diff --git a/reports/main/data.csv b/reports/main/data.csv
index f949d9f..43f1c64 100644
--- a/reports/main/data.csv
+++ b/reports/main/data.csv
@@ -602,1209 +602,3 @@ https://github.com/NixOS/nixpkgs/pull/70425"
 https://github.com/NixOS/nixpkgs/pull/363310"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2002-0059","https://nvd.nist.gov/vuln/detail/CVE-2002-0059","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2002A0000000059","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-1999-0475","https://nvd.nist.gov/vuln/detail/CVE-1999-0475","procmail","","3.24","3.24","3.24","procmail","1999A0000000475","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-pxg6-pf52-xh8x","https://osv.dev/GHSA-pxg6-pf52-xh8x","cookie","","0.4.6","0.5.0","0.5.0","haskell:cookie","2024A1728000000","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-fwr7-v2mv-hh25","https://osv.dev/GHSA-fwr7-v2mv-hh25","async","","2.2.5","2.2.5","2.2.5","haskell:async","2024A1719187200","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-50613","https://nvd.nist.gov/vuln/detail/CVE-2024-50613","libsndfile","6.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050613","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-50612","https://nvd.nist.gov/vuln/detail/CVE-2024-50612","libsndfile","5.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050612","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-50602","https://nvd.nist.gov/vuln/detail/CVE-2024-50602","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2024A0000050602","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/354155"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47835","https://nvd.nist.gov/vuln/detail/CVE-2024-47835","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047835","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47834","https://nvd.nist.gov/vuln/detail/CVE-2024-47834","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047834","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47778","https://nvd.nist.gov/vuln/detail/CVE-2024-47778","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047778","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47777","https://nvd.nist.gov/vuln/detail/CVE-2024-47777","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047777","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47776","https://nvd.nist.gov/vuln/detail/CVE-2024-47776","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047776","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47775","https://nvd.nist.gov/vuln/detail/CVE-2024-47775","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047775","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47774","https://nvd.nist.gov/vuln/detail/CVE-2024-47774","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047774","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47615","https://nvd.nist.gov/vuln/detail/CVE-2024-47615","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047615","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47613","https://nvd.nist.gov/vuln/detail/CVE-2024-47613","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047613","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47607","https://nvd.nist.gov/vuln/detail/CVE-2024-47607","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047607","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47606","https://nvd.nist.gov/vuln/detail/CVE-2024-47606","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047606","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47603","https://nvd.nist.gov/vuln/detail/CVE-2024-47603","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047603","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47602","https://nvd.nist.gov/vuln/detail/CVE-2024-47602","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047602","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47601","https://nvd.nist.gov/vuln/detail/CVE-2024-47601","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047601","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47600","https://nvd.nist.gov/vuln/detail/CVE-2024-47600","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047600","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47599","https://nvd.nist.gov/vuln/detail/CVE-2024-47599","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047599","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47598","https://nvd.nist.gov/vuln/detail/CVE-2024-47598","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047598","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47597","https://nvd.nist.gov/vuln/detail/CVE-2024-47597","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047597","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47596","https://nvd.nist.gov/vuln/detail/CVE-2024-47596","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047596","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47546","https://nvd.nist.gov/vuln/detail/CVE-2024-47546","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047546","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47545","https://nvd.nist.gov/vuln/detail/CVE-2024-47545","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047545","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47544","https://nvd.nist.gov/vuln/detail/CVE-2024-47544","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047544","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47543","https://nvd.nist.gov/vuln/detail/CVE-2024-47543","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047543","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47542","https://nvd.nist.gov/vuln/detail/CVE-2024-47542","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047542","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47541","https://nvd.nist.gov/vuln/detail/CVE-2024-47541","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047541","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47540","https://nvd.nist.gov/vuln/detail/CVE-2024-47540","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047540","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47539","https://nvd.nist.gov/vuln/detail/CVE-2024-47539","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047539","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47538","https://nvd.nist.gov/vuln/detail/CVE-2024-47538","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047538","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47537","https://nvd.nist.gov/vuln/detail/CVE-2024-47537","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047537","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-24790","https://nvd.nist.gov/vuln/detail/CVE-2024-24790","go","9.8","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2024A0000024790","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/319485 
-https://github.com/NixOS/nixpkgs/pull/331906 
-https://github.com/NixOS/nixpkgs/pull/354124 
-https://github.com/NixOS/nixpkgs/pull/361606"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-24789","https://nvd.nist.gov/vuln/detail/CVE-2024-24789","go","5.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2024A0000024789","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/319485 
-https://github.com/NixOS/nixpkgs/pull/354124 
-https://github.com/NixOS/nixpkgs/pull/361606"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-23741","https://nvd.nist.gov/vuln/detail/CVE-2024-23741","hyper","9.8","1.5.0","","","","2024A0000023741","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-23741","https://nvd.nist.gov/vuln/detail/CVE-2024-23741","hyper","9.8","1.4.1","","","","2024A0000023741","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-21524","https://nvd.nist.gov/vuln/detail/CVE-2024-21524","stringbuilder","9.1","0.5.1","0.5.1","0.5.1","haskell:stringbuilder","2024A0000021524","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-21485","https://nvd.nist.gov/vuln/detail/CVE-2024-21485","dash","5.4","0.5.12","","","","2024A0000021485","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-11498","https://nvd.nist.gov/vuln/detail/CVE-2024-11498","libjxl","","0.11.0","0.11.0","0.11.1","libjxl","2024A0000011498","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/359791"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-11403","https://nvd.nist.gov/vuln/detail/CVE-2024-11403","libjxl","","0.11.0","0.11.0","0.11.1","libjxl","2024A0000011403","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/359791"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-11168","https://nvd.nist.gov/vuln/detail/CVE-2024-11168","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000011168","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-10041","https://nvd.nist.gov/vuln/detail/CVE-2024-10041","linux-pam","4.7","1.6.1","","","","2024A0000010041","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-9287","https://nvd.nist.gov/vuln/detail/CVE-2024-9287","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000009287","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","MAL-2024-9233","https://osv.dev/MAL-2024-9233","foldl","","1.4.17","1.4.17","1.4.18","haskell:foldl","2024A0000009233","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-9143","https://nvd.nist.gov/vuln/detail/CVE-2024-9143","openssl","4.3","3.3.2","3.3.2","3.4.0","openssl","2024A0000009143","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8354","https://nvd.nist.gov/vuln/detail/CVE-2024-8354","qemu","5.5","9.1.2","9.1.2","9.2.0","qemu","2024A0000008354","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-8088","https://nvd.nist.gov/vuln/detail/CVE-2024-8088","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000008088","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-7592","https://nvd.nist.gov/vuln/detail/CVE-2024-7592","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000007592","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-6923","https://nvd.nist.gov/vuln/detail/CVE-2024-6923","python","5.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000006923","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/335172"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-6505","https://nvd.nist.gov/vuln/detail/CVE-2024-6505","qemu","6.8","9.1.2","9.1.2","9.2.0","qemu","2024A0000006505","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/351100"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-6232","https://nvd.nist.gov/vuln/detail/CVE-2024-6232","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000006232","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-5642","https://nvd.nist.gov/vuln/detail/CVE-2024-5642","python","6.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000005642","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-4032","https://nvd.nist.gov/vuln/detail/CVE-2024-4032","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000004032","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-4030","https://nvd.nist.gov/vuln/detail/CVE-2024-4030","python","7.1","2.7.18.8","3.13.1","3.13.1","python","2024A0000004030","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-3219","https://nvd.nist.gov/vuln/detail/CVE-2024-3219","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000003219","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-1209","https://osv.dev/OSV-2024-1209","libxml2","","2.13.4","2.13.4","2.13.5","libxml2","2024A0000001209","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-1059","https://osv.dev/OSV-2024-1059","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000001059","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-1042","https://osv.dev/OSV-2024-1042","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000001042","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-983","https://osv.dev/OSV-2024-983","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000983","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-919","https://osv.dev/OSV-2024-919","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000919","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-861","https://osv.dev/OSV-2024-861","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000861","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-853","https://osv.dev/OSV-2024-853","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000853","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-831","https://osv.dev/OSV-2024-831","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000831","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-817","https://osv.dev/OSV-2024-817","libpcap","","1.10.5","1.10.5","1.10.5","libpcap","2024A0000000817","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-728","https://osv.dev/OSV-2024-728","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000728","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-678","https://osv.dev/OSV-2024-678","flac","","1.4.3","1.4.3","1.4.3","flac","2024A0000000678","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-677","https://osv.dev/OSV-2024-677","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000677","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-0450","https://nvd.nist.gov/vuln/detail/CVE-2024-0450","python","6.2","2.7.18.8","3.13.1","3.13.1","python","2024A0000000450","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/298006 
-https://github.com/NixOS/nixpkgs/pull/299123 
-https://github.com/NixOS/nixpkgs/pull/299125"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-440","https://osv.dev/OSV-2024-440","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000440","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","RUSTSEC-2024-0422","https://osv.dev/RUSTSEC-2024-0422","gtk-layer-shell","","0.9.0","0.9.0","0.9.0","gtk-layer-shell","2024A0000000422","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-0397","https://nvd.nist.gov/vuln/detail/CVE-2024-0397","python","7.4","2.7.18.8","3.13.1","3.13.1","python","2024A0000000397","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-396","https://osv.dev/OSV-2024-396","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000396","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-395","https://osv.dev/OSV-2024-395","libpcap","","1.10.5","1.10.5","1.10.5","libpcap","2024A0000000395","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","RUSTSEC-2024-0379","https://osv.dev/RUSTSEC-2024-0379","fast-float","","7.0.0","7.0.0","7.0.0","fast-float","2024A0000000379","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-371","https://osv.dev/OSV-2024-371","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000371","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-330","https://osv.dev/OSV-2024-330","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000330","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2024-233","https://osv.dev/OSV-2024-233","openh264","","2.4.1","2.4.1","2.5.0","openh264","2024A0000000233","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-6898-wx94-8jq8","https://osv.dev/GHSA-6898-wx94-8jq8","libnotify","","0.8.3","","","","2023A1694131200","True","Incorrect package: Issue refers node-libnotify https://github.com/mytrile/node-libnotify, whereas nixpkgs refers gnome-libnotify https://gitlab.gnome.org/GNOME/libnotify.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-gmwp-3pwc-3j3g","https://osv.dev/GHSA-gmwp-3pwc-3j3g","mockery","","0.3.5","0.3.5","0.3.5","haskell:mockery","2023A1690502400","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-vjrq-cg9x-rfjp","https://osv.dev/GHSA-vjrq-cg9x-rfjp","cookie","","0.4.6","0.5.0","0.5.0","haskell:cookie","2023A1686614400","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-9cp3-fh5x-xfcj","https://osv.dev/GHSA-9cp3-fh5x-xfcj","charset","","0.3.10","0.3.10","0.3.11","haskell:charset","2023A1680220800","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-52356","https://nvd.nist.gov/vuln/detail/CVE-2023-52356","libtiff","7.5","4.7.0","4.7.0","4.7.0","tiff","2023A0000052356","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-51258","https://nvd.nist.gov/vuln/detail/CVE-2023-51258","yasm","5.5","1.3.0","1.3.0","1.3.0","yasm","2023A0000051258","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-49292","https://nvd.nist.gov/vuln/detail/CVE-2023-49292","go","4.8","1.23.3","1.23.3","1.23.4","go","2023A0000049292","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-49292","https://nvd.nist.gov/vuln/detail/CVE-2023-49292","go","4.8","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000049292","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-46361","https://nvd.nist.gov/vuln/detail/CVE-2023-46361","jbig2dec","6.5","0.20","0.20","0.20","jbig2dec","2023A0000046361","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-45853","https://nvd.nist.gov/vuln/detail/CVE-2023-45853","zlib","9.8","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000045853","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262722 
-https://github.com/NixOS/nixpkgs/pull/263083"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-45853","https://nvd.nist.gov/vuln/detail/CVE-2023-45853","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000045853","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262722 
-https://github.com/NixOS/nixpkgs/pull/263083"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-44487","https://nvd.nist.gov/vuln/detail/CVE-2023-44487","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000044487","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262738 
-https://github.com/NixOS/nixpkgs/pull/263279 
-https://github.com/NixOS/nixpkgs/pull/278073 
-https://github.com/NixOS/nixpkgs/pull/286248 
-https://github.com/NixOS/nixpkgs/pull/298640"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-41940","https://nvd.nist.gov/vuln/detail/CVE-2023-41940","tap","5.4","1.0.1","0.77","0.77","texlive:tap","2023A0000041940","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-41330","https://nvd.nist.gov/vuln/detail/CVE-2023-41330","snappy","9.8","1.2.1","","","","2023A0000041330","True","Incorrect package: Issue concerns snappy php library: https://github.com/KnpLabs/snappy, whereas, nixpkgs ""snappy"" refers snappy compression library: https://google.github.io/snappy/. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-40217","https://nvd.nist.gov/vuln/detail/CVE-2023-40217","python","5.3","2.7.18.8","3.13.1","3.13.1","python","2023A0000040217","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-39325","https://nvd.nist.gov/vuln/detail/CVE-2023-39325","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039325","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262713 
-https://github.com/NixOS/nixpkgs/pull/300783"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-39323","https://nvd.nist.gov/vuln/detail/CVE-2023-39323","go","8.1","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039323","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-39322","https://nvd.nist.gov/vuln/detail/CVE-2023-39322","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039322","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-39321","https://nvd.nist.gov/vuln/detail/CVE-2023-39321","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039321","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-39320","https://nvd.nist.gov/vuln/detail/CVE-2023-39320","go","9.8","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039320","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-39319","https://nvd.nist.gov/vuln/detail/CVE-2023-39319","go","6.1","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039319","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-39318","https://nvd.nist.gov/vuln/detail/CVE-2023-39318","go","6.1","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039318","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-37769","https://nvd.nist.gov/vuln/detail/CVE-2023-37769","pixman","6.5","0.43.4","0.43.4","0.44.2","pixman","2023A0000037769","False","See: https://gitlab.freedesktop.org/pixman/pixman/-/issues/76: ""This somehow got assigned CVE-2023-37769, not sure why NVD keeps assigning CVEs like this. This is just a test executable"".","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-36632","https://nvd.nist.gov/vuln/detail/CVE-2023-36632","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2023A0000036632","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-33955","https://nvd.nist.gov/vuln/detail/CVE-2023-33955","console","5.3","0.15.8","0.1.0-unstable-2024-05-07","","ocaml:console","2023A0000033955","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-32665","https://nvd.nist.gov/vuln/detail/CVE-2023-32665","glib","5.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032665","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-32643","https://nvd.nist.gov/vuln/detail/CVE-2023-32643","glib","7.8","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032643","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-32636","https://nvd.nist.gov/vuln/detail/CVE-2023-32636","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032636","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-32611","https://nvd.nist.gov/vuln/detail/CVE-2023-32611","glib","5.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032611","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-31975","https://nvd.nist.gov/vuln/detail/CVE-2023-31975","yasm","3.3","1.3.0","","","","2023A0000031975","True","Memory leak in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-31974","https://nvd.nist.gov/vuln/detail/CVE-2023-31974","yasm","5.5","1.3.0","","","","2023A0000031974","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-31973","https://nvd.nist.gov/vuln/detail/CVE-2023-31973","yasm","5.5","1.3.0","","","","2023A0000031973","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-31972","https://nvd.nist.gov/vuln/detail/CVE-2023-31972","yasm","5.5","1.3.0","","","","2023A0000031972","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-30402","https://nvd.nist.gov/vuln/detail/CVE-2023-30402","yasm","5.5","1.3.0","","","","2023A0000030402","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-29499","https://nvd.nist.gov/vuln/detail/CVE-2023-29499","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000029499","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-28322","https://nvd.nist.gov/vuln/detail/CVE-2023-28322","curl","3.7","0.4.46","","","","2023A0000028322","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531 
-https://github.com/NixOS/nixpkgs/pull/232535"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-28321","https://nvd.nist.gov/vuln/detail/CVE-2023-28321","curl","5.9","0.4.46","","","","2023A0000028321","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531 
-https://github.com/NixOS/nixpkgs/pull/232535"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-28320","https://nvd.nist.gov/vuln/detail/CVE-2023-28320","curl","5.9","0.4.46","","","","2023A0000028320","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531 
-https://github.com/NixOS/nixpkgs/pull/232535"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-28319","https://nvd.nist.gov/vuln/detail/CVE-2023-28319","curl","7.5","0.4.46","","","","2023A0000028319","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-28115","https://nvd.nist.gov/vuln/detail/CVE-2023-28115","snappy","9.8","1.2.1","","","","2023A0000028115","True","Incorrect package: Issue concerns snappy php library: https://github.com/KnpLabs/snappy, whereas, nixpkgs ""snappy"" refers snappy compression library: https://google.github.io/snappy/. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-27043","https://nvd.nist.gov/vuln/detail/CVE-2023-27043","python","5.3","2.7.18.8","3.13.1","3.13.1","python","2023A0000027043","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/243074 
-https://github.com/NixOS/nixpkgs/pull/349408"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-26044","https://nvd.nist.gov/vuln/detail/CVE-2023-26044","http","5.3","1.1.0","","","","2023A0000026044","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-25000","https://nvd.nist.gov/vuln/detail/CVE-2023-25000","vault","4.7","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000025000","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-25000","https://nvd.nist.gov/vuln/detail/CVE-2023-25000","vault","4.7","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000025000","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-24999","https://nvd.nist.gov/vuln/detail/CVE-2023-24999","vault","8.1","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000024999","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/221835 
-https://github.com/NixOS/nixpkgs/pull/221841"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-24999","https://nvd.nist.gov/vuln/detail/CVE-2023-24999","vault","8.1","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000024999","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/221835 
-https://github.com/NixOS/nixpkgs/pull/221841"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-24329","https://nvd.nist.gov/vuln/detail/CVE-2023-24329","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2023A0000024329","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/236448 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-7216","https://nvd.nist.gov/vuln/detail/CVE-2023-7216","cpio","5.3","2.15","2.15","2.15","cpio","2023A0000007216","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","1.3.1","1.3.1","1.3.1","zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6597","https://nvd.nist.gov/vuln/detail/CVE-2023-6597","python","7.8","2.7.18.8","3.13.1","3.13.1","python","2023A0000006597","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/298006 
-https://github.com/NixOS/nixpkgs/pull/299123 
-https://github.com/NixOS/nixpkgs/pull/299125"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6337","https://nvd.nist.gov/vuln/detail/CVE-2023-6337","vault","7.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000006337","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/272492 
-https://github.com/NixOS/nixpkgs/pull/274068 
-https://github.com/NixOS/nixpkgs/pull/274071"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6337","https://nvd.nist.gov/vuln/detail/CVE-2023-6337","vault","7.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000006337","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/272492 
-https://github.com/NixOS/nixpkgs/pull/274068 
-https://github.com/NixOS/nixpkgs/pull/274071"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6277","https://nvd.nist.gov/vuln/detail/CVE-2023-6277","libtiff","6.5","4.7.0","4.7.0","4.7.0","tiff","2023A0000006277","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-6228","https://nvd.nist.gov/vuln/detail/CVE-2023-6228","libtiff","3.3","4.7.0","4.7.0","4.7.0","tiff","2023A0000006228","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-5841","https://nvd.nist.gov/vuln/detail/CVE-2023-5841","openexr","9.1","2.5.10","3.2.4","3.3.2","openexr","2023A0000005841","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/300526 
-https://github.com/NixOS/nixpkgs/pull/346060 
