Skip to content

Commit

Permalink
Automatic vulnerability report update
Browse files Browse the repository at this point in the history
  • Loading branch information
@henrirosten @github-actions
henrirosten authored and github-actions[bot] committed Jan 11, 2025
1 parent d0cb29c commit 8fc0384
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 5 deletions.
3 changes: 2 additions & 1 deletion reports/main/data.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,7 @@ https://github.com/NixOS/nixpkgs/pull/239571"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1344","https://osv.dev/OSV-2023-1344","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001344","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1329","https://osv.dev/OSV-2023-1329","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001329","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1307","https://osv.dev/OSV-2023-1307","libbpf","","1.4.7","1.4.7","1.5.0","libbpf","2023A0000001307","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1170","https://osv.dev/OSV-2023-1170","vulkan-loader","","1.3.296.0","1.3.296.0","1.4.304","vulkan-loader","2023A0000001170","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1129","https://osv.dev/OSV-2023-1129","libheif","","1.18.2","1.18.2","1.19.5","libheif","2023A0000001129","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-877","https://osv.dev/OSV-2023-877","libbpf","","1.4.7","1.4.7","1.5.0","libbpf","2023A0000000877","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-862","https://osv.dev/OSV-2023-862","gstreamer","","1.24.7","1.24.10","1.24.11","gstreamer","2023A0000000862","False","","err_not_vulnerable_based_on_repology",""
Expand Down Expand Up @@ -494,7 +495,7 @@ https://github.com/NixOS/nixpkgs/pull/84664"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-11021","https://nvd.nist.gov/vuln/detail/CVE-2020-11021","http-client","7.5","0.7.17","0.7.17","0.7.18","haskell:http-client","2020A0000011021","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-8284","https://nvd.nist.gov/vuln/detail/CVE-2020-8284","curl","3.7","0.4.46","","","","2020A0000008284","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/106452"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2020-2308","https://osv.dev/OSV-2020-2308","libheif","","1.18.2","1.18.2","1.19.5","libheif","2020A0000002308","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-2136","https://nvd.nist.gov/vuln/detail/CVE-2020-2136","git","5.4","2.47.0","2.47.0","2.47.1","git","2020A0000002136","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/82872
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-2136","https://nvd.nist.gov/vuln/detail/CVE-2020-2136","git","5.4","2.47.0","2.47.0","2.48.0","git","2020A0000002136","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/82872
https://github.com/NixOS/nixpkgs/pull/84664"
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2020-1420","https://osv.dev/OSV-2020-1420","libsass","","3.6.6","3.6.6","3.6.6","libsass","2020A0000001420","False","","err_not_vulnerable_based_on_repology",""
"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2020-862","https://osv.dev/OSV-2020-862","libsass","","3.6.6","3.6.6","3.6.6","libsass","2020A0000000862","False","","err_not_vulnerable_based_on_repology",""
Expand Down
9 changes: 5 additions & 4 deletions reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,9 @@ Following table lists vulnerabilities currently impacting the Ghaf target that h
Consider [whitelisting](../../manual_analysis.csv) possible false positives based on manual analysis, or - if determined valid - help nixpkgs community fix the following issues in nixpkgs:


| vuln_id | package | severity | version_local | nix_unstable | upstream | comment |
|------------------------------------------------|-----------|------------|-----------------|----------------|------------|-----------|
| [OSV-2022-1108](https://osv.dev/OSV-2022-1108) | ruby | | 3.3.5 | 3.4.1 | 3.4.1 | |
| vuln_id | package | severity | version_local | nix_unstable | upstream | comment |
|------------------------------------------------|---------------|------------|-----------------|----------------|------------|-----------|
| [OSV-2023-1170](https://osv.dev/OSV-2023-1170) | vulkan-loader | | 1.3.296.0 | 1.3.296.0 | 1.4.304 | |



Expand Down Expand Up @@ -289,7 +289,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base
| [CVE-2022-47524](https://nvd.nist.gov/vuln/detail/CVE-2022-47524) | safe | 5.4 | 0.3.21 | 0.3.21 | 0.3.21 | |
| [CVE-2021-41802](https://nvd.nist.gov/vuln/detail/CVE-2021-41802) | vault | 5.4 | 0.3.1.5-r8.cabal | 0.3.1.5 | 0.3.1.5 | |
| [CVE-2021-41802](https://nvd.nist.gov/vuln/detail/CVE-2021-41802) | vault | 5.4 | 0.3.1.5 | 0.3.1.5 | 0.3.1.5 | |
| [CVE-2020-2136](https://nvd.nist.gov/vuln/detail/CVE-2020-2136) | git | 5.4 | 2.47.0 | 2.47.0 | 2.47.1 | *[[PR](https://github.com/NixOS/nixpkgs/pull/82872), [PR](https://github.com/NixOS/nixpkgs/pull/84664)]* |
| [CVE-2020-2136](https://nvd.nist.gov/vuln/detail/CVE-2020-2136) | git | 5.4 | 2.47.0 | 2.47.0 | 2.48.0 | *[[PR](https://github.com/NixOS/nixpkgs/pull/82872), [PR](https://github.com/NixOS/nixpkgs/pull/84664)]* |
| [CVE-2023-40217](https://nvd.nist.gov/vuln/detail/CVE-2023-40217) | python | 5.3 | 2.7.18.8 | 3.13.1 | 3.13.1 | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]* |
| [CVE-2023-33955](https://nvd.nist.gov/vuln/detail/CVE-2023-33955) | console | 5.3 | 0.15.8 | 0.1.0-unstable-2 | | |
| [CVE-2023-27043](https://nvd.nist.gov/vuln/detail/CVE-2023-27043) | python | 5.3 | 2.7.18.8 | 3.13.1 | 3.13.1 | *[[PR](https://github.com/NixOS/nixpkgs/pull/243074), [PR](https://github.com/NixOS/nixpkgs/pull/349408)]* |
Expand Down Expand Up @@ -380,6 +380,7 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base
| [OSV-2023-1344](https://osv.dev/OSV-2023-1344) | jq | | 1.7.1 | 1.7.1 | 1.7.1 | |
| [OSV-2023-1329](https://osv.dev/OSV-2023-1329) | jq | | 1.7.1 | 1.7.1 | 1.7.1 | |
| [OSV-2023-1307](https://osv.dev/OSV-2023-1307) | libbpf | | 1.4.7 | 1.4.7 | 1.5.0 | |
| [OSV-2023-1170](https://osv.dev/OSV-2023-1170) | vulkan-loader | | 1.3.296.0 | 1.3.296.0 | 1.4.304 | |
| [OSV-2023-1129](https://osv.dev/OSV-2023-1129) | libheif | | 1.18.2 | 1.18.2 | 1.19.5 | |
| [OSV-2023-877](https://osv.dev/OSV-2023-877) | libbpf | | 1.4.7 | 1.4.7 | 1.5.0 | |
| [OSV-2023-862](https://osv.dev/OSV-2023-862) | gstreamer | | 1.24.7 | 1.24.10 | 1.24.11 | |
Expand Down

0 comments on commit 8fc0384

Please sign in to comment.