From bc08857eea1eaac2d68f4ad969f0d4cd69d21888 Mon Sep 17 00:00:00 2001 From: henrirosten Date: Sun, 15 Dec 2024 03:56:45 +0000 Subject: [PATCH] Automatic vulnerability report update --- reports/main/data.csv | 15 ++++++--------- ...s.x86_64-linux.lenovo-x1-carbon-gen11-debug.md | 12 ++++++++---- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/reports/main/data.csv b/reports/main/data.csv index 2ad234a..d5b2b9b 100644 --- a/reports/main/data.csv +++ b/reports/main/data.csv @@ -4,6 +4,8 @@ "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-50613","https://nvd.nist.gov/vuln/detail/CVE-2024-50613","libsndfile","6.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050613","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-50612","https://nvd.nist.gov/vuln/detail/CVE-2024-50612","libsndfile","5.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050612","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-50602","https://nvd.nist.gov/vuln/detail/CVE-2024-50602","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2024A0000050602","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/354155" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47542","https://nvd.nist.gov/vuln/detail/CVE-2024-47542","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047542","False","","fix_update_to_version_upstream","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47541","https://nvd.nist.gov/vuln/detail/CVE-2024-47541","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047541","False","","fix_update_to_version_upstream","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-24790","https://nvd.nist.gov/vuln/detail/CVE-2024-24790","go","9.8","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2024A0000024790","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/319485 https://github.com/NixOS/nixpkgs/pull/331906 https://github.com/NixOS/nixpkgs/pull/354124 @@ -229,11 +231,8 @@ https://github.com/NixOS/nixpkgs/pull/356664" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38164","https://nvd.nist.gov/vuln/detail/CVE-2022-38164","safe","6.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038164","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38023","https://nvd.nist.gov/vuln/detail/CVE-2022-38023","samba","","4.20.4","4.20.4","4.21.2","samba","2022A0000038023","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38023","https://nvd.nist.gov/vuln/detail/CVE-2022-38023","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000038023","False","","fix_not_available","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-37967","https://nvd.nist.gov/vuln/detail/CVE-2022-37967","samba","","4.20.4","4.20.4","4.21.2","samba","2022A0000037967","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-37967","https://nvd.nist.gov/vuln/detail/CVE-2022-37967","samba","7.2","4.20.4","4.20.4","4.21.2","samba","2022A0000037967","False","","fix_not_available","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-37966","https://nvd.nist.gov/vuln/detail/CVE-2022-37966","samba","","4.20.4","4.20.4","4.21.2","samba","2022A0000037966","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-37966","https://nvd.nist.gov/vuln/detail/CVE-2022-37966","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000037966","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-37434","https://nvd.nist.gov/vuln/detail/CVE-2022-37434","zlib","9.8","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2022A0000037434","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/185554 https://github.com/NixOS/nixpkgs/pull/185613 @@ -581,6 +580,8 @@ https://github.com/NixOS/nixpkgs/pull/363310" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-50613","https://nvd.nist.gov/vuln/detail/CVE-2024-50613","libsndfile","6.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050613","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-50612","https://nvd.nist.gov/vuln/detail/CVE-2024-50612","libsndfile","5.