-https://github.com/NixOS/nixpkgs/pull/349220 
-https://github.com/NixOS/nixpkgs/pull/352826"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-5752","https://nvd.nist.gov/vuln/detail/CVE-2023-5752","pip","3.3","20.3.4-source","24.0","24.3.1","pip","2023A0000005752","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/276928"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-5341","https://nvd.nist.gov/vuln/detail/CVE-2023-5341","imagemagick","5.5","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2023A0000005341","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-4039","https://nvd.nist.gov/vuln/detail/CVE-2023-4039","gcc","4.8","13.3.0","13.3.0","14.2.0","gcc","2023A0000004039","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-3297","https://nvd.nist.gov/vuln/detail/CVE-2023-3297","accountsservice","7.8","23.13.9","23.13.9","23.13.9","accountsservice","2023A0000003297","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-2754","https://nvd.nist.gov/vuln/detail/CVE-2023-2754","warp","6.8","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000002754","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-2680","https://nvd.nist.gov/vuln/detail/CVE-2023-2680","qemu","7.5","9.1.2","9.1.2","9.2.0","qemu","2023A0000002680","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/305402"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-2121","https://nvd.nist.gov/vuln/detail/CVE-2023-2121","vault","5.4","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000002121","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/236911 
-https://github.com/NixOS/nixpkgs/pull/239559 
-https://github.com/NixOS/nixpkgs/pull/239571"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-2121","https://nvd.nist.gov/vuln/detail/CVE-2023-2121","vault","5.4","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000002121","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/236911 
-https://github.com/NixOS/nixpkgs/pull/239559 
-https://github.com/NixOS/nixpkgs/pull/239571"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-1862","https://nvd.nist.gov/vuln/detail/CVE-2023-1862","warp","7.3","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000001862","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-1412","https://nvd.nist.gov/vuln/detail/CVE-2023-1412","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000001412","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-1386","https://nvd.nist.gov/vuln/detail/CVE-2023-1386","qemu","3.3","9.1.2","9.1.2","9.2.0","qemu","2023A0000001386","False","Revisit when fixed upstream: https://github.com/v9fs/linux/issues/29.","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1344","https://osv.dev/OSV-2023-1344","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001344","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1329","https://osv.dev/OSV-2023-1329","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001329","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1307","https://osv.dev/OSV-2023-1307","libbpf","","1.4.7","1.4.7","1.5.0","libbpf","2023A0000001307","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-1129","https://osv.dev/OSV-2023-1129","libheif","","1.18.2","1.18.2","1.19.5","libheif","2023A0000001129","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-877","https://osv.dev/OSV-2023-877","libbpf","","1.4.7","1.4.7","1.5.0","libbpf","2023A0000000877","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-862","https://osv.dev/OSV-2023-862","gstreamer","","1.24.7","1.24.7","1.24.10","gstreamer","2023A0000000862","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-675","https://osv.dev/OSV-2023-675","flac","","1.4.3","1.4.3","1.4.3","flac","2023A0000000675","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-0665","https://nvd.nist.gov/vuln/detail/CVE-2023-0665","vault","6.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000665","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-0665","https://nvd.nist.gov/vuln/detail/CVE-2023-0665","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000665","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-0654","https://nvd.nist.gov/vuln/detail/CVE-2023-0654","warp","3.7","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000654","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-0652","https://nvd.nist.gov/vuln/detail/CVE-2023-0652","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000652","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-0620","https://nvd.nist.gov/vuln/detail/CVE-2023-0620","vault","6.7","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000620","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-0620","https://nvd.nist.gov/vuln/detail/CVE-2023-0620","vault","6.7","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000620","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-505","https://osv.dev/OSV-2023-505","file","","5.45","5.45","5.46","file","2023A0000000505","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-395","https://osv.dev/OSV-2023-395","opensc","","0.26.0","0.26.0","0.26.0","opensc","2023A0000000395","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-390","https://osv.dev/OSV-2023-390","qemu","","9.1.2","9.1.2","9.2.0","qemu","2023A0000000390","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-364","https://osv.dev/OSV-2023-364","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000364","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-327","https://osv.dev/OSV-2023-327","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000327","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-298","https://osv.dev/OSV-2023-298","cairo","","1.18.2","1.17.13","1.17.14","ruby:cairo","2023A0000000298","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2023-0238","https://nvd.nist.gov/vuln/detail/CVE-2023-0238","warp","5.5","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000238","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-197","https://osv.dev/OSV-2023-197","p11-kit","","0.25.5","0.25.5","0.25.5","p11-kit","2023A0000000197","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-137","https://osv.dev/OSV-2023-137","harfbuzz","","10.0.1","","","","2023A0000000137","True","Based on https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56510#c2, the issue is fixed in range https://github.com/harfbuzz/harfbuzz/compare/67e01c1292821e7b6fc2ab13acddb84ab41b2187...60841e26187576bff477c1a09ee2ffe544844abc all of which have been merged in 7.1.0.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-34","https://osv.dev/OSV-2023-34","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2023A0000000034","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2023-14","https://osv.dev/OSV-2023-14","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000014","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-48566","https://nvd.nist.gov/vuln/detail/CVE-2022-48566","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2022A0000048566","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-48565","https://nvd.nist.gov/vuln/detail/CVE-2022-48565","python","9.8","2.7.18.8","3.13.1","3.13.1","python","2022A0000048565","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-48564","https://nvd.nist.gov/vuln/detail/CVE-2022-48564","python","6.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000048564","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-48560","https://nvd.nist.gov/vuln/detail/CVE-2022-48560","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000048560","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-47524","https://nvd.nist.gov/vuln/detail/CVE-2022-47524","safe","5.4","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000047524","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-47524","https://nvd.nist.gov/vuln/detail/CVE-2022-47524","safe","5.4","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000047524","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-45868","https://nvd.nist.gov/vuln/detail/CVE-2022-45868","h2","7.8","0.4.6","","","","2022A0000045868","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-45061","https://nvd.nist.gov/vuln/detail/CVE-2022-45061","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000045061","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/201859 
-https://github.com/NixOS/nixpkgs/pull/204893 
-https://github.com/NixOS/nixpkgs/pull/204900 
-https://github.com/NixOS/nixpkgs/pull/204902 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-43552","https://nvd.nist.gov/vuln/detail/CVE-2022-43552","curl","5.9","0.4.46","","","","2022A0000043552","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/207158 
-https://github.com/NixOS/nixpkgs/pull/207162 
-https://github.com/NixOS/nixpkgs/pull/207165"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-43410","https://nvd.nist.gov/vuln/detail/CVE-2022-43410","mercurial","5.3","6.8.2","6.8.2","6.9","mercurial","2022A0000043410","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-43357","https://nvd.nist.gov/vuln/detail/CVE-2022-43357","sassc","7.5","3.6.2","3.6.2","3.6.2","sassc","2022A0000043357","False","","fix_not_available","https://github.com/NixOS/nixpkgs/pull/274726 
-https://github.com/NixOS/nixpkgs/pull/275599 
-https://github.com/NixOS/nixpkgs/pull/275878"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-42012","https://nvd.nist.gov/vuln/detail/CVE-2022-42012","dbus","6.5","1","1.14.10","1.16.0","dbus","2022A0000042012","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-42012","https://nvd.nist.gov/vuln/detail/CVE-2022-42012","dbus","6.5","0.9.7","1.14.10","1.16.0","dbus","2022A0000042012","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-42011","https://nvd.nist.gov/vuln/detail/CVE-2022-42011","dbus","6.5","1","1.14.10","1.16.0","dbus","2022A0000042011","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-42011","https://nvd.nist.gov/vuln/detail/CVE-2022-42011","dbus","6.5","0.9.7","1.14.10","1.16.0","dbus","2022A0000042011","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-42010","https://nvd.nist.gov/vuln/detail/CVE-2022-42010","dbus","6.5","1","1.14.10","1.16.0","dbus","2022A0000042010","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-42010","https://nvd.nist.gov/vuln/detail/CVE-2022-42010","dbus","6.5","0.9.7","1.14.10","1.16.0","dbus","2022A0000042010","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-41316","https://nvd.nist.gov/vuln/detail/CVE-2022-41316","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2022A0000041316","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-41316","https://nvd.nist.gov/vuln/detail/CVE-2022-41316","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2022A0000041316","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-40898","https://nvd.nist.gov/vuln/detail/CVE-2022-40898","wheel","7.5","0.37.1-source","0.44.0","0.45.1","python:wheel","2022A0000040898","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/210565 
-https://github.com/NixOS/nixpkgs/pull/361930 
-https://github.com/NixOS/nixpkgs/pull/362304"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-40897","https://nvd.nist.gov/vuln/detail/CVE-2022-40897","setuptools","5.9","44.0.0-source","75.1.1","75.6.0","python:setuptools","2022A0000040897","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/354579 
-https://github.com/NixOS/nixpkgs/pull/356664"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38663","https://nvd.nist.gov/vuln/detail/CVE-2022-38663","git","6.5","2.47.0","","","","2022A0000038663","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38164","https://nvd.nist.gov/vuln/detail/CVE-2022-38164","safe","6.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000038164","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38164","https://nvd.nist.gov/vuln/detail/CVE-2022-38164","safe","6.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038164","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38023","https://nvd.nist.gov/vuln/detail/CVE-2022-38023","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000038023","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37967","https://nvd.nist.gov/vuln/detail/CVE-2022-37967","samba","7.2","4.20.4","4.20.4","4.21.2","samba","2022A0000037967","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37966","https://nvd.nist.gov/vuln/detail/CVE-2022-37966","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000037966","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37434","https://nvd.nist.gov/vuln/detail/CVE-2022-37434","zlib","9.8","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2022A0000037434","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/185554 
-https://github.com/NixOS/nixpkgs/pull/185613 
-https://github.com/NixOS/nixpkgs/pull/185693 
-https://github.com/NixOS/nixpkgs/pull/185754 
-https://github.com/NixOS/nixpkgs/pull/186941"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37434","https://nvd.nist.gov/vuln/detail/CVE-2022-37434","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2022A0000037434","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/185554 
-https://github.com/NixOS/nixpkgs/pull/185613 
-https://github.com/NixOS/nixpkgs/pull/185693 
-https://github.com/NixOS/nixpkgs/pull/185754 
-https://github.com/NixOS/nixpkgs/pull/186941"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37416","https://nvd.nist.gov/vuln/detail/CVE-2022-37416","libmpeg2","6.5","0.5.1","","","","2022A0000037416","True","NVD data issue: concerns Android only.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-36884","https://nvd.nist.gov/vuln/detail/CVE-2022-36884","git","5.3","2.47.0","","","","2022A0000036884","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-36883","https://nvd.nist.gov/vuln/detail/CVE-2022-36883","git","7.5","2.47.0","","","","2022A0000036883","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-36882","https://nvd.nist.gov/vuln/detail/CVE-2022-36882","git","8.8","2.47.0","","","","2022A0000036882","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-36073","https://nvd.nist.gov/vuln/detail/CVE-2022-36073","rubygems","8.8","3.5.22","","","","2022A0000036073","True","Latest impacted version in 3.x is 3.0.4.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-36032","https://nvd.nist.gov/vuln/detail/CVE-2022-36032","http","5.3","1.1.0","","","","2022A0000036032","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-35252","https://nvd.nist.gov/vuln/detail/CVE-2022-35252","curl","3.7","0.4.46","","","","2022A0000035252","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/189083 
-https://github.com/NixOS/nixpkgs/pull/198730"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-32743","https://nvd.nist.gov/vuln/detail/CVE-2022-32743","samba","7.5","4.20.4","4.20.4","4.21.2","samba","2022A0000032743","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-32221","https://nvd.nist.gov/vuln/detail/CVE-2022-32221","curl","9.8","0.4.46","","","","2022A0000032221","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/198730"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-32206","https://nvd.nist.gov/vuln/detail/CVE-2022-32206","curl","6.5","0.4.46","","","","2022A0000032206","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/179314 
-https://github.com/NixOS/nixpkgs/pull/180021"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-30947","https://nvd.nist.gov/vuln/detail/CVE-2022-30947","git","7.5","2.47.0","","","","2022A0000030947","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28873","https://nvd.nist.gov/vuln/detail/CVE-2022-28873","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028873","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28873","https://nvd.nist.gov/vuln/detail/CVE-2022-28873","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028873","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28872","https://nvd.nist.gov/vuln/detail/CVE-2022-28872","safe","8.8","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028872","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28872","https://nvd.nist.gov/vuln/detail/CVE-2022-28872","safe","8.8","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028872","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28870","https://nvd.nist.gov/vuln/detail/CVE-2022-28870","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028870","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28870","https://nvd.nist.gov/vuln/detail/CVE-2022-28870","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028870","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28869","https://nvd.nist.gov/vuln/detail/CVE-2022-28869","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028869","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28869","https://nvd.nist.gov/vuln/detail/CVE-2022-28869","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028869","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28868","https://nvd.nist.gov/vuln/detail/CVE-2022-28868","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028868","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-28868","https://nvd.nist.gov/vuln/detail/CVE-2022-28868","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028868","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-27782","https://nvd.nist.gov/vuln/detail/CVE-2022-27782","curl","7.5","0.4.46","","","","2022A0000027782","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-27781","https://nvd.nist.gov/vuln/detail/CVE-2022-27781","curl","7.5","0.4.46","","","","2022A0000027781","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-27776","https://nvd.nist.gov/vuln/detail/CVE-2022-27776","curl","6.5","0.4.46","","","","2022A0000027776","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/170654 
-https://github.com/NixOS/nixpkgs/pull/170659"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-27470","https://nvd.nist.gov/vuln/detail/CVE-2022-27470","SDL_ttf","7.8","2.0.11","","","","2022A0000027470","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-26691","https://nvd.nist.gov/vuln/detail/CVE-2022-26691","cups","6.7","2.4.11","","","","2022A0000026691","True","Fixed in nixpkgs with PR: https://github.com/NixOS/nixpkgs/pull/174898.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-26488","https://nvd.nist.gov/vuln/detail/CVE-2022-26488","python","7.0","2.7.18.8","3.13.1","3.13.1","python","2022A0000026488","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-25883","https://nvd.nist.gov/vuln/detail/CVE-2022-25883","semver","7.5","1.0.23","1.0.0","7.6.3","semver","2022A0000025883","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-25883","https://nvd.nist.gov/vuln/detail/CVE-2022-25883","semver","7.5","1.0.22","1.0.0","7.6.3","semver","2022A0000025883","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24394","https://nvd.nist.gov/vuln/detail/CVE-2022-24394","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024394","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24394","https://nvd.nist.gov/vuln/detail/CVE-2022-24394","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024394","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24393","https://nvd.nist.gov/vuln/detail/CVE-2022-24393","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024393","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24393","https://nvd.nist.gov/vuln/detail/CVE-2022-24393","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024393","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24392","https://nvd.nist.gov/vuln/detail/CVE-2022-24392","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024392","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24392","https://nvd.nist.gov/vuln/detail/CVE-2022-24392","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024392","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24391","https://nvd.nist.gov/vuln/detail/CVE-2022-24391","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024391","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24391","https://nvd.nist.gov/vuln/detail/CVE-2022-24391","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024391","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24390","https://nvd.nist.gov/vuln/detail/CVE-2022-24390","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024390","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24390","https://nvd.nist.gov/vuln/detail/CVE-2022-24390","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024390","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24389","https://nvd.nist.gov/vuln/detail/CVE-2022-24389","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024389","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24389","https://nvd.nist.gov/vuln/detail/CVE-2022-24389","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024389","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24388","https://nvd.nist.gov/vuln/detail/CVE-2022-24388","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024388","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-24388","https://nvd.nist.gov/vuln/detail/CVE-2022-24388","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024388","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-4457","https://nvd.nist.gov/vuln/detail/CVE-2022-4457","warp","5.5","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000004457","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-4428","https://nvd.nist.gov/vuln/detail/CVE-2022-4428","warp","8.0","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000004428","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","MAL-2022-4301","https://osv.dev/MAL-2022-4301","libidn2","","2.3.7","","","","2022A0000004301","True","Incorrect package: Issue refers npm libidn2, whereas, nixpkgs refers libidn2 https://gitlab.com/libidn/libidn2.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-3512","https://nvd.nist.gov/vuln/detail/CVE-2022-3512","warp","8.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000003512","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-3320","https://nvd.nist.gov/vuln/detail/CVE-2022-3320","warp","9.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000003320","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-3219","https://nvd.nist.gov/vuln/detail/CVE-2022-3219","gnupg","3.3","2.4.5","","","","2022A0000003219","True","Fix patch is not accepted upstream: https://dev.gnupg.org/D556.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-3064","https://nvd.nist.gov/vuln/detail/CVE-2022-3064","yaml","7.5","0.11.11.2-r2.cabal","0.11.11.2","0.11.11.2","haskell:yaml","2022A0000003064","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-3064","https://nvd.nist.gov/vuln/detail/CVE-2022-3064","yaml","7.5","0.11.11.2","0.11.11.2","0.11.11.2","haskell:yaml","2022A0000003064","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-2225","https://nvd.nist.gov/vuln/detail/CVE-2022-2225","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000002225","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-2145","https://nvd.nist.gov/vuln/detail/CVE-2022-2145","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000002145","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-1615","https://nvd.nist.gov/vuln/detail/CVE-2022-1615","samba","5.5","4.20.4","4.20.4","4.21.2","samba","2022A0000001615","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-1276","https://osv.dev/OSV-2022-1276","openvpn","","2.6.12","2.6.12","2.6.12","openvpn","2022A0000001276","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-1201","https://osv.dev/OSV-2022-1201","opensc","","0.26.0","0.26.0","0.26.0","opensc","2022A0000001201","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-1188","https://osv.dev/OSV-2022-1188","opensc","","0.26.0","0.26.0","0.26.0","opensc","2022A0000001188","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-1108","https://osv.dev/OSV-2022-1108","ruby","","3.3.5","3.4.0-preview2","3.3.6","ruby","2022A0000001108","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-908","https://osv.dev/OSV-2022-908","bluez","","5.78","5.78","5.79","bluez","2022A0000000908","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-896","https://osv.dev/OSV-2022-896","libsass","","3.6.6","3.6.6","3.6.6","libsass","2022A0000000896","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-882","https://osv.dev/OSV-2022-882","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2022A0000000882","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-859","https://osv.dev/OSV-2022-859","bluez","","5.78","5.78","5.79","bluez","2022A0000000859","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-0856","https://nvd.nist.gov/vuln/detail/CVE-2022-0856","libcaca","6.5","0.99.beta20","","","","2022A0000000856","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-819","https://osv.dev/OSV-2022-819","libraw","","0.21.3","0.21.3","0.21.3","libraw","2022A0000000819","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-785","https://osv.dev/OSV-2022-785","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000785","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-725","https://osv.dev/OSV-2022-725","libjxl","","0.11.0","0.11.0","0.11.1","libjxl","2022A0000000725","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-608","https://osv.dev/OSV-2022-608","libjxl","","0.11.0","0.11.0","0.11.1","libjxl","2022A0000000608","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-581","https://osv.dev/OSV-2022-581","qemu","","9.1.2","9.1.2","9.2.0","qemu","2022A0000000581","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-572","https://osv.dev/OSV-2022-572","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000572","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-530","https://osv.dev/OSV-2022-530","espeak-ng","","1.51.1","","","","2022A0000000530","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-524","https://osv.dev/OSV-2022-524","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2022A0000000524","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-519","https://osv.dev/OSV-2022-519","espeak-ng","","1.51.1","","","","2022A0000000519","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-0486","https://nvd.nist.gov/vuln/detail/CVE-2022-0486","network","7.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000000486","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-0486","https://nvd.nist.gov/vuln/detail/CVE-2022-0486","network","7.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000000486","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-462","https://osv.dev/OSV-2022-462","espeak-ng","","1.51.1","","","","2022A0000000462","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-0391","https://nvd.nist.gov/vuln/detail/CVE-2022-0391","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000000391","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/203428 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-312","https://osv.dev/OSV-2022-312","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000312","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-193","https://osv.dev/OSV-2022-193","w3m","","0.5.3+git20230121","0.5.3+git20230121","0.5.3+git20230121","w3m","2022A0000000193","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2022-73","https://osv.dev/OSV-2022-73","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2022A0000000073","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-rjvj-673q-4hfw","https://osv.dev/GHSA-rjvj-673q-4hfw","traceroute","","2.1.6","","","","2021A1633305600","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-m75h-cghq-c8h5","https://osv.dev/GHSA-m75h-cghq-c8h5","libyaml","","0.1.4","0.1.4","0.1.4","haskell:libyaml","2021A1632355200","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","GHSA-pgcr-7wm4-mcv6","https://osv.dev/GHSA-pgcr-7wm4-mcv6","pem","","0.2.4","0.2.4","0.2.4","haskell:pem","2021A1628035200","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-46829","https://nvd.nist.gov/vuln/detail/CVE-2021-46829","gdk-pixbuf","7.8","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2021A0000046829","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/312036 
