail/CVE-2021-4048) | lapack | 9.1 | 3 | 3.12.0 | 3.12.1 | *[[PR](https://github.com/NixOS/nixpkgs/pull/150788), [PR](https://github.com/NixOS/nixpkgs/pull/150906), [PR](https://github.com/NixOS/nixpkgs/pull/152147), [PR](https://github.com/NixOS/nixpkgs/pull/152359), [PR](https://github.com/NixOS/nixpkgs/pull/168777)]* |
| [CVE-2024-56732](https://nvd.nist.gov/vuln/detail/CVE-2024-56732) | harfbuzz | 8.8 | 10.0.1 | 10.1.0 | 10.1.0 | |
| [CVE-2024-56732](https://nvd.nist.gov/vuln/detail/CVE-2024-56732) | harfbuzz | 8.8 | 10.0.1 | 10.1.0 | 10.2.0 | |
| [CVE-2022-28872](https://nvd.nist.gov/vuln/detail/CVE-2022-28872) | safe | 8.8 | 0.3.21-r1.cabal | 0.3.21 | 0.3.21 | |
| [CVE-2022-28872](https://nvd.nist.gov/vuln/detail/CVE-2022-28872) | safe | 8.8 | 0.3.21 | 0.3.21 | 0.3.21 | |
| [CVE-2022-24394](https://nvd.nist.gov/vuln/detail/CVE-2022-24394) | network | 8.8 | 3.1.4.0-r1.cabal | 3.2.4.0 | 3.2.7.0 | |
Expand Down

0 comments on commit 2a28f17

Please sign in to comment.