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050612","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-50602","https://nvd.nist.gov/vuln/detail/CVE-2024-50602","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2024A0000050602","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/354155" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47542","https://nvd.nist.gov/vuln/detail/CVE-2024-47542","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047542","False","","fix_update_to_version_upstream","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-47541","https://nvd.nist.gov/vuln/detail/CVE-2024-47541","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047541","False","","fix_update_to_version_upstream","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2024-24790","https://nvd.nist.gov/vuln/detail/CVE-2024-24790","go","9.8","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2024A0000024790","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/319485 https://github.com/NixOS/nixpkgs/pull/331906 https://github.com/NixOS/nixpkgs/pull/354124 @@ -806,11 +807,8 @@ https://github.com/NixOS/nixpkgs/pull/356664" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38164","https://nvd.nist.gov/vuln/detail/CVE-2022-38164","safe","6.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038164","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38023","https://nvd.nist.gov/vuln/detail/CVE-2022-38023","samba","","4.20.4","4.20.4","4.21.2","samba","2022A0000038023","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-38023","https://nvd.nist.gov/vuln/detail/CVE-2022-38023","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000038023","False","","fix_not_available","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37967","https://nvd.nist.gov/vuln/detail/CVE-2022-37967","samba","","4.20.4","4.20.4","4.21.2","samba","2022A0000037967","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37967","https://nvd.nist.gov/vuln/detail/CVE-2022-37967","samba","7.2","4.20.4","4.20.4","4.21.2","samba","2022A0000037967","False","","fix_not_available","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37966","https://nvd.nist.gov/vuln/detail/CVE-2022-37966","samba","","4.20.4","4.20.4","4.21.2","samba","2022A0000037966","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37966","https://nvd.nist.gov/vuln/detail/CVE-2022-37966","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000037966","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","lock_updated","CVE-2022-37434","https://nvd.nist.gov/vuln/detail/CVE-2022-37434","zlib","9.8","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2022A0000037434","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/185554 https://github.com/NixOS/nixpkgs/pull/185613 @@ -1158,6 +1156,8 @@ https://github.com/NixOS/nixpkgs/pull/363310" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-50613","https://nvd.nist.gov/vuln/detail/CVE-2024-50613","libsndfile","6.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050613","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-50612","https://nvd.nist.gov/vuln/detail/CVE-2024-50612","libsndfile","5.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050612","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-50602","https://nvd.nist.gov/vuln/detail/CVE-2024-50602","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2024A0000050602","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/354155" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47542","https://nvd.nist.gov/vuln/detail/CVE-2024-47542","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047542","False","","fix_update_to_version_upstream","" +"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-47541","https://nvd.nist.gov/vuln/detail/CVE-2024-47541","gstreamer","7.5","1.24.7","1.24.7","1.24.10","gstreamer","2024A0000047541","False","","fix_update_to_version_upstream","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2024-24790","https://nvd.nist.gov/vuln/detail/CVE-2024-24790","go","9.8","1.21.0-linux-amd64-bootstrap","1.23.3","1.23.4","go","2024A0000024790","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/319485 https://github.com/NixOS/nixpkgs/pull/331906 https://github.com/NixOS/nixpkgs/pull/354124 @@ -1383,11 +1383,8 @@ https://github.com/NixOS/nixpkgs/pull/356664" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38164","https://nvd.nist.gov/vuln/detail/CVE-2022-38164","safe","6.