-https://github.com/NixOS/nixpkgs/pull/314686"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-46312","https://nvd.nist.gov/vuln/detail/CVE-2021-46312","djvulibre","6.5","3.5.28","3.5.28","3.5.28","djvulibre","2021A0000046312","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-46310","https://nvd.nist.gov/vuln/detail/CVE-2021-46310","djvulibre","6.5","3.5.28","3.5.28","3.5.28","djvulibre","2021A0000046310","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-45810","https://nvd.nist.gov/vuln/detail/CVE-2021-45810","globalprotect-openconnect","7.5","1.4.9","1.4.9","2.3.9","globalprotect-openconnect","2021A0000045810","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-45429","https://nvd.nist.gov/vuln/detail/CVE-2021-45429","yara","5.5","4.5.0","4.5.0","4.5.2","yara","2021A0000045429","False","","fix_not_available","https://github.com/NixOS/nixpkgs/pull/161127"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-44751","https://nvd.nist.gov/vuln/detail/CVE-2021-44751","safe","5.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000044751","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-44751","https://nvd.nist.gov/vuln/detail/CVE-2021-44751","safe","5.3","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000044751","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","BIT-lua-2021-43519","https://osv.dev/BIT-lua-2021-43519","lua","","5.2.4","5.4.7","5.4.7","lua","2021A0000043519","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-43519","https://nvd.nist.gov/vuln/detail/CVE-2021-43519","lua","5.5","5.2.4","5.4.7","5.4.7","lua","2021A0000043519","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195329 
-https://github.com/NixOS/nixpkgs/pull/195788"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-43138","https://nvd.nist.gov/vuln/detail/CVE-2021-43138","async","7.8","2.2.5-r2.cabal","2.2.5","2.2.5","haskell:async","2021A0000043138","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-43138","https://nvd.nist.gov/vuln/detail/CVE-2021-43138","async","7.8","2.2.5","2.2.5","2.2.5","haskell:async","2021A0000043138","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-41802","https://nvd.nist.gov/vuln/detail/CVE-2021-41802","vault","5.4","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000041802","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-41802","https://nvd.nist.gov/vuln/detail/CVE-2021-41802","vault","5.4","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000041802","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-40835","https://nvd.nist.gov/vuln/detail/CVE-2021-40835","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000040835","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-40835","https://nvd.nist.gov/vuln/detail/CVE-2021-40835","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000040835","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-40834","https://nvd.nist.gov/vuln/detail/CVE-2021-40834","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000040834","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-40834","https://nvd.nist.gov/vuln/detail/CVE-2021-40834","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000040834","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-39205","https://nvd.nist.gov/vuln/detail/CVE-2021-39205","jitsi-meet","6.1","1.0.8043","","","","2021A0000039205","True","Does not impact the version in nixpkgs as mentioned in https://github.com/NixOS/nixpkgs/issues/142979#issuecomment-964291845.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-38554","https://nvd.nist.gov/vuln/detail/CVE-2021-38554","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000038554","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-38554","https://nvd.nist.gov/vuln/detail/CVE-2021-38554","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000038554","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-35050","https://nvd.nist.gov/vuln/detail/CVE-2021-35050","network","7.5","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035050","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-35050","https://nvd.nist.gov/vuln/detail/CVE-2021-35050","network","7.5","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035050","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-35049","https://nvd.nist.gov/vuln/detail/CVE-2021-35049","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035049","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-35049","https://nvd.nist.gov/vuln/detail/CVE-2021-35049","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035049","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-35048","https://nvd.nist.gov/vuln/detail/CVE-2021-35048","network","9.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035048","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-35048","https://nvd.nist.gov/vuln/detail/CVE-2021-35048","network","9.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035048","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-35047","https://nvd.nist.gov/vuln/detail/CVE-2021-35047","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035047","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-35047","https://nvd.nist.gov/vuln/detail/CVE-2021-35047","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035047","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33596","https://nvd.nist.gov/vuln/detail/CVE-2021-33596","safe","4.1","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000033596","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33596","https://nvd.nist.gov/vuln/detail/CVE-2021-33596","safe","4.1","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000033596","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33595","https://nvd.nist.gov/vuln/detail/CVE-2021-33595","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000033595","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33595","https://nvd.nist.gov/vuln/detail/CVE-2021-33595","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000033595","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33594","https://nvd.nist.gov/vuln/detail/CVE-2021-33594","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000033594","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33594","https://nvd.nist.gov/vuln/detail/CVE-2021-33594","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000033594","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33506","https://nvd.nist.gov/vuln/detail/CVE-2021-33506","jitsi-meet","7.5","1.0.8043","","","","2021A0000033506","True","Fixed in nixpkgs as mentioned in https://github.com/NixOS/nixpkgs/issues/132134#issuecomment-890319135.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33468","https://nvd.nist.gov/vuln/detail/CVE-2021-33468","yasm","5.5","1.3.0","","","","2021A0000033468","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33467","https://nvd.nist.gov/vuln/detail/CVE-2021-33467","yasm","5.5","1.3.0","","","","2021A0000033467","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33466","https://nvd.nist.gov/vuln/detail/CVE-2021-33466","yasm","5.5","1.3.0","","","","2021A0000033466","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33465","https://nvd.nist.gov/vuln/detail/CVE-2021-33465","yasm","5.5","1.3.0","","","","2021A0000033465","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33464","https://nvd.nist.gov/vuln/detail/CVE-2021-33464","yasm","5.5","1.3.0","","","","2021A0000033464","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33463","https://nvd.nist.gov/vuln/detail/CVE-2021-33463","yasm","5.5","1.3.0","","","","2021A0000033463","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33462","https://nvd.nist.gov/vuln/detail/CVE-2021-33462","yasm","5.5","1.3.0","","","","2021A0000033462","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33461","https://nvd.nist.gov/vuln/detail/CVE-2021-33461","yasm","5.5","1.3.0","","","","2021A0000033461","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33460","https://nvd.nist.gov/vuln/detail/CVE-2021-33460","yasm","5.5","1.3.0","","","","2021A0000033460","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33459","https://nvd.nist.gov/vuln/detail/CVE-2021-33459","yasm","5.5","1.3.0","","","","2021A0000033459","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33458","https://nvd.nist.gov/vuln/detail/CVE-2021-33458","yasm","5.5","1.3.0","","","","2021A0000033458","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33457","https://nvd.nist.gov/vuln/detail/CVE-2021-33457","yasm","5.5","1.3.0","","","","2021A0000033457","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33456","https://nvd.nist.gov/vuln/detail/CVE-2021-33456","yasm","5.5","1.3.0","","","","2021A0000033456","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33455","https://nvd.nist.gov/vuln/detail/CVE-2021-33455","yasm","5.5","1.3.0","","","","2021A0000033455","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-33454","https://nvd.nist.gov/vuln/detail/CVE-2021-33454","yasm","5.5","1.3.0","","","","2021A0000033454","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-30499","https://nvd.nist.gov/vuln/detail/CVE-2021-30499","libcaca","7.8","0.99.beta20","","","","2021A0000030499","True","NVD data issue: CPE entry does not correctly state the version numbers. Issue is fixed in v0.99.beta20: https://github.com/cacalabs/libcaca/releases/tag/v0.99.beta20.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-28794","https://nvd.nist.gov/vuln/detail/CVE-2021-28794","ShellCheck","9.8","0.10.0","0.10.0","0.10.0","shellcheck","2021A0000028794","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-28153","https://nvd.nist.gov/vuln/detail/CVE-2021-28153","glib","5.3","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000028153","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-27400","https://nvd.nist.gov/vuln/detail/CVE-2021-27400","vault","7.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000027400","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/120155 
-https://github.com/NixOS/nixpkgs/pull/120157"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-27400","https://nvd.nist.gov/vuln/detail/CVE-2021-27400","vault","7.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000027400","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/120155 
-https://github.com/NixOS/nixpkgs/pull/120157"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-27219","https://nvd.nist.gov/vuln/detail/CVE-2021-27219","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000027219","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-27218","https://nvd.nist.gov/vuln/detail/CVE-2021-27218","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000027218","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-26945","https://nvd.nist.gov/vuln/detail/CVE-2021-26945","openexr","5.5","2.5.10","","","","2021A0000026945","True","Fix patch https://github.com/AcademySoftwareFoundation/openexr/pull/930/commits/b73ec53bd24ba116d7bf48ebdc868301c596706e modifies a file that is not available in openexr 2. Thus, the fix doesn't apply to 2.5.8.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-26720","https://nvd.nist.gov/vuln/detail/CVE-2021-26720","avahi","7.8","0.8","","","","2021A0000026720","True","False positive: issue refers avahi-daemon-check-dns.sh in the Debian avahi package. As such, the issue is specific to Debian and its derivatives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-26260","https://nvd.nist.gov/vuln/detail/CVE-2021-26260","openexr","5.5","2.5.10","","","","2021A0000026260","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d which went to 2.5.5.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-23336","https://nvd.nist.gov/vuln/detail/CVE-2021-23336","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2021A0000023336","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/117037 
-https://github.com/NixOS/nixpkgs/pull/117082 
-https://github.com/NixOS/nixpkgs/pull/118403 
-https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-23215","https://nvd.nist.gov/vuln/detail/CVE-2021-23215","openexr","5.5","2.5.10","","","","2021A0000023215","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d which went to 2.5.5.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-23169","https://nvd.nist.gov/vuln/detail/CVE-2021-23169","openexr","8.8","2.5.10","","","","2021A0000023169","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-21684","https://nvd.nist.gov/vuln/detail/CVE-2021-21684","git","6.1","2.47.0","","","","2021A0000021684","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-20255","https://nvd.nist.gov/vuln/detail/CVE-2021-20255","qemu","5.5","9.1.2","","","","2021A0000020255","True","Upstream patch not merged: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html. No point fixing this in nixpkgs as long as it is not fixed upstream.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-20240","https://nvd.nist.gov/vuln/detail/CVE-2021-20240","gdk-pixbuf","8.8","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2021A0000020240","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/312036 
-https://github.com/NixOS/nixpkgs/pull/314686"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-4336","https://nvd.nist.gov/vuln/detail/CVE-2021-4336","ninja","9.8","1.12.1","","","","2021A0000004336","True","Incorrect package: nixpkgs 'ninja' refers https://github.com/ninja-build/ninja, not https://github.com/ITRS-Group/monitor-ninja.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-4276","https://nvd.nist.gov/vuln/detail/CVE-2021-4276","hedgehog","8.8","1.4-r8.cabal","1.5","1.5","haskell:hedgehog","2021A0000004276","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/192632"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-4276","https://nvd.nist.gov/vuln/detail/CVE-2021-4276","hedgehog","8.8","1.4","1.5","1.5","haskell:hedgehog","2021A0000004276","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/192632"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-4235","https://nvd.nist.gov/vuln/detail/CVE-2021-4235","yaml","5.5","0.11.11.2-r2.cabal","0.11.11.2","0.11.11.2","haskell:yaml","2021A0000004235","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-4235","https://nvd.nist.gov/vuln/detail/CVE-2021-4235","yaml","5.5","0.11.11.2","0.11.11.2","0.11.11.2","haskell:yaml","2021A0000004235","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-4048","https://nvd.nist.gov/vuln/detail/CVE-2021-4048","lapack","9.1","3","3.12.0","3.12.0","lapack","2021A0000004048","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/150788 
-https://github.com/NixOS/nixpkgs/pull/150906 
-https://github.com/NixOS/nixpkgs/pull/152147 
-https://github.com/NixOS/nixpkgs/pull/152359 
-https://github.com/NixOS/nixpkgs/pull/168777"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-4034","https://nvd.nist.gov/vuln/detail/CVE-2021-4034","polkit","7.8","1.pam","124","125","polkit","2021A0000004034","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/155725 
-https://github.com/NixOS/nixpkgs/pull/156750 
-https://github.com/NixOS/nixpkgs/pull/156822 
-https://github.com/NixOS/nixpkgs/pull/295087"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-3800","https://nvd.nist.gov/vuln/detail/CVE-2021-3800","glib","5.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000003800","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-3733","https://nvd.nist.gov/vuln/detail/CVE-2021-3733","python","6.5","2.7.18.8","3.13.1","3.13.1","python","2021A0000003733","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/203428 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-3670","https://nvd.nist.gov/vuln/detail/CVE-2021-3670","samba","6.5","4.20.4","4.20.4","4.21.2","samba","2021A0000003670","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-3605","https://nvd.nist.gov/vuln/detail/CVE-2021-3605","openexr","5.5","2.5.10","","","","2021A0000003605","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-3598","https://nvd.nist.gov/vuln/detail/CVE-2021-3598","openexr","5.5","2.5.10","","","","2021A0000003598","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-3572","https://nvd.nist.gov/vuln/detail/CVE-2021-3572","pip","5.7","20.3.4-source","24.0","24.3.1","pip","2021A0000003572","False","","fix_update_to_version_nixpkgs",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-3177","https://nvd.nist.gov/vuln/detail/CVE-2021-3177","python","9.8","2.7.18.8","3.13.1","3.13.1","python","2021A0000003177","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/201859"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-3024","https://nvd.nist.gov/vuln/detail/CVE-2021-3024","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000003024","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2021-3024","https://nvd.nist.gov/vuln/detail/CVE-2021-3024","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000003024","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-1157","https://osv.dev/OSV-2021-1157","espeak-ng","","1.51.1","","","","2021A0000001157","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-1141","https://osv.dev/OSV-2021-1141","espeak-ng","","1.51.1","","","","2021A0000001141","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-1110","https://osv.dev/OSV-2021-1110","espeak-ng","","1.51.1","","","","2021A0000001110","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-1041","https://osv.dev/OSV-2021-1041","espeak-ng","","1.51.1","","","","2021A0000001041","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-1024","https://osv.dev/OSV-2021-1024","espeak-ng","","1.51.1","","","","2021A0000001024","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-820","https://osv.dev/OSV-2021-820","qemu","","9.1.2","","","","2021A0000000820","True","Fixed based on https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-802","https://osv.dev/OSV-2021-802","espeak-ng","","1.51.1","","","","2021A0000000802","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-787","https://osv.dev/OSV-2021-787","espeak-ng","","1.51.1","","","","2021A0000000787","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-777","https://osv.dev/OSV-2021-777","libxml2","","2.13.4","","","","2021A0000000777","True","Fixed by https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f5ccada05ddd4a1ff8e399ad39fc7cd4bd33325, which went to 2.9.13. Therefore, this issue is fixed in 2.10.4.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-765","https://osv.dev/OSV-2021-765","espeak-ng","","1.51.1","","","","2021A0000000765","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2021-508","https://osv.dev/OSV-2021-508","libsass","","3.6.6","3.6.6","3.6.6","libsass","2021A0000000508","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-35669","https://nvd.nist.gov/vuln/detail/CVE-2020-35669","http","6.1","0.2.12","0.3-0","0.4","lua:http","2020A0000035669","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-35457","https://nvd.nist.gov/vuln/detail/CVE-2020-35457","glib","7.8","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2020A0000035457","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-29385","https://nvd.nist.gov/vuln/detail/CVE-2020-29385","gdk-pixbuf","5.5","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2020A0000029385","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/106302 
-https://github.com/NixOS/nixpkgs/pull/111542 
-https://github.com/NixOS/nixpkgs/pull/312036 
-https://github.com/NixOS/nixpkgs/pull/314686"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-27748","https://nvd.nist.gov/vuln/detail/CVE-2020-27748","xdg-utils","6.5","1.2.1","1.2.1","1.2.1","xdg-utils","2020A0000027748","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-27569","https://nvd.nist.gov/vuln/detail/CVE-2020-27569","openvpn","7.5","2.6.12","2.6.12","2.6.12","openvpn","2020A0000027569","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-26304","https://nvd.nist.gov/vuln/detail/CVE-2020-26304","foundation","7.5","0.0.30","0.0.30","0.0.30","haskell:foundation","2020A0000026304","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-25594","https://nvd.nist.gov/vuln/detail/CVE-2020-25594","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2020A0000025594","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-25594","https://nvd.nist.gov/vuln/detail/CVE-2020-25594","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2020A0000025594","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-24490","https://nvd.nist.gov/vuln/detail/CVE-2020-24490","bluez","6.5","5.78","","","","2020A0000024490","True","Fixed in linux kernel (5.8) with: https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=a2ec905d1e160a33b2e210e45ad30445ef26ce0e.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-18781","https://nvd.nist.gov/vuln/detail/CVE-2020-18781","audiofile","5.5","0.3.6","0.3.6","0.3.6","audiofile","2020A0000018781","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-16194","https://nvd.nist.gov/vuln/detail/CVE-2020-16194","quote","5.3","1.0.37","","","","2020A0000016194","True","Incorrect package: Issue concerns prestashop product: https://prestashop.com/, whereas, nixpkgs ""quote"" refers rust package 'quote': https://docs.rs/quote/latest/quote/.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-16194","https://nvd.nist.gov/vuln/detail/CVE-2020-16194","quote","5.3","1.0.36","","","","2020A0000016194","True","Incorrect package: Issue concerns prestashop product: https://prestashop.com/, whereas, nixpkgs ""quote"" refers rust package 'quote': https://docs.rs/quote/latest/quote/.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-16194","https://nvd.nist.gov/vuln/detail/CVE-2020-16194","quote","5.3","1.0.35","","","","2020A0000016194","True","Incorrect package: Issue concerns prestashop product: https://prestashop.com/, whereas, nixpkgs ""quote"" refers rust package 'quote': https://docs.rs/quote/latest/quote/.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-13223","https://nvd.nist.gov/vuln/detail/CVE-2020-13223","vault","7.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2020A0000013223","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/91898 
-https://github.com/NixOS/nixpkgs/pull/92641"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-13223","https://nvd.nist.gov/vuln/detail/CVE-2020-13223","vault","7.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2020A0000013223","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/91898 
-https://github.com/NixOS/nixpkgs/pull/92641"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-11105","https://nvd.nist.gov/vuln/detail/CVE-2020-11105","cereal","9.8","0.5.8.3","0.5.8.3","0.5.8.3","haskell:cereal","2020A0000011105","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/121574 
-https://github.com/NixOS/nixpkgs/pull/84664"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-11104","https://nvd.nist.gov/vuln/detail/CVE-2020-11104","cereal","5.3","0.5.8.3","0.5.8.3","0.5.8.3","haskell:cereal","2020A0000011104","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-11021","https://nvd.nist.gov/vuln/detail/CVE-2020-11021","http-client","7.5","0.7.17","0.7.17","0.7.18","haskell:http-client","2020A0000011021","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-8284","https://nvd.nist.gov/vuln/detail/CVE-2020-8284","curl","3.7","0.4.46","","","","2020A0000008284","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/106452"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2020-2308","https://osv.dev/OSV-2020-2308","libheif","","1.18.2","1.18.2","1.19.5","libheif","2020A0000002308","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2020-2136","https://nvd.nist.gov/vuln/detail/CVE-2020-2136","git","5.4","2.47.0","2.47.0","2.47.1","git","2020A0000002136","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/82872 
-https://github.com/NixOS/nixpkgs/pull/84664"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2020-1420","https://osv.dev/OSV-2020-1420","libsass","","3.6.6","3.6.6","3.6.6","libsass","2020A0000001420","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","OSV-2020-862","https://osv.dev/OSV-2020-862","libsass","","3.6.6","3.6.6","3.6.6","libsass","2020A0000000862","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-1010258","https://nvd.nist.gov/vuln/detail/CVE-2019-1010258","nanosvg","6.5","0-unstable-2023-12-30","0-unstable-2023-12-30","20231202","nanosvg","2019A0001010258","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-1003010","https://nvd.nist.gov/vuln/detail/CVE-2019-1003010","git","4.3","2.47.0","","","","2019A0001003010","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-20633","https://nvd.nist.gov/vuln/detail/CVE-2019-20633","patch","5.5","2.7.6","","","","2019A0000020633","True","Upstream patch is not merged: https://savannah.gnu.org/bugs/index.php?56683. Not sure why this isn't fixed upstream. No point fixing this in nixpkgs as long as it is not fixed upstream.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-17178","https://nvd.nist.gov/vuln/detail/CVE-2019-17178","lodepng","7.5","3.10.1","","","","2019A0000017178","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14900","https://nvd.nist.gov/vuln/detail/CVE-2019-14900","fuse","6.5","3.16.2","","","","2019A0000014900","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14900","https://nvd.nist.gov/vuln/detail/CVE-2019-14900","fuse","6.5","2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9","","","","2019A0000014900","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14900","https://nvd.nist.gov/vuln/detail/CVE-2019-14900","fuse","6.5","2.9.9","","","","2019A0000014900","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14860","https://nvd.nist.gov/vuln/detail/CVE-2019-14860","fuse","6.5","3.16.2","","","","2019A0000014860","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14860","https://nvd.nist.gov/vuln/detail/CVE-2019-14860","fuse","6.5","2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9","","","","2019A0000014860","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14860","https://nvd.nist.gov/vuln/detail/CVE-2019-14860","fuse","6.5","2.9.9","","","","2019A0000014860","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14587","https://nvd.nist.gov/vuln/detail/CVE-2019-14587","edk2","6.5","202411","","","","2019A0000014587","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14586","https://nvd.nist.gov/vuln/detail/CVE-2019-14586","edk2","8.0","202411","","","","2019A0000014586","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14575","https://nvd.nist.gov/vuln/detail/CVE-2019-14575","edk2","7.8","202411","","","","2019A0000014575","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14563","https://nvd.nist.gov/vuln/detail/CVE-2019-14563","edk2","7.8","202411","","","","2019A0000014563","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14562","https://nvd.nist.gov/vuln/detail/CVE-2019-14562","edk2","5.5","202411","","","","2019A0000014562","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14559","https://nvd.nist.gov/vuln/detail/CVE-2019-14559","edk2","7.5","202411","","","","2019A0000014559","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-14553","https://nvd.nist.gov/vuln/detail/CVE-2019-14553","edk2","4.9","202411","","","","2019A0000014553","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-12749","https://nvd.nist.gov/vuln/detail/CVE-2019-12749","dbus","7.1","1","","","","2019A0000012749","True","Fixed with https://github.com/NixOS/nixpkgs/pull/63021 (dbus version '1' in nixpkgs currently refers 1.14.8).","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-12749","https://nvd.nist.gov/vuln/detail/CVE-2019-12749","dbus","7.1","0.9.7","","","","2019A0000012749","True","Fixed with https://github.com/NixOS/nixpkgs/pull/63021 (dbus version '1' in nixpkgs currently refers 1.14.8).","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-12067","https://nvd.nist.gov/vuln/detail/CVE-2019-12067","qemu","6.5","9.1.2","","","","2019A0000012067","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-11644","https://nvd.nist.gov/vuln/detail/CVE-2019-11644","safe","7.8","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2019A0000011644","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-11644","https://nvd.nist.gov/vuln/detail/CVE-2019-11644","safe","7.8","0.3.21","0.3.21","0.3.21","haskell:safe","2019A0000011644","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-10010","https://nvd.nist.gov/vuln/detail/CVE-2019-10010","commonmark","6.1","0.2.6.1","0.2.6.1","0.2.6.1","haskell:commonmark","2019A0000010010","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-9674","https://nvd.nist.gov/vuln/detail/CVE-2019-9674","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2019A0000009674","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-6470","https://nvd.nist.gov/vuln/detail/CVE-2019-6470","bind","7.5","9.18.28","","","","2019A0000006470","True","Not valid: https://github.com/NixOS/nixpkgs/issues/73617#issuecomment-569491606.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-6293","https://nvd.nist.gov/vuln/detail/CVE-2019-6293","flex","5.5","2.6.4","","","","2019A0000006293","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2019-5443","https://nvd.nist.gov/vuln/detail/CVE-2019-5443","curl","7.8","0.4.46","","","","2019A0000005443","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","RUSTSEC-2019-0006","https://osv.dev/RUSTSEC-2019-0006","ncurses","","6.4.20221231","6.4.20221231","6.5","ncurses","2019A0000000006","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2018-25032","https://nvd.nist.gov/vuln/detail/CVE-2018-25032","zlib","7.5","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2018A0000025032","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/165642 
-https://github.com/NixOS/nixpkgs/pull/166451 
-https://github.com/NixOS/nixpkgs/pull/167084 
-https://github.com/NixOS/nixpkgs/pull/205374"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2018-18438","https://nvd.nist.gov/vuln/detail/CVE-2018-18438","qemu","5.5","9.1.2","","","","2018A0000018438","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2018-14628","https://nvd.nist.gov/vuln/detail/CVE-2018-14628","samba","4.3","4.20.4","4.20.4","4.21.2","samba","2018A0000014628","False","","fix_not_available","https://github.com/NixOS/nixpkgs/pull/270419"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2018-13162","https://nvd.nist.gov/vuln/detail/CVE-2018-13162","alex","7.5","3.4.0.1","3.4.0.1","3.5.1.0","alex","2018A0000013162","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2018-7263","https://nvd.nist.gov/vuln/detail/CVE-2018-7263","libmad","9.8","0.15.1b","","","","2018A0000007263","True","Based on https://github.com/NixOS/nixpkgs/issues/57154, issue is fixed by https://github.com/NixOS/nixpkgs/commit/92edb0610923fab5a9dcc59b94652f1e8a5ea1ed.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2018-6553","https://nvd.nist.gov/vuln/detail/CVE-2018-6553","cups","8.8","2.4.11","","","","2018A0000006553","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2018-5996","https://nvd.nist.gov/vuln/detail/CVE-2018-5996","p7zip","7.8","17.05","17.05","17.05","p7zip","2018A0000005996","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2017-18589","https://nvd.nist.gov/vuln/detail/CVE-2017-18589","cookie","7.5","0.4.6","0.5.0","0.5.0","haskell:cookie","2017A0000018589","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2017-18207","https://nvd.nist.gov/vuln/detail/CVE-2017-18207","python","6.5","2.7.18.8","3.13.1","3.13.1","python","2017A0000018207","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2017-17969","https://nvd.nist.gov/vuln/detail/CVE-2017-17969","p7zip","7.8","17.05","17.05","17.05","p7zip","2017A0000017969","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2017-17522","https://nvd.nist.gov/vuln/detail/CVE-2017-17522","python","8.8","2.7.18.8","3.13.1","3.13.1","python","2017A0000017522","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2017-12652","https://nvd.nist.gov/vuln/detail/CVE-2017-12652","libpng","9.8","1.2.59","1.6.43","1.6.44","libpng","2017A0000012652","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253 
-https://github.com/NixOS/nixpkgs/pull/70286 
-https://github.com/NixOS/nixpkgs/pull/70423 
-https://github.com/NixOS/nixpkgs/pull/70425"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2017-5628","https://nvd.nist.gov/vuln/detail/CVE-2017-5628","mujs","7.8","1.3.5","","","","2017A0000005628","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2017-5627","https://nvd.nist.gov/vuln/detail/CVE-2017-5627","mujs","7.8","1.3.5","","","","2017A0000005627","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2017-5506","https://nvd.nist.gov/vuln/detail/CVE-2017-5506","imagemagick","7.8","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2017A0000005506","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2017-5436","https://nvd.nist.gov/vuln/detail/CVE-2017-5436","graphite2","8.8","1.3.14","","","","2017A0000005436","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-10141","https://nvd.nist.gov/vuln/detail/CVE-2016-10141","mujs","9.8","1.3.5","","","","2016A0000010141","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-10133","https://nvd.nist.gov/vuln/detail/CVE-2016-10133","mujs","9.8","1.3.5","","","","2016A0000010133","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-10132","https://nvd.nist.gov/vuln/detail/CVE-2016-10132","mujs","7.5","1.3.5","","","","2016A0000010132","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-10062","https://nvd.nist.gov/vuln/detail/CVE-2016-10062","imagemagick","5.5","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2016A0000010062","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-9294","https://nvd.nist.gov/vuln/detail/CVE-2016-9294","mujs","7.5","1.3.5","","","","2016A0000009294","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-9136","https://nvd.nist.gov/vuln/detail/CVE-2016-9136","mujs","7.5","1.3.5","","","","2016A0000009136","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-9109","https://nvd.nist.gov/vuln/detail/CVE-2016-9109","mujs","7.5","1.3.5","","","","2016A0000009109","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-9108","https://nvd.nist.gov/vuln/detail/CVE-2016-9108","mujs","7.5","1.3.5","","","","2016A0000009108","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-9017","https://nvd.nist.gov/vuln/detail/CVE-2016-9017","mujs","7.5","1.3.5","","","","2016A0000009017","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-7564","https://nvd.nist.gov/vuln/detail/CVE-2016-7564","mujs","7.5","1.3.5","","","","2016A0000007564","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-7563","https://nvd.nist.gov/vuln/detail/CVE-2016-7563","mujs","7.5","1.3.5","","","","2016A0000007563","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-7538","https://nvd.nist.gov/vuln/detail/CVE-2016-7538","imagemagick","6.5","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2016A0000007538","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-7506","https://nvd.nist.gov/vuln/detail/CVE-2016-7506","mujs","7.5","1.3.5","","","","2016A0000007506","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-7504","https://nvd.nist.gov/vuln/detail/CVE-2016-7504","mujs","9.8","1.3.5","","","","2016A0000007504","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-6131","https://nvd.nist.gov/vuln/detail/CVE-2016-6131","libiberty","7.5","13.3.0","","","","2016A0000006131","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-4493","https://nvd.nist.gov/vuln/detail/CVE-2016-4493","libiberty","5.5","13.3.0","","","","2016A0000004493","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-4492","https://nvd.nist.gov/vuln/detail/CVE-2016-4492","libiberty","4.4","13.3.0","","","","2016A0000004492","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-4491","https://nvd.nist.gov/vuln/detail/CVE-2016-4491","libiberty","5.5","13.3.0","","","","2016A0000004491","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-4490","https://nvd.nist.gov/vuln/detail/CVE-2016-4490","libiberty","5.5","13.3.0","","","","2016A0000004490","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-4489","https://nvd.nist.gov/vuln/detail/CVE-2016-4489","libiberty","5.5","13.3.0","","","","2016A0000004489","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-4488","https://nvd.nist.gov/vuln/detail/CVE-2016-4488","libiberty","5.5","13.3.0","","","","2016A0000004488","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-4487","https://nvd.nist.gov/vuln/detail/CVE-2016-4487","libiberty","5.5","13.3.0","","","","2016A0000004487","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-3751","https://nvd.nist.gov/vuln/detail/CVE-2016-3751","libpng","7.8","1.2.59","1.6.43","1.6.44","libpng","2016A0000003751","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-2781","https://nvd.nist.gov/vuln/detail/CVE-2016-2781","coreutils","6.5","9.5","","","","2016A0000002781","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2016-2226","https://nvd.nist.gov/vuln/detail/CVE-2016-2226","libiberty","7.8","13.3.0","","","","2016A0000002226","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2015-7777","https://nvd.nist.gov/vuln/detail/CVE-2015-7777","void","","0.7.3","0.7.3","0.7.3","haskell:void","2015A0000007777","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2015-7313","https://nvd.nist.gov/vuln/detail/CVE-2015-7313","libtiff","5.5","4.7.0","","","","2015A0000007313","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2015-5652","https://nvd.nist.gov/vuln/detail/CVE-2015-5652","python","","2.7.18.8","3.13.1","3.13.1","python","2015A0000005652","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2015-4156","https://nvd.nist.gov/vuln/detail/CVE-2015-4156","parallel","","3.2.2.0","3.2.2.0","3.2.2.0","haskell:parallel","2015A0000004156","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2015-4155","https://nvd.nist.gov/vuln/detail/CVE-2015-4155","parallel","","3.2.2.0","3.2.2.0","3.2.2.0","haskell:parallel","2015A0000004155","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2015-0973","https://nvd.nist.gov/vuln/detail/CVE-2015-0973","libpng","","1.2.59","1.6.43","1.6.44","libpng","2015A0000000973","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2014-9826","https://nvd.nist.gov/vuln/detail/CVE-2014-9826","imagemagick","9.8","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2014A0000009826","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2014-9495","https://nvd.nist.gov/vuln/detail/CVE-2014-9495","libpng","","1.2.59","1.6.43","1.6.44","libpng","2014A0000009495","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2014-4860","https://nvd.nist.gov/vuln/detail/CVE-2014-4860","edk2","6.8","202411","","","","2014A0000004860","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2014-4859","https://nvd.nist.gov/vuln/detail/CVE-2014-4859","edk2","6.8","202411","","","","2014A0000004859","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2014-2525","https://nvd.nist.gov/vuln/detail/CVE-2014-2525","libyaml","","0.1.4","0.1.4","0.1.4","haskell:libyaml","2014A0000002525","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2013-7354","https://nvd.nist.gov/vuln/detail/CVE-2013-7354","libpng","","1.2.59","1.6.43","1.6.44","libpng","2013A0000007354","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2013-7353","https://nvd.nist.gov/vuln/detail/CVE-2013-7353","libpng","","1.2.59","1.6.43","1.6.44","libpng","2013A0000007353","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2013-6954","https://nvd.nist.gov/vuln/detail/CVE-2013-6954","libpng","","1.2.59","1.6.43","1.6.44","libpng","2013A0000006954","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2013-6393","https://nvd.nist.gov/vuln/detail/CVE-2013-6393","libyaml","","0.1.4","0.1.4","0.1.4","haskell:libyaml","2013A0000006393","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2012-3509","https://nvd.nist.gov/vuln/detail/CVE-2012-3509","libiberty","","13.3.0","","","","2012A0000003509","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2011-3045","https://nvd.nist.gov/vuln/detail/CVE-2011-3045","libpng","","1.2.59","1.6.43","1.6.44","libpng","2011A0000003045","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2011-2411","https://nvd.nist.gov/vuln/detail/CVE-2011-2411","samba","","4.20.4","4.20.4","4.21.2","samba","2011A0000002411","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2010-4226","https://nvd.nist.gov/vuln/detail/CVE-2010-4226","cpio","","2.15","","","","2010A0000004226","True","NVD data issue: concerns OpenSuSE, not cpio.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2007-4559","https://nvd.nist.gov/vuln/detail/CVE-2007-4559","python","","2.7.18.8","3.13.1","3.13.1","python","2007A0000004559","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2002-0059","https://nvd.nist.gov/vuln/detail/CVE-2002-0059","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2002A0000000059","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-1999-0475","https://nvd.nist.gov/vuln/detail/CVE-1999-0475","procmail","","3.24","3.24","3.24","procmail","1999A0000000475","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-pxg6-pf52-xh8x","https://osv.dev/GHSA-pxg6-pf52-xh8x","cookie","","0.4.6","0.5.0","0.5.0","haskell:cookie","2024A1728000000","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-fwr7-v2mv-hh25","https://osv.dev/GHSA-fwr7-v2mv-hh25","async","","2.2.5","2.2.5","2.2.5","haskell:async","2024A1719187200","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-50613","https://nvd.nist.gov/vuln/detail/CVE-2024-50613","libsndfile","6.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050613","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-50612","https://nvd.nist.gov/vuln/detail/CVE-2024-50612","libsndfile","5.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050612","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-50602","https://nvd.nist.gov/vuln/detail/CVE-2024-50602","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2024A0000050602","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/354155"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47835","https://nvd.nist.gov/vuln/detail/CVE-2024-47835","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047835","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47834","https://nvd.nist.gov/vuln/detail/CVE-2024-47834","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047834","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47778","https://nvd.nist.gov/vuln/detail/CVE-2024-47778","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047778","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47777","https://nvd.nist.gov/vuln/detail/CVE-2024-47777","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047777","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47776","https://nvd.nist.gov/vuln/detail/CVE-2024-47776","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047776","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47775","https://nvd.nist.gov/vuln/detail/CVE-2024-47775","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047775","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47774","https://nvd.nist.gov/vuln/detail/CVE-2024-47774","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047774","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47615","https://nvd.nist.gov/vuln/detail/CVE-2024-47615","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047615","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47613","https://nvd.nist.gov/vuln/detail/CVE-2024-47613","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047613","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47607","https://nvd.nist.gov/vuln/detail/CVE-2024-47607","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047607","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47606","https://nvd.nist.gov/vuln/detail/CVE-2024-47606","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047606","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47603","https://nvd.nist.gov/vuln/detail/CVE-2024-47603","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047603","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47602","https://nvd.nist.gov/vuln/detail/CVE-2024-47602","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047602","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47601","https://nvd.nist.gov/vuln/detail/CVE-2024-47601","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047601","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47600","https://nvd.nist.gov/vuln/detail/CVE-2024-47600","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047600","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47599","https://nvd.nist.gov/vuln/detail/CVE-2024-47599","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047599","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47598","https://nvd.nist.gov/vuln/detail/CVE-2024-47598","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047598","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47597","https://nvd.nist.gov/vuln/detail/CVE-2024-47597","gstreamer","9.1","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047597","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47596","https://nvd.nist.gov/vuln/detail/CVE-2024-47596","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047596","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47546","https://nvd.nist.gov/vuln/detail/CVE-2024-47546","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047546","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47545","https://nvd.nist.gov/vuln/detail/CVE-2024-47545","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047545","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47544","https://nvd.nist.gov/vuln/detail/CVE-2024-47544","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047544","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47543","https://nvd.nist.gov/vuln/detail/CVE-2024-47543","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047543","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47542","https://nvd.nist.gov/vuln/detail/CVE-2024-47542","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047542","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47541","https://nvd.nist.gov/vuln/detail/CVE-2024-47541","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047541","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47540","https://nvd.nist.gov/vuln/detail/CVE-2024-47540","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047540","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47539","https://nvd.nist.gov/vuln/detail/CVE-2024-47539","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047539","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47538","https://nvd.nist.gov/vuln/detail/CVE-2024-47538","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047538","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47537","https://nvd.nist.gov/vuln/detail/CVE-2024-47537","gstreamer","9.8","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047537","False","","fix_update_to_version_upstream",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-24790","https://nvd.nist.gov/vuln/detail/CVE-2024-24790","go","9.8","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2024A0000024790","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/319485 
-https://github.com/NixOS/nixpkgs/pull/331906 
-https://github.com/NixOS/nixpkgs/pull/354124 
-https://github.com/NixOS/nixpkgs/pull/361606"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-24789","https://nvd.nist.gov/vuln/detail/CVE-2024-24789","go","5.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2024A0000024789","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/319485 
-https://github.com/NixOS/nixpkgs/pull/354124 
-https://github.com/NixOS/nixpkgs/pull/361606"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-23741","https://nvd.nist.gov/vuln/detail/CVE-2024-23741","hyper","9.8","1.5.0","","","","2024A0000023741","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-23741","https://nvd.nist.gov/vuln/detail/CVE-2024-23741","hyper","9.8","1.4.1","","","","2024A0000023741","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-21524","https://nvd.nist.gov/vuln/detail/CVE-2024-21524","stringbuilder","9.1","0.5.1","0.5.1","0.5.1","haskell:stringbuilder","2024A0000021524","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-21485","https://nvd.nist.gov/vuln/detail/CVE-2024-21485","dash","5.4","0.5.12","","","","2024A0000021485","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-11498","https://nvd.nist.gov/vuln/detail/CVE-2024-11498","libjxl","","0.11.0","0.11.0","0.11.1","libjxl","2024A0000011498","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/359791"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-11403","https://nvd.nist.gov/vuln/detail/CVE-2024-11403","libjxl","","0.11.0","0.11.0","0.11.1","libjxl","2024A0000011403","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/359791"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-11168","https://nvd.nist.gov/vuln/detail/CVE-2024-11168","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000011168","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-10041","https://nvd.nist.gov/vuln/detail/CVE-2024-10041","linux-pam","4.7","1.6.1","","","","2024A0000010041","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-9287","https://nvd.nist.gov/vuln/detail/CVE-2024-9287","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000009287","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","MAL-2024-9233","https://osv.dev/MAL-2024-9233","foldl","","1.4.17","1.4.17","1.4.18","haskell:foldl","2024A0000009233","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-9143","https://nvd.nist.gov/vuln/detail/CVE-2024-9143","openssl","4.3","3.3.2","3.3.2","3.4.0","openssl","2024A0000009143","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8354","https://nvd.nist.gov/vuln/detail/CVE-2024-8354","qemu","5.5","9.1.2","9.1.2","9.2.0","qemu","2024A0000008354","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-8088","https://nvd.nist.gov/vuln/detail/CVE-2024-8088","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000008088","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-7592","https://nvd.nist.gov/vuln/detail/CVE-2024-7592","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000007592","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-6923","https://nvd.nist.gov/vuln/detail/CVE-2024-6923","python","5.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000006923","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/335172"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-6505","https://nvd.nist.gov/vuln/detail/CVE-2024-6505","qemu","6.8","9.1.2","9.1.2","9.2.0","qemu","2024A0000006505","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/351100"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-6232","https://nvd.nist.gov/vuln/detail/CVE-2024-6232","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000006232","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-5642","https://nvd.nist.gov/vuln/detail/CVE-2024-5642","python","6.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000005642","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-4032","https://nvd.nist.gov/vuln/detail/CVE-2024-4032","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000004032","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-4030","https://nvd.nist.gov/vuln/detail/CVE-2024-4030","python","7.1","2.7.18.8","3.13.1","3.13.1","python","2024A0000004030","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-3219","https://nvd.nist.gov/vuln/detail/CVE-2024-3219","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000003219","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-1209","https://osv.dev/OSV-2024-1209","libxml2","","2.13.4","2.13.4","2.13.5","libxml2","2024A0000001209","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-1059","https://osv.dev/OSV-2024-1059","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000001059","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-1042","https://osv.dev/OSV-2024-1042","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000001042","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-983","https://osv.dev/OSV-2024-983","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000983","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-919","https://osv.dev/OSV-2024-919","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000919","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-861","https://osv.dev/OSV-2024-861","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000861","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-853","https://osv.dev/OSV-2024-853","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000853","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-831","https://osv.dev/OSV-2024-831","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000831","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-817","https://osv.dev/OSV-2024-817","libpcap","","1.10.5","1.10.5","1.10.5","libpcap","2024A0000000817","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-728","https://osv.dev/OSV-2024-728","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000728","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-678","https://osv.dev/OSV-2024-678","flac","","1.4.3","1.4.3","1.4.3","flac","2024A0000000678","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-677","https://osv.dev/OSV-2024-677","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2024A0000000677","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-0450","https://nvd.nist.gov/vuln/detail/CVE-2024-0450","python","6.2","2.7.18.8","3.13.1","3.13.1","python","2024A0000000450","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/298006 