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038164","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38023","https://nvd.nist.gov/vuln/detail/CVE-2022-38023","samba","","4.20.4","4.20.4","4.21.2","samba","2022A0000038023","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-38023","https://nvd.nist.gov/vuln/detail/CVE-2022-38023","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000038023","False","","fix_not_available","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37967","https://nvd.nist.gov/vuln/detail/CVE-2022-37967","samba","","4.20.4","4.20.4","4.21.2","samba","2022A0000037967","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37967","https://nvd.nist.gov/vuln/detail/CVE-2022-37967","samba","7.2","4.20.4","4.20.4","4.21.2","samba","2022A0000037967","False","","fix_not_available","" -"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37966","https://nvd.nist.gov/vuln/detail/CVE-2022-37966","samba","","4.20.4","4.20.4","4.21.2","samba","2022A0000037966","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37966","https://nvd.nist.gov/vuln/detail/CVE-2022-37966","samba","8.1","4.20.4","4.20.4","4.21.2","samba","2022A0000037966","False","","fix_not_available","" "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","nix_unstable","CVE-2022-37434","https://nvd.nist.gov/vuln/detail/CVE-2022-37434","zlib","9.8","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2022A0000037434","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/185554 https://github.com/NixOS/nixpkgs/pull/185613 diff --git a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md index bebf6e4..f7fe337 100644 --- a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md +++ b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md @@ -46,7 +46,12 @@ Following table lists vulnerabilities currently impacting the Ghaf target that h Consider [whitelisting](../../manual_analysis.csv) possible false positives based on manual analysis, or - if determined valid - help nixpkgs community fix the following issues in nixpkgs: -```No vulnerabilities``` + +| vuln_id | package | severity | version_local | nix_unstable | upstream | comment | +|-------------------------------------------------------------------|-----------|------------|-----------------|----------------|------------|-----------| +| [CVE-2024-47542](https://nvd.nist.gov/vuln/detail/CVE-2024-47542) | gstreamer | 7.5 | 1.24.7 | 1.24.7 | 1.24.10 | | +| [CVE-2024-47541](https://nvd.nist.gov/vuln/detail/CVE-2024-47541) | gstreamer | 7.5 | 1.24.7 | 1.24.7 | 1.24.10 | | + ## All Vulnerabilities Impacting Ghaf @@ -136,6 +141,8 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [CVE-2017-17969](https://nvd.nist.gov/vuln/detail/CVE-2017-17969) | p7zip | 7.8 | 17.05 | 17.05 | 17.05 | | | [CVE-2017-5506](https://nvd.nist.gov/vuln/detail/CVE-2017-5506) | imagemagick | 7.8 | 7.1.1-40 | 7.1.1-40 | 7.1.1.41 | | | [CVE-2016-3751](https://nvd.nist.gov/vuln/detail/CVE-2016-3751) | libpng | 7.8 | 1.2.59 | 1.6.43 | 1.6.44 | *[[PR](https://github.com/NixOS/nixpkgs/pull/286253)]* | +| [CVE-2024-47542](https://nvd.nist.gov/vuln/detail/CVE-2024-47542) | gstreamer | 7.5 | 1.24.7 | 1.24.7 | 1.24.10 | | +| [CVE-2024-47541](https://nvd.nist.gov/vuln/detail/CVE-2024-47541) | gstreamer | 7.5 | 1.24.7 | 1.24.7 | 1.24.10 | | | [CVE-2024-7592](https://nvd.nist.gov/vuln/detail/CVE-2024-7592) | python | 7.5 | 2.7.18.8 | 3.13.1 | 3.13.1 | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]* | | [CVE-2024-6232](https://nvd.nist.gov/vuln/detail/CVE-2024-6232) | python | 7.5 | 2.7.18.8 | 3.13.1 | 3.13.1 | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]* | | [CVE-2024-4032](https://nvd.nist.gov/vuln/detail/CVE-2024-4032) | python | 7.5 | 2.7.18.8 | 3.13.1 | 3.13.1 | | @@ -364,9 +371,6 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base | [OSV-2023-197](https://osv.dev/OSV-2023-197) | p11-kit | | 0.25.5 | 0.25.5 | 0.25.5 | | | [OSV-2023-34](https://osv.dev/OSV-2023-34) | ghostscript | | 10.04.0 | 10.04.0 | 10.04.0 | | | [OSV-2023-14](https://osv.dev/OSV-2023-14) | hunspell | | 1.7.2 | 1.7.2 | 1.7.2 | | -| [CVE-2022-38023](https://nvd.nist.gov/vuln/detail/CVE-2022-38023) | samba | | 4.20.4 | 4.20.4 | 4.21.2 | | -| [CVE-2022-37967](https://nvd.nist.gov/vuln/detail/CVE-2022-37967) | samba | | 4.20.4 | 4.20.4 | 4.21.2 | | -| [CVE-2022-37966](https://nvd.nist.gov/vuln/detail/CVE-2022-37966) | samba | | 4.20.4 | 4.20.4 | 4.21.2 | | | [OSV-2022-1276](https://osv.dev/OSV-2022-1276) | openvpn | | 2.6.12 | 2.6.12 | 2.6.12 | | | [OSV-2022-1201](https://osv.dev/OSV-2022-1201) | opensc | | 0.26.0 | 0.26.0 | 0.26.0 | | | [OSV-2022-1188](https://osv.dev/OSV-2022-1188) | opensc | | 0.26.0 | 0.26.0 | 0.26.0 | |