-https://github.com/NixOS/nixpkgs/pull/299123 
-https://github.com/NixOS/nixpkgs/pull/299125"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-440","https://osv.dev/OSV-2024-440","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000440","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","RUSTSEC-2024-0422","https://osv.dev/RUSTSEC-2024-0422","gtk-layer-shell","","0.9.0","0.9.0","0.9.0","gtk-layer-shell","2024A0000000422","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-0397","https://nvd.nist.gov/vuln/detail/CVE-2024-0397","python","7.4","2.7.18.8","3.13.1","3.13.1","python","2024A0000000397","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-396","https://osv.dev/OSV-2024-396","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000396","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-395","https://osv.dev/OSV-2024-395","libpcap","","1.10.5","1.10.5","1.10.5","libpcap","2024A0000000395","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","RUSTSEC-2024-0379","https://osv.dev/RUSTSEC-2024-0379","fast-float","","7.0.0","7.0.0","7.0.0","fast-float","2024A0000000379","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-371","https://osv.dev/OSV-2024-371","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000371","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-330","https://osv.dev/OSV-2024-330","jq","","1.7.1","1.7.1","1.7.1","jq","2024A0000000330","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2024-233","https://osv.dev/OSV-2024-233","openh264","","2.4.1","2.4.1","2.5.0","openh264","2024A0000000233","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-6898-wx94-8jq8","https://osv.dev/GHSA-6898-wx94-8jq8","libnotify","","0.8.3","","","","2023A1694131200","True","Incorrect package: Issue refers node-libnotify https://github.com/mytrile/node-libnotify, whereas nixpkgs refers gnome-libnotify https://gitlab.gnome.org/GNOME/libnotify.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-gmwp-3pwc-3j3g","https://osv.dev/GHSA-gmwp-3pwc-3j3g","mockery","","0.3.5","0.3.5","0.3.5","haskell:mockery","2023A1690502400","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-vjrq-cg9x-rfjp","https://osv.dev/GHSA-vjrq-cg9x-rfjp","cookie","","0.4.6","0.5.0","0.5.0","haskell:cookie","2023A1686614400","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-9cp3-fh5x-xfcj","https://osv.dev/GHSA-9cp3-fh5x-xfcj","charset","","0.3.10","0.3.10","0.3.11","haskell:charset","2023A1680220800","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-52356","https://nvd.nist.gov/vuln/detail/CVE-2023-52356","libtiff","7.5","4.7.0","4.7.0","4.7.0","tiff","2023A0000052356","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-51258","https://nvd.nist.gov/vuln/detail/CVE-2023-51258","yasm","5.5","1.3.0","1.3.0","1.3.0","yasm","2023A0000051258","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-49292","https://nvd.nist.gov/vuln/detail/CVE-2023-49292","go","4.8","1.23.3","1.23.3","1.23.4","go","2023A0000049292","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-49292","https://nvd.nist.gov/vuln/detail/CVE-2023-49292","go","4.8","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000049292","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-46361","https://nvd.nist.gov/vuln/detail/CVE-2023-46361","jbig2dec","6.5","0.20","0.20","0.20","jbig2dec","2023A0000046361","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-45853","https://nvd.nist.gov/vuln/detail/CVE-2023-45853","zlib","9.8","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000045853","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262722 
-https://github.com/NixOS/nixpkgs/pull/263083"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-45853","https://nvd.nist.gov/vuln/detail/CVE-2023-45853","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000045853","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262722 
-https://github.com/NixOS/nixpkgs/pull/263083"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-44487","https://nvd.nist.gov/vuln/detail/CVE-2023-44487","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000044487","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262738 
-https://github.com/NixOS/nixpkgs/pull/263279 
-https://github.com/NixOS/nixpkgs/pull/278073 
-https://github.com/NixOS/nixpkgs/pull/286248 
-https://github.com/NixOS/nixpkgs/pull/298640"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-41940","https://nvd.nist.gov/vuln/detail/CVE-2023-41940","tap","5.4","1.0.1","0.77","0.77","texlive:tap","2023A0000041940","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-41330","https://nvd.nist.gov/vuln/detail/CVE-2023-41330","snappy","9.8","1.2.1","","","","2023A0000041330","True","Incorrect package: Issue concerns snappy php library: https://github.com/KnpLabs/snappy, whereas, nixpkgs ""snappy"" refers snappy compression library: https://google.github.io/snappy/. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-40217","https://nvd.nist.gov/vuln/detail/CVE-2023-40217","python","5.3","2.7.18.8","3.13.1","3.13.1","python","2023A0000040217","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-39325","https://nvd.nist.gov/vuln/detail/CVE-2023-39325","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039325","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262713 
-https://github.com/NixOS/nixpkgs/pull/300783"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-39323","https://nvd.nist.gov/vuln/detail/CVE-2023-39323","go","8.1","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039323","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-39322","https://nvd.nist.gov/vuln/detail/CVE-2023-39322","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039322","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-39321","https://nvd.nist.gov/vuln/detail/CVE-2023-39321","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039321","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-39320","https://nvd.nist.gov/vuln/detail/CVE-2023-39320","go","9.8","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039320","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-39319","https://nvd.nist.gov/vuln/detail/CVE-2023-39319","go","6.1","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039319","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-39318","https://nvd.nist.gov/vuln/detail/CVE-2023-39318","go","6.1","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2023A0000039318","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-37769","https://nvd.nist.gov/vuln/detail/CVE-2023-37769","pixman","6.5","0.43.4","0.43.4","0.44.2","pixman","2023A0000037769","False","See: https://gitlab.freedesktop.org/pixman/pixman/-/issues/76: ""This somehow got assigned CVE-2023-37769, not sure why NVD keeps assigning CVEs like this. This is just a test executable"".","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-36632","https://nvd.nist.gov/vuln/detail/CVE-2023-36632","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2023A0000036632","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-33955","https://nvd.nist.gov/vuln/detail/CVE-2023-33955","console","5.3","0.15.8","0.1.0-unstable-2024-05-07","","ocaml:console","2023A0000033955","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-32665","https://nvd.nist.gov/vuln/detail/CVE-2023-32665","glib","5.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032665","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-32643","https://nvd.nist.gov/vuln/detail/CVE-2023-32643","glib","7.8","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032643","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-32636","https://nvd.nist.gov/vuln/detail/CVE-2023-32636","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032636","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-32611","https://nvd.nist.gov/vuln/detail/CVE-2023-32611","glib","5.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032611","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-31975","https://nvd.nist.gov/vuln/detail/CVE-2023-31975","yasm","3.3","1.3.0","","","","2023A0000031975","True","Memory leak in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-31974","https://nvd.nist.gov/vuln/detail/CVE-2023-31974","yasm","5.5","1.3.0","","","","2023A0000031974","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-31973","https://nvd.nist.gov/vuln/detail/CVE-2023-31973","yasm","5.5","1.3.0","","","","2023A0000031973","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-31972","https://nvd.nist.gov/vuln/detail/CVE-2023-31972","yasm","5.5","1.3.0","","","","2023A0000031972","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-30402","https://nvd.nist.gov/vuln/detail/CVE-2023-30402","yasm","5.5","1.3.0","","","","2023A0000030402","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-29499","https://nvd.nist.gov/vuln/detail/CVE-2023-29499","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000029499","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-28322","https://nvd.nist.gov/vuln/detail/CVE-2023-28322","curl","3.7","0.4.46","","","","2023A0000028322","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531 
-https://github.com/NixOS/nixpkgs/pull/232535"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-28321","https://nvd.nist.gov/vuln/detail/CVE-2023-28321","curl","5.9","0.4.46","","","","2023A0000028321","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531 
-https://github.com/NixOS/nixpkgs/pull/232535"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-28320","https://nvd.nist.gov/vuln/detail/CVE-2023-28320","curl","5.9","0.4.46","","","","2023A0000028320","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531 
-https://github.com/NixOS/nixpkgs/pull/232535"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-28319","https://nvd.nist.gov/vuln/detail/CVE-2023-28319","curl","7.5","0.4.46","","","","2023A0000028319","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-28115","https://nvd.nist.gov/vuln/detail/CVE-2023-28115","snappy","9.8","1.2.1","","","","2023A0000028115","True","Incorrect package: Issue concerns snappy php library: https://github.com/KnpLabs/snappy, whereas, nixpkgs ""snappy"" refers snappy compression library: https://google.github.io/snappy/. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-27043","https://nvd.nist.gov/vuln/detail/CVE-2023-27043","python","5.3","2.7.18.8","3.13.1","3.13.1","python","2023A0000027043","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/243074 
-https://github.com/NixOS/nixpkgs/pull/349408"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-26044","https://nvd.nist.gov/vuln/detail/CVE-2023-26044","http","5.3","1.1.0","","","","2023A0000026044","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-25000","https://nvd.nist.gov/vuln/detail/CVE-2023-25000","vault","4.7","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000025000","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-25000","https://nvd.nist.gov/vuln/detail/CVE-2023-25000","vault","4.7","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000025000","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-24999","https://nvd.nist.gov/vuln/detail/CVE-2023-24999","vault","8.1","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000024999","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/221835 
-https://github.com/NixOS/nixpkgs/pull/221841"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-24999","https://nvd.nist.gov/vuln/detail/CVE-2023-24999","vault","8.1","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000024999","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/221835 
-https://github.com/NixOS/nixpkgs/pull/221841"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-24329","https://nvd.nist.gov/vuln/detail/CVE-2023-24329","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2023A0000024329","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/236448 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-7216","https://nvd.nist.gov/vuln/detail/CVE-2023-7216","cpio","5.3","2.15","2.15","2.15","cpio","2023A0000007216","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","1.3.1","1.3.1","1.3.1","zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6597","https://nvd.nist.gov/vuln/detail/CVE-2023-6597","python","7.8","2.7.18.8","3.13.1","3.13.1","python","2023A0000006597","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/298006 
-https://github.com/NixOS/nixpkgs/pull/299123 
-https://github.com/NixOS/nixpkgs/pull/299125"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6337","https://nvd.nist.gov/vuln/detail/CVE-2023-6337","vault","7.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000006337","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/272492 
-https://github.com/NixOS/nixpkgs/pull/274068 
-https://github.com/NixOS/nixpkgs/pull/274071"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6337","https://nvd.nist.gov/vuln/detail/CVE-2023-6337","vault","7.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000006337","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/272492 
-https://github.com/NixOS/nixpkgs/pull/274068 
-https://github.com/NixOS/nixpkgs/pull/274071"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6277","https://nvd.nist.gov/vuln/detail/CVE-2023-6277","libtiff","6.5","4.7.0","4.7.0","4.7.0","tiff","2023A0000006277","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-6228","https://nvd.nist.gov/vuln/detail/CVE-2023-6228","libtiff","3.3","4.7.0","4.7.0","4.7.0","tiff","2023A0000006228","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-5841","https://nvd.nist.gov/vuln/detail/CVE-2023-5841","openexr","9.1","2.5.10","3.2.4","3.3.2","openexr","2023A0000005841","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/300526 
-https://github.com/NixOS/nixpkgs/pull/346060 
-https://github.com/NixOS/nixpkgs/pull/349220 
-https://github.com/NixOS/nixpkgs/pull/352826"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-5752","https://nvd.nist.gov/vuln/detail/CVE-2023-5752","pip","3.3","20.3.4-source","24.0","24.3.1","pip","2023A0000005752","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/276928"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-5341","https://nvd.nist.gov/vuln/detail/CVE-2023-5341","imagemagick","5.5","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2023A0000005341","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-4039","https://nvd.nist.gov/vuln/detail/CVE-2023-4039","gcc","4.8","13.3.0","13.3.0","14.2.0","gcc","2023A0000004039","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-3297","https://nvd.nist.gov/vuln/detail/CVE-2023-3297","accountsservice","7.8","23.13.9","23.13.9","23.13.9","accountsservice","2023A0000003297","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-2754","https://nvd.nist.gov/vuln/detail/CVE-2023-2754","warp","6.8","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000002754","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-2680","https://nvd.nist.gov/vuln/detail/CVE-2023-2680","qemu","7.5","9.1.2","9.1.2","9.2.0","qemu","2023A0000002680","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/305402"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-2121","https://nvd.nist.gov/vuln/detail/CVE-2023-2121","vault","5.4","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000002121","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/236911 
-https://github.com/NixOS/nixpkgs/pull/239559 
-https://github.com/NixOS/nixpkgs/pull/239571"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-2121","https://nvd.nist.gov/vuln/detail/CVE-2023-2121","vault","5.4","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000002121","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/236911 
-https://github.com/NixOS/nixpkgs/pull/239559 
-https://github.com/NixOS/nixpkgs/pull/239571"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-1862","https://nvd.nist.gov/vuln/detail/CVE-2023-1862","warp","7.3","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000001862","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-1412","https://nvd.nist.gov/vuln/detail/CVE-2023-1412","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000001412","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-1386","https://nvd.nist.gov/vuln/detail/CVE-2023-1386","qemu","3.3","9.1.2","9.1.2","9.2.0","qemu","2023A0000001386","False","Revisit when fixed upstream: https://github.com/v9fs/linux/issues/29.","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1344","https://osv.dev/OSV-2023-1344","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001344","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1329","https://osv.dev/OSV-2023-1329","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001329","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1307","https://osv.dev/OSV-2023-1307","libbpf","","1.4.7","1.4.7","1.5.0","libbpf","2023A0000001307","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-1129","https://osv.dev/OSV-2023-1129","libheif","","1.18.2","1.18.2","1.19.5","libheif","2023A0000001129","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-877","https://osv.dev/OSV-2023-877","libbpf","","1.4.7","1.4.7","1.5.0","libbpf","2023A0000000877","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-862","https://osv.dev/OSV-2023-862","gstreamer","","1.24.7","1.24.7","1.24.10","gstreamer","2023A0000000862","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-675","https://osv.dev/OSV-2023-675","flac","","1.4.3","1.4.3","1.4.3","flac","2023A0000000675","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-0665","https://nvd.nist.gov/vuln/detail/CVE-2023-0665","vault","6.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000665","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-0665","https://nvd.nist.gov/vuln/detail/CVE-2023-0665","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000665","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-0654","https://nvd.nist.gov/vuln/detail/CVE-2023-0654","warp","3.7","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000654","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-0652","https://nvd.nist.gov/vuln/detail/CVE-2023-0652","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000652","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-0620","https://nvd.nist.gov/vuln/detail/CVE-2023-0620","vault","6.7","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000620","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-0620","https://nvd.nist.gov/vuln/detail/CVE-2023-0620","vault","6.7","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000620","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-505","https://osv.dev/OSV-2023-505","file","","5.45","5.45","5.46","file","2023A0000000505","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-395","https://osv.dev/OSV-2023-395","opensc","","0.26.0","0.26.0","0.26.0","opensc","2023A0000000395","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-390","https://osv.dev/OSV-2023-390","qemu","","9.1.2","9.1.2","9.2.0","qemu","2023A0000000390","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-364","https://osv.dev/OSV-2023-364","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000364","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-327","https://osv.dev/OSV-2023-327","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000327","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-298","https://osv.dev/OSV-2023-298","cairo","","1.18.2","1.17.13","1.17.14","ruby:cairo","2023A0000000298","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2023-0238","https://nvd.nist.gov/vuln/detail/CVE-2023-0238","warp","5.5","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000238","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-197","https://osv.dev/OSV-2023-197","p11-kit","","0.25.5","0.25.5","0.25.5","p11-kit","2023A0000000197","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-137","https://osv.dev/OSV-2023-137","harfbuzz","","10.0.1","","","","2023A0000000137","True","Based on https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56510#c2, the issue is fixed in range https://github.com/harfbuzz/harfbuzz/compare/67e01c1292821e7b6fc2ab13acddb84ab41b2187...60841e26187576bff477c1a09ee2ffe544844abc all of which have been merged in 7.1.0.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-34","https://osv.dev/OSV-2023-34","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2023A0000000034","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2023-14","https://osv.dev/OSV-2023-14","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000014","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-48566","https://nvd.nist.gov/vuln/detail/CVE-2022-48566","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2022A0000048566","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-48565","https://nvd.nist.gov/vuln/detail/CVE-2022-48565","python","9.8","2.7.18.8","3.13.1","3.13.1","python","2022A0000048565","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-48564","https://nvd.nist.gov/vuln/detail/CVE-2022-48564","python","6.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000048564","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-48560","https://nvd.nist.gov/vuln/detail/CVE-2022-48560","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000048560","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-47524","https://nvd.nist.gov/vuln/detail/CVE-2022-47524","safe","5.4","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000047524","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-47524","https://nvd.nist.gov/vuln/detail/CVE-2022-47524","safe","5.4","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000047524","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-45868","https://nvd.nist.gov/vuln/detail/CVE-2022-45868","h2","7.8","0.4.6","","","","2022A0000045868","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-45061","https://nvd.nist.gov/vuln/detail/CVE-2022-45061","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000045061","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/201859 
-https://github.com/NixOS/nixpkgs/pull/204893 
-https://github.com/NixOS/nixpkgs/pull/204900 
-https://github.com/NixOS/nixpkgs/pull/204902 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-43552","https://nvd.nist.gov/vuln/detail/CVE-2022-43552","curl","5.9","0.4.46","","","","2022A0000043552","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/207158 
-https://github.com/NixOS/nixpkgs/pull/207162 
-https://github.com/NixOS/nixpkgs/pull/207165"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-43410","https://nvd.nist.gov/vuln/detail/CVE-2022-43410","mercurial","5.3","6.8.2","6.8.2","6.9","mercurial","2022A0000043410","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-43357","https://nvd.nist.gov/vuln/detail/CVE-2022-43357","sassc","7.5","3.6.2","3.6.2","3.6.2","sassc","2022A0000043357","False","","fix_not_available","https://github.com/NixOS/nixpkgs/pull/274726 
-https://github.com/NixOS/nixpkgs/pull/275599 
-https://github.com/NixOS/nixpkgs/pull/275878"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-42012","https://nvd.nist.gov/vuln/detail/CVE-2022-42012","dbus","6.5","1","1.14.10","1.16.0","dbus","2022A0000042012","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-42012","https://nvd.nist.gov/vuln/detail/CVE-2022-42012","dbus","6.5","0.9.7","1.14.10","1.16.0","dbus","2022A0000042012","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-42011","https://nvd.nist.gov/vuln/detail/CVE-2022-42011","dbus","6.5","1","1.14.10","1.16.0","dbus","2022A0000042011","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-42011","https://nvd.nist.gov/vuln/detail/CVE-2022-42011","dbus","6.5","0.9.7","1.14.10","1.16.0","dbus","2022A0000042011","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-42010","https://nvd.nist.gov/vuln/detail/CVE-2022-42010","dbus","6.5","1","1.14.10","1.16.0","dbus","2022A0000042010","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-42010","https://nvd.nist.gov/vuln/detail/CVE-2022-42010","dbus","6.5","0.9.7","1.14.10","1.16.0","dbus","2022A0000042010","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
-https://github.com/NixOS/nixpkgs/pull/253430"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-41316","https://nvd.nist.gov/vuln/detail/CVE-2022-41316","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2022A0000041316","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-41316","https://nvd.nist.gov/vuln/detail/CVE-2022-41316","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2022A0000041316","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-40898","https://nvd.nist.gov/vuln/detail/CVE-2022-40898","wheel","7.5","0.37.1-source","0.44.0","0.45.1","python:wheel","2022A0000040898","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/210565 
-https://github.com/NixOS/nixpkgs/pull/361930 
-https://github.com/NixOS/nixpkgs/pull/362304"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-40897","https://nvd.nist.gov/vuln/detail/CVE-2022-40897","setuptools","5.9","44.0.0-source","75.1.1","75.6.0","python:setuptools","2022A0000040897","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/354579 
-https://github.com/NixOS/nixpkgs/pull/356664"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38663","https://nvd.nist.gov/vuln/detail/CVE-2022-38663","git","6.5","2.47.0","","","","2022A0000038663","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38164","https://nvd.nist.gov/vuln/detail/CVE-2022-38164","safe","6.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000038164","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38164","https://nvd.nist.gov/vuln/detail/CVE-2022-38164","safe","6.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038164","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38023","https://nvd.nist.gov/vuln/detail/CVE-2022-38023","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000038023","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37967","https://nvd.nist.gov/vuln/detail/CVE-2022-37967","samba","7.2","4.20.4","4.20.4","4.21.2","samba","2022A0000037967","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37966","https://nvd.nist.gov/vuln/detail/CVE-2022-37966","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000037966","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37434","https://nvd.nist.gov/vuln/detail/CVE-2022-37434","zlib","9.8","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2022A0000037434","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/185554 
-https://github.com/NixOS/nixpkgs/pull/185613 
-https://github.com/NixOS/nixpkgs/pull/185693 
-https://github.com/NixOS/nixpkgs/pull/185754 
-https://github.com/NixOS/nixpkgs/pull/186941"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37434","https://nvd.nist.gov/vuln/detail/CVE-2022-37434","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2022A0000037434","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/185554 
-https://github.com/NixOS/nixpkgs/pull/185613 
-https://github.com/NixOS/nixpkgs/pull/185693 
-https://github.com/NixOS/nixpkgs/pull/185754 
-https://github.com/NixOS/nixpkgs/pull/186941"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37416","https://nvd.nist.gov/vuln/detail/CVE-2022-37416","libmpeg2","6.5","0.5.1","","","","2022A0000037416","True","NVD data issue: concerns Android only.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-36884","https://nvd.nist.gov/vuln/detail/CVE-2022-36884","git","5.3","2.47.0","","","","2022A0000036884","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-36883","https://nvd.nist.gov/vuln/detail/CVE-2022-36883","git","7.5","2.47.0","","","","2022A0000036883","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-36882","https://nvd.nist.gov/vuln/detail/CVE-2022-36882","git","8.8","2.47.0","","","","2022A0000036882","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-36073","https://nvd.nist.gov/vuln/detail/CVE-2022-36073","rubygems","8.8","3.5.22","","","","2022A0000036073","True","Latest impacted version in 3.x is 3.0.4.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-36032","https://nvd.nist.gov/vuln/detail/CVE-2022-36032","http","5.3","1.1.0","","","","2022A0000036032","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-35252","https://nvd.nist.gov/vuln/detail/CVE-2022-35252","curl","3.7","0.4.46","","","","2022A0000035252","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/189083 
-https://github.com/NixOS/nixpkgs/pull/198730"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-32743","https://nvd.nist.gov/vuln/detail/CVE-2022-32743","samba","7.5","4.20.4","4.20.4","4.21.2","samba","2022A0000032743","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-32221","https://nvd.nist.gov/vuln/detail/CVE-2022-32221","curl","9.8","0.4.46","","","","2022A0000032221","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/198730"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-32206","https://nvd.nist.gov/vuln/detail/CVE-2022-32206","curl","6.5","0.4.46","","","","2022A0000032206","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/179314 
-https://github.com/NixOS/nixpkgs/pull/180021"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-30947","https://nvd.nist.gov/vuln/detail/CVE-2022-30947","git","7.5","2.47.0","","","","2022A0000030947","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28873","https://nvd.nist.gov/vuln/detail/CVE-2022-28873","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028873","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28873","https://nvd.nist.gov/vuln/detail/CVE-2022-28873","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028873","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28872","https://nvd.nist.gov/vuln/detail/CVE-2022-28872","safe","8.8","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028872","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28872","https://nvd.nist.gov/vuln/detail/CVE-2022-28872","safe","8.8","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028872","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28870","https://nvd.nist.gov/vuln/detail/CVE-2022-28870","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028870","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28870","https://nvd.nist.gov/vuln/detail/CVE-2022-28870","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028870","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28869","https://nvd.nist.gov/vuln/detail/CVE-2022-28869","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028869","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28869","https://nvd.nist.gov/vuln/detail/CVE-2022-28869","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028869","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28868","https://nvd.nist.gov/vuln/detail/CVE-2022-28868","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028868","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-28868","https://nvd.nist.gov/vuln/detail/CVE-2022-28868","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028868","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-27782","https://nvd.nist.gov/vuln/detail/CVE-2022-27782","curl","7.5","0.4.46","","","","2022A0000027782","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-27781","https://nvd.nist.gov/vuln/detail/CVE-2022-27781","curl","7.5","0.4.46","","","","2022A0000027781","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-27776","https://nvd.nist.gov/vuln/detail/CVE-2022-27776","curl","6.5","0.4.46","","","","2022A0000027776","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/170654 
-https://github.com/NixOS/nixpkgs/pull/170659"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-27470","https://nvd.nist.gov/vuln/detail/CVE-2022-27470","SDL_ttf","7.8","2.0.11","","","","2022A0000027470","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-26691","https://nvd.nist.gov/vuln/detail/CVE-2022-26691","cups","6.7","2.4.11","","","","2022A0000026691","True","Fixed in nixpkgs with PR: https://github.com/NixOS/nixpkgs/pull/174898.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-26488","https://nvd.nist.gov/vuln/detail/CVE-2022-26488","python","7.0","2.7.18.8","3.13.1","3.13.1","python","2022A0000026488","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-25883","https://nvd.nist.gov/vuln/detail/CVE-2022-25883","semver","7.5","1.0.23","1.0.0","7.6.3","semver","2022A0000025883","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-25883","https://nvd.nist.gov/vuln/detail/CVE-2022-25883","semver","7.5","1.0.22","1.0.0","7.6.3","semver","2022A0000025883","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24394","https://nvd.nist.gov/vuln/detail/CVE-2022-24394","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024394","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24394","https://nvd.nist.gov/vuln/detail/CVE-2022-24394","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024394","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24393","https://nvd.nist.gov/vuln/detail/CVE-2022-24393","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024393","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24393","https://nvd.nist.gov/vuln/detail/CVE-2022-24393","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024393","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24392","https://nvd.nist.gov/vuln/detail/CVE-2022-24392","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024392","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24392","https://nvd.nist.gov/vuln/detail/CVE-2022-24392","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024392","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24391","https://nvd.nist.gov/vuln/detail/CVE-2022-24391","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024391","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24391","https://nvd.nist.gov/vuln/detail/CVE-2022-24391","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024391","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24390","https://nvd.nist.gov/vuln/detail/CVE-2022-24390","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024390","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24390","https://nvd.nist.gov/vuln/detail/CVE-2022-24390","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024390","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24389","https://nvd.nist.gov/vuln/detail/CVE-2022-24389","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024389","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24389","https://nvd.nist.gov/vuln/detail/CVE-2022-24389","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024389","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24388","https://nvd.nist.gov/vuln/detail/CVE-2022-24388","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024388","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-24388","https://nvd.nist.gov/vuln/detail/CVE-2022-24388","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024388","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-4457","https://nvd.nist.gov/vuln/detail/CVE-2022-4457","warp","5.5","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000004457","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-4428","https://nvd.nist.gov/vuln/detail/CVE-2022-4428","warp","8.0","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000004428","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","MAL-2022-4301","https://osv.dev/MAL-2022-4301","libidn2","","2.3.7","","","","2022A0000004301","True","Incorrect package: Issue refers npm libidn2, whereas, nixpkgs refers libidn2 https://gitlab.com/libidn/libidn2.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-3512","https://nvd.nist.gov/vuln/detail/CVE-2022-3512","warp","8.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000003512","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-3320","https://nvd.nist.gov/vuln/detail/CVE-2022-3320","warp","9.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000003320","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-3219","https://nvd.nist.gov/vuln/detail/CVE-2022-3219","gnupg","3.3","2.4.5","","","","2022A0000003219","True","Fix patch is not accepted upstream: https://dev.gnupg.org/D556.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-3064","https://nvd.nist.gov/vuln/detail/CVE-2022-3064","yaml","7.5","0.11.11.2-r2.cabal","0.11.11.2","0.11.11.2","haskell:yaml","2022A0000003064","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-3064","https://nvd.nist.gov/vuln/detail/CVE-2022-3064","yaml","7.5","0.11.11.2","0.11.11.2","0.11.11.2","haskell:yaml","2022A0000003064","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-2225","https://nvd.nist.gov/vuln/detail/CVE-2022-2225","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000002225","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-2145","https://nvd.nist.gov/vuln/detail/CVE-2022-2145","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000002145","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-1615","https://nvd.nist.gov/vuln/detail/CVE-2022-1615","samba","5.5","4.20.4","4.20.4","4.21.2","samba","2022A0000001615","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-1276","https://osv.dev/OSV-2022-1276","openvpn","","2.6.12","2.6.12","2.6.12","openvpn","2022A0000001276","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-1201","https://osv.dev/OSV-2022-1201","opensc","","0.26.0","0.26.0","0.26.0","opensc","2022A0000001201","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-1188","https://osv.dev/OSV-2022-1188","opensc","","0.26.0","0.26.0","0.26.0","opensc","2022A0000001188","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-1108","https://osv.dev/OSV-2022-1108","ruby","","3.3.5","3.4.0-preview2","3.3.6","ruby","2022A0000001108","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-908","https://osv.dev/OSV-2022-908","bluez","","5.78","5.78","5.79","bluez","2022A0000000908","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-896","https://osv.dev/OSV-2022-896","libsass","","3.6.6","3.6.6","3.6.6","libsass","2022A0000000896","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-882","https://osv.dev/OSV-2022-882","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2022A0000000882","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-859","https://osv.dev/OSV-2022-859","bluez","","5.78","5.78","5.79","bluez","2022A0000000859","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-0856","https://nvd.nist.gov/vuln/detail/CVE-2022-0856","libcaca","6.5","0.99.beta20","","","","2022A0000000856","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-819","https://osv.dev/OSV-2022-819","libraw","","0.21.3","0.21.3","0.21.3","libraw","2022A0000000819","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-785","https://osv.dev/OSV-2022-785","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000785","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-725","https://osv.dev/OSV-2022-725","libjxl","","0.11.0","0.11.0","0.11.1","libjxl","2022A0000000725","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-608","https://osv.dev/OSV-2022-608","libjxl","","0.11.0","0.11.0","0.11.1","libjxl","2022A0000000608","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-581","https://osv.dev/OSV-2022-581","qemu","","9.1.2","9.1.2","9.2.0","qemu","2022A0000000581","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-572","https://osv.dev/OSV-2022-572","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000572","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-530","https://osv.dev/OSV-2022-530","espeak-ng","","1.51.1","","","","2022A0000000530","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-524","https://osv.dev/OSV-2022-524","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2022A0000000524","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-519","https://osv.dev/OSV-2022-519","espeak-ng","","1.51.1","","","","2022A0000000519","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-0486","https://nvd.nist.gov/vuln/detail/CVE-2022-0486","network","7.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000000486","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-0486","https://nvd.nist.gov/vuln/detail/CVE-2022-0486","network","7.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000000486","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-462","https://osv.dev/OSV-2022-462","espeak-ng","","1.51.1","","","","2022A0000000462","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-0391","https://nvd.nist.gov/vuln/detail/CVE-2022-0391","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000000391","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/203428 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-312","https://osv.dev/OSV-2022-312","dnsmasq","","2.90","2.90","2.90","dnsmasq","2022A0000000312","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-193","https://osv.dev/OSV-2022-193","w3m","","0.5.3+git20230121","0.5.3+git20230121","0.5.3+git20230121","w3m","2022A0000000193","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2022-73","https://osv.dev/OSV-2022-73","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2022A0000000073","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-rjvj-673q-4hfw","https://osv.dev/GHSA-rjvj-673q-4hfw","traceroute","","2.1.6","","","","2021A1633305600","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-m75h-cghq-c8h5","https://osv.dev/GHSA-m75h-cghq-c8h5","libyaml","","0.1.4","0.1.4","0.1.4","haskell:libyaml","2021A1632355200","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","GHSA-pgcr-7wm4-mcv6","https://osv.dev/GHSA-pgcr-7wm4-mcv6","pem","","0.2.4","0.2.4","0.2.4","haskell:pem","2021A1628035200","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-46829","https://nvd.nist.gov/vuln/detail/CVE-2021-46829","gdk-pixbuf","7.8","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2021A0000046829","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/312036 
-https://github.com/NixOS/nixpkgs/pull/314686"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-46312","https://nvd.nist.gov/vuln/detail/CVE-2021-46312","djvulibre","6.5","3.5.28","3.5.28","3.5.28","djvulibre","2021A0000046312","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-46310","https://nvd.nist.gov/vuln/detail/CVE-2021-46310","djvulibre","6.5","3.5.28","3.5.28","3.5.28","djvulibre","2021A0000046310","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-45810","https://nvd.nist.gov/vuln/detail/CVE-2021-45810","globalprotect-openconnect","7.5","1.4.9","1.4.9","2.3.9","globalprotect-openconnect","2021A0000045810","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-45429","https://nvd.nist.gov/vuln/detail/CVE-2021-45429","yara","5.5","4.5.0","4.5.0","4.5.2","yara","2021A0000045429","False","","fix_not_available","https://github.com/NixOS/nixpkgs/pull/161127"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-44751","https://nvd.nist.gov/vuln/detail/CVE-2021-44751","safe","5.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000044751","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-44751","https://nvd.nist.gov/vuln/detail/CVE-2021-44751","safe","5.3","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000044751","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","BIT-lua-2021-43519","https://osv.dev/BIT-lua-2021-43519","lua","","5.2.4","5.4.7","5.4.7","lua","2021A0000043519","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-43519","https://nvd.nist.gov/vuln/detail/CVE-2021-43519","lua","5.5","5.2.4","5.4.7","5.4.7","lua","2021A0000043519","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195329 
-https://github.com/NixOS/nixpkgs/pull/195788"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-43138","https://nvd.nist.gov/vuln/detail/CVE-2021-43138","async","7.8","2.2.5-r2.cabal","2.2.5","2.2.5","haskell:async","2021A0000043138","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-43138","https://nvd.nist.gov/vuln/detail/CVE-2021-43138","async","7.8","2.2.5","2.2.5","2.2.5","haskell:async","2021A0000043138","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-41802","https://nvd.nist.gov/vuln/detail/CVE-2021-41802","vault","5.4","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000041802","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-41802","https://nvd.nist.gov/vuln/detail/CVE-2021-41802","vault","5.4","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000041802","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-40835","https://nvd.nist.gov/vuln/detail/CVE-2021-40835","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000040835","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-40835","https://nvd.nist.gov/vuln/detail/CVE-2021-40835","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000040835","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-40834","https://nvd.nist.gov/vuln/detail/CVE-2021-40834","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000040834","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-40834","https://nvd.nist.gov/vuln/detail/CVE-2021-40834","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000040834","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-39205","https://nvd.nist.gov/vuln/detail/CVE-2021-39205","jitsi-meet","6.1","1.0.8043","","","","2021A0000039205","True","Does not impact the version in nixpkgs as mentioned in https://github.com/NixOS/nixpkgs/issues/142979#issuecomment-964291845.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-38554","https://nvd.nist.gov/vuln/detail/CVE-2021-38554","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000038554","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-38554","https://nvd.nist.gov/vuln/detail/CVE-2021-38554","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000038554","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-35050","https://nvd.nist.gov/vuln/detail/CVE-2021-35050","network","7.5","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035050","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-35050","https://nvd.nist.gov/vuln/detail/CVE-2021-35050","network","7.5","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035050","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-35049","https://nvd.nist.gov/vuln/detail/CVE-2021-35049","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035049","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-35049","https://nvd.nist.gov/vuln/detail/CVE-2021-35049","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035049","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-35048","https://nvd.nist.gov/vuln/detail/CVE-2021-35048","network","9.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035048","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-35048","https://nvd.nist.gov/vuln/detail/CVE-2021-35048","network","9.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035048","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-35047","https://nvd.nist.gov/vuln/detail/CVE-2021-35047","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035047","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-35047","https://nvd.nist.gov/vuln/detail/CVE-2021-35047","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035047","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33596","https://nvd.nist.gov/vuln/detail/CVE-2021-33596","safe","4.1","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000033596","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33596","https://nvd.nist.gov/vuln/detail/CVE-2021-33596","safe","4.1","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000033596","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33595","https://nvd.nist.gov/vuln/detail/CVE-2021-33595","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000033595","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33595","https://nvd.nist.gov/vuln/detail/CVE-2021-33595","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000033595","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33594","https://nvd.nist.gov/vuln/detail/CVE-2021-33594","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000033594","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33594","https://nvd.nist.gov/vuln/detail/CVE-2021-33594","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000033594","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33506","https://nvd.nist.gov/vuln/detail/CVE-2021-33506","jitsi-meet","7.5","1.0.8043","","","","2021A0000033506","True","Fixed in nixpkgs as mentioned in https://github.com/NixOS/nixpkgs/issues/132134#issuecomment-890319135.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33468","https://nvd.nist.gov/vuln/detail/CVE-2021-33468","yasm","5.5","1.3.0","","","","2021A0000033468","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33467","https://nvd.nist.gov/vuln/detail/CVE-2021-33467","yasm","5.5","1.3.0","","","","2021A0000033467","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33466","https://nvd.nist.gov/vuln/detail/CVE-2021-33466","yasm","5.5","1.3.0","","","","2021A0000033466","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33465","https://nvd.nist.gov/vuln/detail/CVE-2021-33465","yasm","5.5","1.3.0","","","","2021A0000033465","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33464","https://nvd.nist.gov/vuln/detail/CVE-2021-33464","yasm","5.5","1.3.0","","","","2021A0000033464","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33463","https://nvd.nist.gov/vuln/detail/CVE-2021-33463","yasm","5.5","1.3.0","","","","2021A0000033463","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33462","https://nvd.nist.gov/vuln/detail/CVE-2021-33462","yasm","5.5","1.3.0","","","","2021A0000033462","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33461","https://nvd.nist.gov/vuln/detail/CVE-2021-33461","yasm","5.5","1.3.0","","","","2021A0000033461","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33460","https://nvd.nist.gov/vuln/detail/CVE-2021-33460","yasm","5.5","1.3.0","","","","2021A0000033460","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33459","https://nvd.nist.gov/vuln/detail/CVE-2021-33459","yasm","5.5","1.3.0","","","","2021A0000033459","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33458","https://nvd.nist.gov/vuln/detail/CVE-2021-33458","yasm","5.5","1.3.0","","","","2021A0000033458","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33457","https://nvd.nist.gov/vuln/detail/CVE-2021-33457","yasm","5.5","1.3.0","","","","2021A0000033457","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33456","https://nvd.nist.gov/vuln/detail/CVE-2021-33456","yasm","5.5","1.3.0","","","","2021A0000033456","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33455","https://nvd.nist.gov/vuln/detail/CVE-2021-33455","yasm","5.5","1.3.0","","","","2021A0000033455","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-33454","https://nvd.nist.gov/vuln/detail/CVE-2021-33454","yasm","5.5","1.3.0","","","","2021A0000033454","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-30499","https://nvd.nist.gov/vuln/detail/CVE-2021-30499","libcaca","7.8","0.99.beta20","","","","2021A0000030499","True","NVD data issue: CPE entry does not correctly state the version numbers. Issue is fixed in v0.99.beta20: https://github.com/cacalabs/libcaca/releases/tag/v0.99.beta20.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-28794","https://nvd.nist.gov/vuln/detail/CVE-2021-28794","ShellCheck","9.8","0.10.0","0.10.0","0.10.0","shellcheck","2021A0000028794","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-28153","https://nvd.nist.gov/vuln/detail/CVE-2021-28153","glib","5.3","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000028153","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-27400","https://nvd.nist.gov/vuln/detail/CVE-2021-27400","vault","7.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000027400","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/120155 
-https://github.com/NixOS/nixpkgs/pull/120157"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-27400","https://nvd.nist.gov/vuln/detail/CVE-2021-27400","vault","7.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000027400","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/120155 
-https://github.com/NixOS/nixpkgs/pull/120157"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-27219","https://nvd.nist.gov/vuln/detail/CVE-2021-27219","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000027219","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-27218","https://nvd.nist.gov/vuln/detail/CVE-2021-27218","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000027218","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-26945","https://nvd.nist.gov/vuln/detail/CVE-2021-26945","openexr","5.5","2.5.10","","","","2021A0000026945","True","Fix patch https://github.com/AcademySoftwareFoundation/openexr/pull/930/commits/b73ec53bd24ba116d7bf48ebdc868301c596706e modifies a file that is not available in openexr 2. Thus, the fix doesn't apply to 2.5.8.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-26720","https://nvd.nist.gov/vuln/detail/CVE-2021-26720","avahi","7.8","0.8","","","","2021A0000026720","True","False positive: issue refers avahi-daemon-check-dns.sh in the Debian avahi package. As such, the issue is specific to Debian and its derivatives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-26260","https://nvd.nist.gov/vuln/detail/CVE-2021-26260","openexr","5.5","2.5.10","","","","2021A0000026260","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d which went to 2.5.5.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-23336","https://nvd.nist.gov/vuln/detail/CVE-2021-23336","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2021A0000023336","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/117037 
-https://github.com/NixOS/nixpkgs/pull/117082 
-https://github.com/NixOS/nixpkgs/pull/118403 
-https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-23215","https://nvd.nist.gov/vuln/detail/CVE-2021-23215","openexr","5.5","2.5.10","","","","2021A0000023215","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d which went to 2.5.5.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-23169","https://nvd.nist.gov/vuln/detail/CVE-2021-23169","openexr","8.8","2.5.10","","","","2021A0000023169","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-21684","https://nvd.nist.gov/vuln/detail/CVE-2021-21684","git","6.1","2.47.0","","","","2021A0000021684","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-20255","https://nvd.nist.gov/vuln/detail/CVE-2021-20255","qemu","5.5","9.1.2","","","","2021A0000020255","True","Upstream patch not merged: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html. No point fixing this in nixpkgs as long as it is not fixed upstream.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-20240","https://nvd.nist.gov/vuln/detail/CVE-2021-20240","gdk-pixbuf","8.8","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2021A0000020240","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/312036 
-https://github.com/NixOS/nixpkgs/pull/314686"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-4336","https://nvd.nist.gov/vuln/detail/CVE-2021-4336","ninja","9.8","1.12.1","","","","2021A0000004336","True","Incorrect package: nixpkgs 'ninja' refers https://github.com/ninja-build/ninja, not https://github.com/ITRS-Group/monitor-ninja.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-4276","https://nvd.nist.gov/vuln/detail/CVE-2021-4276","hedgehog","8.8","1.4-r8.cabal","1.5","1.5","haskell:hedgehog","2021A0000004276","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/192632"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-4276","https://nvd.nist.gov/vuln/detail/CVE-2021-4276","hedgehog","8.8","1.4","1.5","1.5","haskell:hedgehog","2021A0000004276","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/192632"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-4235","https://nvd.nist.gov/vuln/detail/CVE-2021-4235","yaml","5.5","0.11.11.2-r2.cabal","0.11.11.2","0.11.11.2","haskell:yaml","2021A0000004235","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-4235","https://nvd.nist.gov/vuln/detail/CVE-2021-4235","yaml","5.5","0.11.11.2","0.11.11.2","0.11.11.2","haskell:yaml","2021A0000004235","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-4048","https://nvd.nist.gov/vuln/detail/CVE-2021-4048","lapack","9.1","3","3.12.0","3.12.0","lapack","2021A0000004048","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/150788 
-https://github.com/NixOS/nixpkgs/pull/150906 
-https://github.com/NixOS/nixpkgs/pull/152147 
-https://github.com/NixOS/nixpkgs/pull/152359 
-https://github.com/NixOS/nixpkgs/pull/168777"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-4034","https://nvd.nist.gov/vuln/detail/CVE-2021-4034","polkit","7.8","1.pam","124","125","polkit","2021A0000004034","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/155725 
-https://github.com/NixOS/nixpkgs/pull/156750 
-https://github.com/NixOS/nixpkgs/pull/156822 
-https://github.com/NixOS/nixpkgs/pull/295087"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-3800","https://nvd.nist.gov/vuln/detail/CVE-2021-3800","glib","5.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000003800","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-3733","https://nvd.nist.gov/vuln/detail/CVE-2021-3733","python","6.5","2.7.18.8","3.13.1","3.13.1","python","2021A0000003733","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/203428 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-3670","https://nvd.nist.gov/vuln/detail/CVE-2021-3670","samba","6.5","4.20.4","4.20.4","4.21.2","samba","2021A0000003670","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-3605","https://nvd.nist.gov/vuln/detail/CVE-2021-3605","openexr","5.5","2.5.10","","","","2021A0000003605","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-3598","https://nvd.nist.gov/vuln/detail/CVE-2021-3598","openexr","5.5","2.5.10","","","","2021A0000003598","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-3572","https://nvd.nist.gov/vuln/detail/CVE-2021-3572","pip","5.7","20.3.4-source","24.0","24.3.1","pip","2021A0000003572","False","","fix_update_to_version_nixpkgs",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-3177","https://nvd.nist.gov/vuln/detail/CVE-2021-3177","python","9.8","2.7.18.8","3.13.1","3.13.1","python","2021A0000003177","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/201859"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-3024","https://nvd.nist.gov/vuln/detail/CVE-2021-3024","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000003024","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2021-3024","https://nvd.nist.gov/vuln/detail/CVE-2021-3024","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000003024","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-1157","https://osv.dev/OSV-2021-1157","espeak-ng","","1.51.1","","","","2021A0000001157","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-1141","https://osv.dev/OSV-2021-1141","espeak-ng","","1.51.1","","","","2021A0000001141","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-1110","https://osv.dev/OSV-2021-1110","espeak-ng","","1.51.1","","","","2021A0000001110","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-1041","https://osv.dev/OSV-2021-1041","espeak-ng","","1.51.1","","","","2021A0000001041","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-1024","https://osv.dev/OSV-2021-1024","espeak-ng","","1.51.1","","","","2021A0000001024","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-820","https://osv.dev/OSV-2021-820","qemu","","9.1.2","","","","2021A0000000820","True","Fixed based on https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-802","https://osv.dev/OSV-2021-802","espeak-ng","","1.51.1","","","","2021A0000000802","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-787","https://osv.dev/OSV-2021-787","espeak-ng","","1.51.1","","","","2021A0000000787","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-777","https://osv.dev/OSV-2021-777","libxml2","","2.13.4","","","","2021A0000000777","True","Fixed by https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f5ccada05ddd4a1ff8e399ad39fc7cd4bd33325, which went to 2.9.13. Therefore, this issue is fixed in 2.10.4.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-765","https://osv.dev/OSV-2021-765","espeak-ng","","1.51.1","","","","2021A0000000765","False","Unclear if this is still valid.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2021-508","https://osv.dev/OSV-2021-508","libsass","","3.6.6","3.6.6","3.6.6","libsass","2021A0000000508","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-35669","https://nvd.nist.gov/vuln/detail/CVE-2020-35669","http","6.1","0.2.12","0.3-0","0.4","lua:http","2020A0000035669","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-35457","https://nvd.nist.gov/vuln/detail/CVE-2020-35457","glib","7.8","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2020A0000035457","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-29385","https://nvd.nist.gov/vuln/detail/CVE-2020-29385","gdk-pixbuf","5.5","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2020A0000029385","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/106302 
-https://github.com/NixOS/nixpkgs/pull/111542 
-https://github.com/NixOS/nixpkgs/pull/312036 
-https://github.com/NixOS/nixpkgs/pull/314686"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-27748","https://nvd.nist.gov/vuln/detail/CVE-2020-27748","xdg-utils","6.5","1.2.1","1.2.1","1.2.1","xdg-utils","2020A0000027748","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-27569","https://nvd.nist.gov/vuln/detail/CVE-2020-27569","openvpn","7.5","2.6.12","2.6.12","2.6.12","openvpn","2020A0000027569","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-26304","https://nvd.nist.gov/vuln/detail/CVE-2020-26304","foundation","7.5","0.0.30","0.0.30","0.0.30","haskell:foundation","2020A0000026304","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-25594","https://nvd.nist.gov/vuln/detail/CVE-2020-25594","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2020A0000025594","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-25594","https://nvd.nist.gov/vuln/detail/CVE-2020-25594","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2020A0000025594","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-24490","https://nvd.nist.gov/vuln/detail/CVE-2020-24490","bluez","6.5","5.78","","","","2020A0000024490","True","Fixed in linux kernel (5.8) with: https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=a2ec905d1e160a33b2e210e45ad30445ef26ce0e.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-18781","https://nvd.nist.gov/vuln/detail/CVE-2020-18781","audiofile","5.5","0.3.6","0.3.6","0.3.6","audiofile","2020A0000018781","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-16194","https://nvd.nist.gov/vuln/detail/CVE-2020-16194","quote","5.3","1.0.37","","","","2020A0000016194","True","Incorrect package: Issue concerns prestashop product: https://prestashop.com/, whereas, nixpkgs ""quote"" refers rust package 'quote': https://docs.rs/quote/latest/quote/.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-16194","https://nvd.nist.gov/vuln/detail/CVE-2020-16194","quote","5.3","1.0.36","","","","2020A0000016194","True","Incorrect package: Issue concerns prestashop product: https://prestashop.com/, whereas, nixpkgs ""quote"" refers rust package 'quote': https://docs.rs/quote/latest/quote/.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-16194","https://nvd.nist.gov/vuln/detail/CVE-2020-16194","quote","5.3","1.0.35","","","","2020A0000016194","True","Incorrect package: Issue concerns prestashop product: https://prestashop.com/, whereas, nixpkgs ""quote"" refers rust package 'quote': https://docs.rs/quote/latest/quote/.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-13223","https://nvd.nist.gov/vuln/detail/CVE-2020-13223","vault","7.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2020A0000013223","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/91898 
-https://github.com/NixOS/nixpkgs/pull/92641"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-13223","https://nvd.nist.gov/vuln/detail/CVE-2020-13223","vault","7.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2020A0000013223","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/91898 
-https://github.com/NixOS/nixpkgs/pull/92641"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-11105","https://nvd.nist.gov/vuln/detail/CVE-2020-11105","cereal","9.8","0.5.8.3","0.5.8.3","0.5.8.3","haskell:cereal","2020A0000011105","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/121574 
-https://github.com/NixOS/nixpkgs/pull/84664"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-11104","https://nvd.nist.gov/vuln/detail/CVE-2020-11104","cereal","5.3","0.5.8.3","0.5.8.3","0.5.8.3","haskell:cereal","2020A0000011104","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-11021","https://nvd.nist.gov/vuln/detail/CVE-2020-11021","http-client","7.5","0.7.17","0.7.17","0.7.18","haskell:http-client","2020A0000011021","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-8284","https://nvd.nist.gov/vuln/detail/CVE-2020-8284","curl","3.7","0.4.46","","","","2020A0000008284","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/106452"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2020-2308","https://osv.dev/OSV-2020-2308","libheif","","1.18.2","1.18.2","1.19.5","libheif","2020A0000002308","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2020-2136","https://nvd.nist.gov/vuln/detail/CVE-2020-2136","git","5.4","2.47.0","2.47.0","2.47.1","git","2020A0000002136","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/82872 
-https://github.com/NixOS/nixpkgs/pull/84664"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2020-1420","https://osv.dev/OSV-2020-1420","libsass","","3.6.6","3.6.6","3.6.6","libsass","2020A0000001420","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","OSV-2020-862","https://osv.dev/OSV-2020-862","libsass","","3.6.6","3.6.6","3.6.6","libsass","2020A0000000862","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-1010258","https://nvd.nist.gov/vuln/detail/CVE-2019-1010258","nanosvg","6.5","0-unstable-2023-12-30","0-unstable-2023-12-30","20231202","nanosvg","2019A0001010258","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-1003010","https://nvd.nist.gov/vuln/detail/CVE-2019-1003010","git","4.3","2.47.0","","","","2019A0001003010","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-20633","https://nvd.nist.gov/vuln/detail/CVE-2019-20633","patch","5.5","2.7.6","","","","2019A0000020633","True","Upstream patch is not merged: https://savannah.gnu.org/bugs/index.php?56683. Not sure why this isn't fixed upstream. No point fixing this in nixpkgs as long as it is not fixed upstream.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-17178","https://nvd.nist.gov/vuln/detail/CVE-2019-17178","lodepng","7.5","3.10.1","","","","2019A0000017178","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14900","https://nvd.nist.gov/vuln/detail/CVE-2019-14900","fuse","6.5","3.16.2","","","","2019A0000014900","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14900","https://nvd.nist.gov/vuln/detail/CVE-2019-14900","fuse","6.5","2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9","","","","2019A0000014900","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14900","https://nvd.nist.gov/vuln/detail/CVE-2019-14900","fuse","6.5","2.9.9","","","","2019A0000014900","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14860","https://nvd.nist.gov/vuln/detail/CVE-2019-14860","fuse","6.5","3.16.2","","","","2019A0000014860","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14860","https://nvd.nist.gov/vuln/detail/CVE-2019-14860","fuse","6.5","2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9","","","","2019A0000014860","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14860","https://nvd.nist.gov/vuln/detail/CVE-2019-14860","fuse","6.5","2.9.9","","","","2019A0000014860","True","Incorrect package: Issue concerns redhat fuse (https://developers.redhat.com/products/fuse/overview) not libfuse https://github.com/libfuse/libfuse/ which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14587","https://nvd.nist.gov/vuln/detail/CVE-2019-14587","edk2","6.5","202411","","","","2019A0000014587","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14586","https://nvd.nist.gov/vuln/detail/CVE-2019-14586","edk2","8.0","202411","","","","2019A0000014586","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14575","https://nvd.nist.gov/vuln/detail/CVE-2019-14575","edk2","7.8","202411","","","","2019A0000014575","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14563","https://nvd.nist.gov/vuln/detail/CVE-2019-14563","edk2","7.8","202411","","","","2019A0000014563","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14562","https://nvd.nist.gov/vuln/detail/CVE-2019-14562","edk2","5.5","202411","","","","2019A0000014562","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14559","https://nvd.nist.gov/vuln/detail/CVE-2019-14559","edk2","7.5","202411","","","","2019A0000014559","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-14553","https://nvd.nist.gov/vuln/detail/CVE-2019-14553","edk2","4.9","202411","","","","2019A0000014553","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-12749","https://nvd.nist.gov/vuln/detail/CVE-2019-12749","dbus","7.1","1","","","","2019A0000012749","True","Fixed with https://github.com/NixOS/nixpkgs/pull/63021 (dbus version '1' in nixpkgs currently refers 1.14.8).","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-12749","https://nvd.nist.gov/vuln/detail/CVE-2019-12749","dbus","7.1","0.9.7","","","","2019A0000012749","True","Fixed with https://github.com/NixOS/nixpkgs/pull/63021 (dbus version '1' in nixpkgs currently refers 1.14.8).","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-12067","https://nvd.nist.gov/vuln/detail/CVE-2019-12067","qemu","6.5","9.1.2","","","","2019A0000012067","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-11644","https://nvd.nist.gov/vuln/detail/CVE-2019-11644","safe","7.8","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2019A0000011644","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-11644","https://nvd.nist.gov/vuln/detail/CVE-2019-11644","safe","7.8","0.3.21","0.3.21","0.3.21","haskell:safe","2019A0000011644","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-10010","https://nvd.nist.gov/vuln/detail/CVE-2019-10010","commonmark","6.1","0.2.6.1","0.2.6.1","0.2.6.1","haskell:commonmark","2019A0000010010","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-9674","https://nvd.nist.gov/vuln/detail/CVE-2019-9674","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2019A0000009674","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-6470","https://nvd.nist.gov/vuln/detail/CVE-2019-6470","bind","7.5","9.18.28","","","","2019A0000006470","True","Not valid: https://github.com/NixOS/nixpkgs/issues/73617#issuecomment-569491606.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-6293","https://nvd.nist.gov/vuln/detail/CVE-2019-6293","flex","5.5","2.6.4","","","","2019A0000006293","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2019-5443","https://nvd.nist.gov/vuln/detail/CVE-2019-5443","curl","7.8","0.4.46","","","","2019A0000005443","False","","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","RUSTSEC-2019-0006","https://osv.dev/RUSTSEC-2019-0006","ncurses","","6.4.20221231","6.4.20221231","6.5","ncurses","2019A0000000006","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-25032","https://nvd.nist.gov/vuln/detail/CVE-2018-25032","zlib","7.5","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2018A0000025032","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/165642 
-https://github.com/NixOS/nixpkgs/pull/166451 
-https://github.com/NixOS/nixpkgs/pull/167084 
-https://github.com/NixOS/nixpkgs/pull/205374"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-18438","https://nvd.nist.gov/vuln/detail/CVE-2018-18438","qemu","5.5","9.1.2","","","","2018A0000018438","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-14628","https://nvd.nist.gov/vuln/detail/CVE-2018-14628","samba","4.3","4.20.4","4.20.4","4.21.2","samba","2018A0000014628","False","","fix_not_available","https://github.com/NixOS/nixpkgs/pull/270419"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-13162","https://nvd.nist.gov/vuln/detail/CVE-2018-13162","alex","7.5","3.4.0.1","3.4.0.1","3.5.1.0","alex","2018A0000013162","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-7263","https://nvd.nist.gov/vuln/detail/CVE-2018-7263","libmad","9.8","0.15.1b","","","","2018A0000007263","True","Based on https://github.com/NixOS/nixpkgs/issues/57154, issue is fixed by https://github.com/NixOS/nixpkgs/commit/92edb0610923fab5a9dcc59b94652f1e8a5ea1ed.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-6553","https://nvd.nist.gov/vuln/detail/CVE-2018-6553","cups","8.8","2.4.11","","","","2018A0000006553","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2018-5996","https://nvd.nist.gov/vuln/detail/CVE-2018-5996","p7zip","7.8","17.05","17.05","17.05","p7zip","2018A0000005996","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2017-18589","https://nvd.nist.gov/vuln/detail/CVE-2017-18589","cookie","7.5","0.4.6","0.5.0","0.5.0","haskell:cookie","2017A0000018589","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2017-18207","https://nvd.nist.gov/vuln/detail/CVE-2017-18207","python","6.5","2.7.18.8","3.13.1","3.13.1","python","2017A0000018207","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2017-17969","https://nvd.nist.gov/vuln/detail/CVE-2017-17969","p7zip","7.8","17.05","17.05","17.05","p7zip","2017A0000017969","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2017-17522","https://nvd.nist.gov/vuln/detail/CVE-2017-17522","python","8.8","2.7.18.8","3.13.1","3.13.1","python","2017A0000017522","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2017-12652","https://nvd.nist.gov/vuln/detail/CVE-2017-12652","libpng","9.8","1.2.59","1.6.43","1.6.44","libpng","2017A0000012652","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253 
-https://github.com/NixOS/nixpkgs/pull/70286 
-https://github.com/NixOS/nixpkgs/pull/70423 
-https://github.com/NixOS/nixpkgs/pull/70425"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2017-5628","https://nvd.nist.gov/vuln/detail/CVE-2017-5628","mujs","7.8","1.3.5","","","","2017A0000005628","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2017-5627","https://nvd.nist.gov/vuln/detail/CVE-2017-5627","mujs","7.8","1.3.5","","","","2017A0000005627","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2017-5506","https://nvd.nist.gov/vuln/detail/CVE-2017-5506","imagemagick","7.8","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2017A0000005506","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2017-5436","https://nvd.nist.gov/vuln/detail/CVE-2017-5436","graphite2","8.8","1.3.14","","","","2017A0000005436","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-10141","https://nvd.nist.gov/vuln/detail/CVE-2016-10141","mujs","9.8","1.3.5","","","","2016A0000010141","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-10133","https://nvd.nist.gov/vuln/detail/CVE-2016-10133","mujs","9.8","1.3.5","","","","2016A0000010133","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-10132","https://nvd.nist.gov/vuln/detail/CVE-2016-10132","mujs","7.5","1.3.5","","","","2016A0000010132","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-10062","https://nvd.nist.gov/vuln/detail/CVE-2016-10062","imagemagick","5.5","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2016A0000010062","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-9294","https://nvd.nist.gov/vuln/detail/CVE-2016-9294","mujs","7.5","1.3.5","","","","2016A0000009294","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-9136","https://nvd.nist.gov/vuln/detail/CVE-2016-9136","mujs","7.5","1.3.5","","","","2016A0000009136","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-9109","https://nvd.nist.gov/vuln/detail/CVE-2016-9109","mujs","7.5","1.3.5","","","","2016A0000009109","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-9108","https://nvd.nist.gov/vuln/detail/CVE-2016-9108","mujs","7.5","1.3.5","","","","2016A0000009108","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-9017","https://nvd.nist.gov/vuln/detail/CVE-2016-9017","mujs","7.5","1.3.5","","","","2016A0000009017","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-7564","https://nvd.nist.gov/vuln/detail/CVE-2016-7564","mujs","7.5","1.3.5","","","","2016A0000007564","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-7563","https://nvd.nist.gov/vuln/detail/CVE-2016-7563","mujs","7.5","1.3.5","","","","2016A0000007563","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-7538","https://nvd.nist.gov/vuln/detail/CVE-2016-7538","imagemagick","6.5","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2016A0000007538","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-7506","https://nvd.nist.gov/vuln/detail/CVE-2016-7506","mujs","7.5","1.3.5","","","","2016A0000007506","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-7504","https://nvd.nist.gov/vuln/detail/CVE-2016-7504","mujs","9.8","1.3.5","","","","2016A0000007504","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-6131","https://nvd.nist.gov/vuln/detail/CVE-2016-6131","libiberty","7.5","13.3.0","","","","2016A0000006131","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-4493","https://nvd.nist.gov/vuln/detail/CVE-2016-4493","libiberty","5.5","13.3.0","","","","2016A0000004493","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-4492","https://nvd.nist.gov/vuln/detail/CVE-2016-4492","libiberty","4.4","13.3.0","","","","2016A0000004492","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-4491","https://nvd.nist.gov/vuln/detail/CVE-2016-4491","libiberty","5.5","13.3.0","","","","2016A0000004491","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-4490","https://nvd.nist.gov/vuln/detail/CVE-2016-4490","libiberty","5.5","13.3.0","","","","2016A0000004490","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-4489","https://nvd.nist.gov/vuln/detail/CVE-2016-4489","libiberty","5.5","13.3.0","","","","2016A0000004489","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-4488","https://nvd.nist.gov/vuln/detail/CVE-2016-4488","libiberty","5.5","13.3.0","","","","2016A0000004488","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-4487","https://nvd.nist.gov/vuln/detail/CVE-2016-4487","libiberty","5.5","13.3.0","","","","2016A0000004487","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-3751","https://nvd.nist.gov/vuln/detail/CVE-2016-3751","libpng","7.8","1.2.59","1.6.43","1.6.44","libpng","2016A0000003751","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-2781","https://nvd.nist.gov/vuln/detail/CVE-2016-2781","coreutils","6.5","9.5","","","","2016A0000002781","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2016-2226","https://nvd.nist.gov/vuln/detail/CVE-2016-2226","libiberty","7.8","13.3.0","","","","2016A0000002226","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2015-7777","https://nvd.nist.gov/vuln/detail/CVE-2015-7777","void","","0.7.3","0.7.3","0.7.3","haskell:void","2015A0000007777","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2015-7313","https://nvd.nist.gov/vuln/detail/CVE-2015-7313","libtiff","5.5","4.7.0","","","","2015A0000007313","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2015-5652","https://nvd.nist.gov/vuln/detail/CVE-2015-5652","python","","2.7.18.8","3.13.1","3.13.1","python","2015A0000005652","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2015-4156","https://nvd.nist.gov/vuln/detail/CVE-2015-4156","parallel","","3.2.2.0","3.2.2.0","3.2.2.0","haskell:parallel","2015A0000004156","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2015-4155","https://nvd.nist.gov/vuln/detail/CVE-2015-4155","parallel","","3.2.2.0","3.2.2.0","3.2.2.0","haskell:parallel","2015A0000004155","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2015-0973","https://nvd.nist.gov/vuln/detail/CVE-2015-0973","libpng","","1.2.59","1.6.43","1.6.44","libpng","2015A0000000973","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2014-9826","https://nvd.nist.gov/vuln/detail/CVE-2014-9826","imagemagick","9.8","7.1.1-40","7.1.1-40","7.1.1.41","imagemagick","2014A0000009826","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2014-9495","https://nvd.nist.gov/vuln/detail/CVE-2014-9495","libpng","","1.2.59","1.6.43","1.6.44","libpng","2014A0000009495","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2014-4860","https://nvd.nist.gov/vuln/detail/CVE-2014-4860","edk2","6.8","202411","","","","2014A0000004860","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2014-4859","https://nvd.nist.gov/vuln/detail/CVE-2014-4859","edk2","6.8","202411","","","","2014A0000004859","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2014-2525","https://nvd.nist.gov/vuln/detail/CVE-2014-2525","libyaml","","0.1.4","0.1.4","0.1.4","haskell:libyaml","2014A0000002525","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2013-7354","https://nvd.nist.gov/vuln/detail/CVE-2013-7354","libpng","","1.2.59","1.6.43","1.6.44","libpng","2013A0000007354","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2013-7353","https://nvd.nist.gov/vuln/detail/CVE-2013-7353","libpng","","1.2.59","1.6.43","1.6.44","libpng","2013A0000007353","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2013-6954","https://nvd.nist.gov/vuln/detail/CVE-2013-6954","libpng","","1.2.59","1.6.43","1.6.44","libpng","2013A0000006954","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2013-6393","https://nvd.nist.gov/vuln/detail/CVE-2013-6393","libyaml","","0.1.4","0.1.4","0.1.4","haskell:libyaml","2013A0000006393","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2012-3509","https://nvd.nist.gov/vuln/detail/CVE-2012-3509","libiberty","","13.3.0","","","","2012A0000003509","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2011-3045","https://nvd.nist.gov/vuln/detail/CVE-2011-3045","libpng","","1.2.59","1.6.43","1.6.44","libpng","2011A0000003045","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/286253"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2011-2411","https://nvd.nist.gov/vuln/detail/CVE-2011-2411","samba","","4.20.4","4.20.4","4.21.2","samba","2011A0000002411","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2010-4226","https://nvd.nist.gov/vuln/detail/CVE-2010-4226","cpio","","2.15","","","","2010A0000004226","True","NVD data issue: concerns OpenSuSE, not cpio.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2007-4559","https://nvd.nist.gov/vuln/detail/CVE-2007-4559","python","","2.7.18.8","3.13.1","3.13.1","python","2007A0000004559","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
-https://github.com/NixOS/nixpkgs/pull/363310"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2002-0059","https://nvd.nist.gov/vuln/detail/CVE-2002-0059","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2002A0000000059","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-1999-0475","https://nvd.nist.gov/vuln/detail/CVE-1999-0475","procmail","","3.24","3.24","3.24","procmail","1999A0000000475","False","","fix_not_available",""
diff --git a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md
index 4d50c83..0d95e0d 100644
--- a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md
+++ b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md
@@ -27,7 +27,8 @@ Following table lists vulnerabilities that have been fixed in the nixpkgs channe
 
 Update the target Ghaf [flake.lock](https://github.com/tiiuae/ghaf/blob/main/flake.lock) file to mitigate the following issues:
 
-```No vulnerabilities```
+```Error evaluating 'packages.x86_64-linux.lenovo-x1-carbon-gen11-debug' on lock_updated```<br /><br />
+For more details, see: https://github.com/tiiuae/ghafscan/actions
 
 ## Vulnerabilities Fixed in nix-unstable
 
@@ -37,7 +38,8 @@ Following issues potentially require backporting the fix from nixpkgs-unstable t
 
 Consider [whitelisting](../../manual_analysis.csv) possible false positives based on manual analysis, or - if determined valid - help nixpkgs community backport the fix to the correct nixpkgs branch:
 
-```No vulnerabilities```
+```Error evaluating 'packages.x86_64-linux.lenovo-x1-carbon-gen11-debug' on lock_updated```<br /><br />
+For more details, see: https://github.com/tiiuae/ghafscan/actions
 
 
 ## New Vulnerabilities Since Last Run
@@ -46,11 +48,7 @@ Following table lists vulnerabilities currently impacting the Ghaf target that h
 
 Consider [whitelisting](../../manual_analysis.csv) possible false positives based on manual analysis, or - if determined valid - help nixpkgs community fix the following issues in nixpkgs:
 
-
-| vuln_id                                                           | package   |   severity | version_local   | nix_unstable   | upstream   | comment   |
-|-------------------------------------------------------------------|-----------|------------|-----------------|----------------|------------|-----------|
-| [CVE-2024-47537](https://nvd.nist.gov/vuln/detail/CVE-2024-47537) | gstreamer |        9.8 | 1.24.7          | 1.24.7         | 1.24.10    |           |
-
+```No vulnerabilities```
 
 
 ## All Vulnerabilities Impacting Ghaf
@@ -475,13 +473,10 @@ Following table lists vulnerabilities that would otherwise have been included to
 | [CVE-2021-23169](https://nvd.nist.gov/vuln/detail/CVE-2021-23169)     | openexr    | 8.8        | 2.5.10           | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7.                                                                                                                                                                                                                                                                                               |
 | [CVE-2018-6553](https://nvd.nist.gov/vuln/detail/CVE-2018-6553)       | cups       | 8.8        | 2.4.11           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2017-5436](https://nvd.nist.gov/vuln/detail/CVE-2017-5436)       | graphite2  | 8.8        | 1.3.14           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
-| [CVE-2019-14586](https://nvd.nist.gov/vuln/detail/CVE-2019-14586)     | edk2       | 8.0        | 202411           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-14586](https://nvd.nist.gov/vuln/detail/CVE-2019-14586)     | edk2       | 8.0        | 202408.01        | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2021-30499](https://nvd.nist.gov/vuln/detail/CVE-2021-30499)     | libcaca    | 7.8        | 0.99.beta20      | NVD data issue: CPE entry does not correctly state the version numbers. Issue is fixed in v0.99.beta20: [link](https://github.com/cacalabs/libcaca/releases/tag/v0.99.beta20).                                                                                                                                                                                                                                                                                          |
 | [CVE-2021-26720](https://nvd.nist.gov/vuln/detail/CVE-2021-26720)     | avahi      | 7.8        | 0.8              | False positive: issue refers avahi-daemon-check-dns.sh in the Debian avahi package. As such, the issue is specific to Debian and its derivatives.                                                                                                                                                                                                                                                                                                                       |
-| [CVE-2019-14575](https://nvd.nist.gov/vuln/detail/CVE-2019-14575)     | edk2       | 7.8        | 202411           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-14575](https://nvd.nist.gov/vuln/detail/CVE-2019-14575)     | edk2       | 7.8        | 202408.01        | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
-| [CVE-2019-14563](https://nvd.nist.gov/vuln/detail/CVE-2019-14563)     | edk2       | 7.8        | 202411           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-14563](https://nvd.nist.gov/vuln/detail/CVE-2019-14563)     | edk2       | 7.8        | 202408.01        | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2017-5628](https://nvd.nist.gov/vuln/detail/CVE-2017-5628)       | mujs       | 7.8        | 1.3.5            | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2017-5627](https://nvd.nist.gov/vuln/detail/CVE-2017-5627)       | mujs       | 7.8        | 1.3.5            | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
@@ -489,7 +484,6 @@ Following table lists vulnerabilities that would otherwise have been included to
 | [CVE-2022-36883](https://nvd.nist.gov/vuln/detail/CVE-2022-36883)     | git        | 7.5        | 2.47.0           | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
 | [CVE-2022-30947](https://nvd.nist.gov/vuln/detail/CVE-2022-30947)     | git        | 7.5        | 2.47.0           | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
 | [CVE-2021-33506](https://nvd.nist.gov/vuln/detail/CVE-2021-33506)     | jitsi-meet | 7.5        | 1.0.8043         | Fixed in nixpkgs as mentioned in [link](https://github.com/NixOS/nixpkgs/issues/132134#issuecomment-890319135).                                                                                                                                                                                                                                                                                                                                                         |
-| [CVE-2019-14559](https://nvd.nist.gov/vuln/detail/CVE-2019-14559)     | edk2       | 7.5        | 202411           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-14559](https://nvd.nist.gov/vuln/detail/CVE-2019-14559)     | edk2       | 7.5        | 202408.01        | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-6470](https://nvd.nist.gov/vuln/detail/CVE-2019-6470)       | bind       | 7.5        | 9.18.28          | Not valid: [link](https://github.com/NixOS/nixpkgs/issues/73617#issuecomment-569491606).                                                                                                                                                                                                                                                                                                                                                                                |
 | [CVE-2016-10132](https://nvd.nist.gov/vuln/detail/CVE-2016-10132)     | mujs       | 7.5        | 1.3.5            | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
@@ -504,9 +498,7 @@ Following table lists vulnerabilities that would otherwise have been included to
 | [CVE-2016-6131](https://nvd.nist.gov/vuln/detail/CVE-2016-6131)       | libiberty  | 7.5        | 13.3.0           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-12749](https://nvd.nist.gov/vuln/detail/CVE-2019-12749)     | dbus       | 7.1        | 1                | Fixed with [link](https://github.com/NixOS/nixpkgs/pull/63021) (dbus version '1' in nixpkgs currently refers 1.14.8).                                                                                                                                                                                                                                                                                                                                                   |
 | [CVE-2019-12749](https://nvd.nist.gov/vuln/detail/CVE-2019-12749)     | dbus       | 7.1        | 0.9.7            | Fixed with [link](https://github.com/NixOS/nixpkgs/pull/63021) (dbus version '1' in nixpkgs currently refers 1.14.8).                                                                                                                                                                                                                                                                                                                                                   |
-| [CVE-2014-4860](https://nvd.nist.gov/vuln/detail/CVE-2014-4860)       | edk2       | 6.8        | 202411           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2014-4860](https://nvd.nist.gov/vuln/detail/CVE-2014-4860)       | edk2       | 6.8        | 202408.01        | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
-| [CVE-2014-4859](https://nvd.nist.gov/vuln/detail/CVE-2014-4859)       | edk2       | 6.8        | 202411           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2014-4859](https://nvd.nist.gov/vuln/detail/CVE-2014-4859)       | edk2       | 6.8        | 202408.01        | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2022-26691](https://nvd.nist.gov/vuln/detail/CVE-2022-26691)     | cups       | 6.7        | 2.4.11           | Fixed in nixpkgs with PR: [link](https://github.com/NixOS/nixpkgs/pull/174898).                                                                                                                                                                                                                                                                                                                                                                                         |
 | [CVE-2022-38663](https://nvd.nist.gov/vuln/detail/CVE-2022-38663)     | git        | 6.5        | 2.47.0           | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
@@ -519,9 +511,7 @@ Following table lists vulnerabilities that would otherwise have been included to
 | [CVE-2019-14860](https://nvd.nist.gov/vuln/detail/CVE-2019-14860)     | fuse       | 6.5        | 3.16.2           | Incorrect package: Issue concerns redhat fuse ([link](https://developers.redhat.com/products/fuse/overview)) not libfuse [link](https://github.com/libfuse/libfuse/) which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.                                                                                                                       |
 | [CVE-2019-14860](https://nvd.nist.gov/vuln/detail/CVE-2019-14860)     | fuse       | 6.5        | 2.9.9-closefrom- | Incorrect package: Issue concerns redhat fuse ([link](https://developers.redhat.com/products/fuse/overview)) not libfuse [link](https://github.com/libfuse/libfuse/) which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.                                                                                                                       |
 | [CVE-2019-14860](https://nvd.nist.gov/vuln/detail/CVE-2019-14860)     | fuse       | 6.5        | 2.9.9            | Incorrect package: Issue concerns redhat fuse ([link](https://developers.redhat.com/products/fuse/overview)) not libfuse [link](https://github.com/libfuse/libfuse/) which is what 'fuse' package in nixpkgs refers. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives.                                                                                                                       |
-| [CVE-2019-14587](https://nvd.nist.gov/vuln/detail/CVE-2019-14587)     | edk2       | 6.5        | 202411           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-14587](https://nvd.nist.gov/vuln/detail/CVE-2019-14587)     | edk2       | 6.5        | 202408.01        | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
-| [CVE-2019-12067](https://nvd.nist.gov/vuln/detail/CVE-2019-12067)     | qemu       | 6.5        | 9.1.2            | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-12067](https://nvd.nist.gov/vuln/detail/CVE-2019-12067)     | qemu       | 6.5        | 9.1.1            | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2016-2781](https://nvd.nist.gov/vuln/detail/CVE-2016-2781)       | coreutils  | 6.5        | 9.5              | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2021-39205](https://nvd.nist.gov/vuln/detail/CVE-2021-39205)     | jitsi-meet | 6.1        | 1.0.8043         | Does not impact the version in nixpkgs as mentioned in [link](https://github.com/NixOS/nixpkgs/issues/142979#issuecomment-964291845).                                                                                                                                                                                                                                                                                                                                   |
@@ -548,15 +538,12 @@ Following table lists vulnerabilities that would otherwise have been included to
 | [CVE-2021-26945](https://nvd.nist.gov/vuln/detail/CVE-2021-26945)     | openexr    | 5.5        | 2.5.10           | Fix patch [link](https://github.com/AcademySoftwareFoundation/openexr/pull/930/commits/b73ec53bd24ba116d7bf48ebdc868301c596706e) modifies a file that is not available in openexr 2. Thus, the fix doesn't apply to 2.5.8.                                                                                                                                                                                                                                              |
 | [CVE-2021-26260](https://nvd.nist.gov/vuln/detail/CVE-2021-26260)     | openexr    | 5.5        | 2.5.10           | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d) which went to 2.5.5.                                                                                                                                                                                                                                                         |
 | [CVE-2021-23215](https://nvd.nist.gov/vuln/detail/CVE-2021-23215)     | openexr    | 5.5        | 2.5.10           | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d) which went to 2.5.5.                                                                                                                                                                                                                                                         |
-| [CVE-2021-20255](https://nvd.nist.gov/vuln/detail/CVE-2021-20255)     | qemu       | 5.5        | 9.1.2            | Upstream patch not merged: [link](https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html). No point fixing this in nixpkgs as long as it is not fixed upstream.                                                                                                                                                                                                                                                                                            |
 | [CVE-2021-20255](https://nvd.nist.gov/vuln/detail/CVE-2021-20255)     | qemu       | 5.5        | 9.1.1            | Upstream patch not merged: [link](https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html). No point fixing this in nixpkgs as long as it is not fixed upstream.                                                                                                                                                                                                                                                                                            |
 | [CVE-2021-3605](https://nvd.nist.gov/vuln/detail/CVE-2021-3605)       | openexr    | 5.5        | 2.5.10           | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7.                                                                                                                                                                                                                                                                                               |
 | [CVE-2021-3598](https://nvd.nist.gov/vuln/detail/CVE-2021-3598)       | openexr    | 5.5        | 2.5.10           | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7.                                                                                                                                                                                                                                                                                               |
 | [CVE-2019-20633](https://nvd.nist.gov/vuln/detail/CVE-2019-20633)     | patch      | 5.5        | 2.7.6            | Upstream patch is not merged: [link](https://savannah.gnu.org/bugs/index.php?56683). Not sure why this isn't fixed upstream. No point fixing this in nixpkgs as long as it is not fixed upstream.                                                                                                                                                                                                                                                                       |
-| [CVE-2019-14562](https://nvd.nist.gov/vuln/detail/CVE-2019-14562)     | edk2       | 5.5        | 202411           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-14562](https://nvd.nist.gov/vuln/detail/CVE-2019-14562)     | edk2       | 5.5        | 202408.01        | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-6293](https://nvd.nist.gov/vuln/detail/CVE-2019-6293)       | flex       | 5.5        | 2.6.4            | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
-| [CVE-2018-18438](https://nvd.nist.gov/vuln/detail/CVE-2018-18438)     | qemu       | 5.5        | 9.1.2            | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2018-18438](https://nvd.nist.gov/vuln/detail/CVE-2018-18438)     | qemu       | 5.5        | 9.1.1            | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2016-4493](https://nvd.nist.gov/vuln/detail/CVE-2016-4493)       | libiberty  | 5.5        | 13.3.0           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2016-4491](https://nvd.nist.gov/vuln/detail/CVE-2016-4491)       | libiberty  | 5.5        | 13.3.0           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
@@ -569,7 +556,6 @@ Following table lists vulnerabilities that would otherwise have been included to
 | [CVE-2020-16194](https://nvd.nist.gov/vuln/detail/CVE-2020-16194)     | quote      | 5.3        | 1.0.37           | Incorrect package: Issue concerns prestashop product: [link](https://prestashop.com/), whereas, nixpkgs "quote" refers rust package 'quote': [link](https://docs.rs/quote/latest/quote/).                                                                                                                                                                                                                                                                               |
 | [CVE-2020-16194](https://nvd.nist.gov/vuln/detail/CVE-2020-16194)     | quote      | 5.3        | 1.0.36           | Incorrect package: Issue concerns prestashop product: [link](https://prestashop.com/), whereas, nixpkgs "quote" refers rust package 'quote': [link](https://docs.rs/quote/latest/quote/).                                                                                                                                                                                                                                                                               |
 | [CVE-2020-16194](https://nvd.nist.gov/vuln/detail/CVE-2020-16194)     | quote      | 5.3        | 1.0.35           | Incorrect package: Issue concerns prestashop product: [link](https://prestashop.com/), whereas, nixpkgs "quote" refers rust package 'quote': [link](https://docs.rs/quote/latest/quote/).                                                                                                                                                                                                                                                                               |
-| [CVE-2019-14553](https://nvd.nist.gov/vuln/detail/CVE-2019-14553)     | edk2       | 4.9        | 202411           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-14553](https://nvd.nist.gov/vuln/detail/CVE-2019-14553)     | edk2       | 4.9        | 202408.01        | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2016-4492](https://nvd.nist.gov/vuln/detail/CVE-2016-4492)       | libiberty  | 4.4        | 13.3.0           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
 | [CVE-2019-1003010](https://nvd.nist.gov/vuln/detail/CVE-2019-1003010) | git        | 4.3        | 2.47.0           | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
@@ -578,7 +564,6 @@ Following table lists vulnerabilities that would otherwise have been included to
 | [GHSA-6898-wx94-8jq8](https://osv.dev/GHSA-6898-wx94-8jq8)            | libnotify  |            | 0.8.3            | Incorrect package: Issue refers node-libnotify [link](https://github.com/mytrile/node-libnotify), whereas nixpkgs refers gnome-libnotify [link](https://gitlab.gnome.org/GNOME/libnotify).                                                                                                                                                                                                                                                                              |
 | [OSV-2023-137](https://osv.dev/OSV-2023-137)                          | harfbuzz   |            | 10.0.1           | Based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56510#c2), the issue is fixed in range [link](https://github.com/harfbuzz/harfbuzz/compare/67e01c1292821e7b6fc2ab13acddb84ab41b2187...60841e26187576bff477c1a09ee2ffe544844abc) all of which have been merged in 7.1.0.                                                                                                                                                                           |
 | [MAL-2022-4301](https://osv.dev/MAL-2022-4301)                        | libidn2    |            | 2.3.7            | Incorrect package: Issue refers npm libidn2, whereas, nixpkgs refers libidn2 [link](https://gitlab.com/libidn/libidn2).                                                                                                                                                                                                                                                                                                                                                 |
-| [OSV-2021-820](https://osv.dev/OSV-2021-820)                          | qemu       |            | 9.1.2            | Fixed based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2).                                                                                                                                                                                                                                                                                                                                                                                  |
 | [OSV-2021-820](https://osv.dev/OSV-2021-820)                          | qemu       |            | 9.1.1            | Fixed based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2).                                                                                                                                                                                                                                                                                                                                                                                  |
 | [OSV-2021-777](https://osv.dev/OSV-2021-777)                          | libxml2    |            | 2.13.4           | Fixed by [link](https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f5ccada05ddd4a1ff8e399ad39fc7cd4bd33325), which went to 2.9.13. Therefore, this issue is fixed in 2.10.4.                                                                                                                                                                                                                                                                                              |
 | [CVE-2012-3509](https://nvd.nist.gov/vuln/detail/CVE-2012-3509)       | libiberty  |            | 13.3.0           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |