github-actions[bot]
commented
3 years ago Report for pride
Version changes:
Version 1 -> 2:Security vulnerability report
47 derivations with active advisories 23 derivations left out due to whitelisting ------------------------------------------------------------------------ ShellCheck-0.7.2 /nix/store/6nmh9y4aw5d3crab4jpbph1xfnp4zir3-ShellCheck-0.7.2.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-28794 9.8 ------------------------------------------------------------------------ anymap-0.12.1 /nix/store/qza88rlh6h4i9g17vap2sfb79v6mym52-anymap-0.12.1.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-38187 9.8 ------------------------------------------------------------------------ avahi-0.8 /nix/store/k6w3akp9qwc341dcd187mhhv7b9jl1qa-avahi-0.8.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-26720 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3468 5.5 ------------------------------------------------------------------------ binutils-2.35.1 /nix/store/551clq33vmk14y6azaxac48rr2l12hqw-binutils-2.35.1.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-20294 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3487 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-20284 5.5 ------------------------------------------------------------------------ charset-0.3.8 /nix/store/m5wi3ifzf71kab80rf2kv1xri3lyrya8-charset-0.3.8.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2017-16098 7.5 ------------------------------------------------------------------------ commonmark-0.2.1 /nix/store/lrcxbxrw099xsh18lvbm8kjf88839h66-commonmark-0.2.1.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2019-10010 6.1 ------------------------------------------------------------------------ cpio-2.13 /nix/store/ihcsbx1r35xadkmlbil7z66czng1dgqx-cpio-2.13.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-38185 7.8 ------------------------------------------------------------------------ curl-7.76.1 /nix/store/7b6r02bsidap2g025s130d2wjggay9s1-curl-7.76.1.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-22926 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-22922 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-22923 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-22925 5.3 ------------------------------------------------------------------------ djvulibre-3.5.28 /nix/store/g0icp46n7s0dmmbzjq8jly3f5rcmfdmj-djvulibre-3.5.28.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-3500 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-32490 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-32491 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-32492 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-32493 7.8 ------------------------------------------------------------------------ dot-0.1.4 /nix/store/lr59mazpvqc90lwb2ial03qpady8470q-dot-0.1.4.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2020-7639 5.3 ------------------------------------------------------------------------ ffmpeg-4.4 /nix/store/4lcs7bwldjh45q18ra1pi0w7zdn5ql59-ffmpeg-4.4.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-38171 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-30123 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-38291 7.5 ------------------------------------------------------------------------ fuse-3.10.5 /nix/store/5mjssa0nvhvp17xvnn9v660ilsz4v2bs-fuse-3.10.5.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2019-14860 6.5 ------------------------------------------------------------------------ gcc-7.5.0 /nix/store/kr6hji8lm338dm8jy15gj3m6pn50chl2-gcc-7.5.0.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2018-12886 8.1 ------------------------------------------------------------------------ git-2.33.0 /nix/store/lcah3ainaa3ddqy3yqbry1w02b0pr435-git-2.33.0.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2018-1000182 6.4 https://nvd.nist.gov/vuln/detail/CVE-2020-2136 5.4 https://nvd.nist.gov/vuln/detail/CVE-2018-1000110 5.3 https://nvd.nist.gov/vuln/detail/CVE-2019-1003010 4.3 ------------------------------------------------------------------------ glibc-2.33-49 /nix/store/hwgd0c47l7zcsvq2h1pr07qr7m1ykk5i-glibc-2.33-49.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-38604 7.5 ------------------------------------------------------------------------ go-1.16-linux-amd64-bootstrap /nix/store/kww78i8jc23sgrv8h2ad3y035l0vj2nx-go-1.16-linux-amd64-bootstrap.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-29923 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-34558 6.5 ------------------------------------------------------------------------ go-1.16.8 /nix/store/b36ggbfqmwa4xyk9mn6i0b5mrd0kb4hb-go-1.16.8.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-29923 7.5 ------------------------------------------------------------------------ home-0.5.3 /nix/store/b1h63w7321gfsqf9kyiiw2h9xd9riy9h-home-0.5.3.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-25264 6.7 ------------------------------------------------------------------------ hub-2.14.2 /nix/store/9pw28f286i4iigpa95syyfsvni6dvbn8-hub-2.14.2.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-36209 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-37540 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-37541 6.1 ------------------------------------------------------------------------ imagemagick-7.1.0-4 /nix/store/hsn3z3rnr7nspqd9w78v1kzqkpywz9ra-imagemagick-7.1.0-4.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-39212 4.4 ------------------------------------------------------------------------ instant-0.1.10 /nix/store/yg77fx1zymnazggvyh9l8n1pg7h7asy6-instant-0.1.10.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2017-13099 5.9 ------------------------------------------------------------------------ jose-0.8.4 /nix/store/1davif2380wpi5lr60ypfi18kr3j0443-jose-0.8.4.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-29444 5.9 https://nvd.nist.gov/vuln/detail/CVE-2021-29445 5.9 https://nvd.nist.gov/vuln/detail/CVE-2021-29446 5.9 ------------------------------------------------------------------------ libarchive-3.5.1 /nix/store/z83g0r23q4995792mwlxpsmia025nr1r-libarchive-3.5.1.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-36976 6.5 ------------------------------------------------------------------------ libgcrypt-1.9.3 /nix/store/rqglmvhwp3djbbihjy7zlaqrx6wgyh53-libgcrypt-1.9.3.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-40528 5.9 ------------------------------------------------------------------------ libressl-3.2.5 /nix/store/ywav0mqr6aidxr2720ddwy5bvz1q25z4-libressl-3.2.5.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-41581 5.5 ------------------------------------------------------------------------ libssh-0.8.9 /nix/store/fbgwwnc2b4nhs7dbykqmqg9hbccyn28y-libssh-0.8.9.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-3634 6.5 ------------------------------------------------------------------------ live555-2019.11.22 /nix/store/4q871zixfdppf84w11xglmzyh0bfqvsb-live555-2019.11.22.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-38380 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-38381 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-38382 6.5 ------------------------------------------------------------------------ lua-5.2.4-env /nix/store/dhdqqr8s46wizrl01x84q1kbw0si2112-lua-5.2.4-env.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2020-15888 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-15945 5.5 ------------------------------------------------------------------------ lua-5.3.6 /nix/store/ax9dbq2fanqhi4p89j4asjliim0p6ra7-lua-5.3.6.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2020-15888 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-15945 5.5 ------------------------------------------------------------------------ markdown-0.33-1.rockspec /nix/store/3i23hbcbh3ckz1q7f51jplf2czsqj8h2-markdown-0.33-1.rockspec.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2018-1000874 6.1 ------------------------------------------------------------------------ network-3.1.1.1 /nix/store/63kd4ypxzb5j41l6xvi1zi4qz4r0l2g1-network-3.1.1.1.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-35048 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-35047 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-35049 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-35050 7.5 ------------------------------------------------------------------------ openexr-2.5.7 /nix/store/r8kb0q32dy6gpsspjyn971jd9d1p3l7a-openexr-2.5.7.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-23169 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3598 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3605 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-23215 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-26260 5.5 https://nvd.nist.gov/vuln/detail/CVE-2021-26945 5.5 ------------------------------------------------------------------------ openssh-8.6p1 /nix/store/68km72vd0h2zh608cyrrlfl1abndip03-openssh-8.6p1.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2016-20012 5.3 ------------------------------------------------------------------------ openssl-1.1.1l /nix/store/7fwg53zpyzdfcngi8zkzwkqy3dhs74dg-openssl-1.1.1l.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2018-16395 9.8 https://nvd.nist.gov/vuln/detail/CVE-2016-7798 7.5 ------------------------------------------------------------------------ openvpn-2.5.2 /nix/store/gl73hynnhy83nn557qi7143kdg2hv46z-openvpn-2.5.2.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2020-7224 9.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3606 7.8 https://nvd.nist.gov/vuln/detail/CVE-2020-27569 7.5 ------------------------------------------------------------------------ qemu-6.0.0 /nix/store/4zaf1w1qylnhf8bzdqa0g9axrjivbxph-qemu-6.0.0.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-3682 8.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3713 7.4 https://nvd.nist.gov/vuln/detail/CVE-2021-3544 6.5 https://nvd.nist.gov/vuln/detail/CVE-2021-3507 6.1 https://nvd.nist.gov/vuln/detail/CVE-2020-35503 6.0 https://nvd.nist.gov/vuln/detail/CVE-2021-3527 5.5 ------------------------------------------------------------------------ quote-1.0.9 /nix/store/38qcldl6av3am6r90a5wk8iqysv1z1mj-quote-1.0.9.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2020-16194 5.3 ------------------------------------------------------------------------ ruby-2.7.4 /nix/store/xp6c3iqnaab4qg69y00qxhgb38860bqh-ruby-2.7.4.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-28966 7.5 ------------------------------------------------------------------------ safe-0.3.19 /nix/store/ffbhxdq87hqgxpdlhdmaj3pia8j10h20-safe-0.3.19.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2019-11644 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-33596 4.1 https://nvd.nist.gov/vuln/detail/CVE-2021-33594 3.5 https://nvd.nist.gov/vuln/detail/CVE-2021-33595 3.5 ------------------------------------------------------------------------ samba-4.14.4 /nix/store/7p2vfp74hhi5qf74hxws8jw6a1fk4lwd-samba-4.14.4.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2018-1057 8.8 https://nvd.nist.gov/vuln/detail/CVE-2018-1050 4.3 ------------------------------------------------------------------------ shellcheck-0.7.2 /nix/store/8fhdivd3fx1zg2zygwdc4dfd0dbvxq3x-shellcheck-0.7.2.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-28794 9.8 ------------------------------------------------------------------------ subversion-1.14.1 /nix/store/phx02y5z1bwfgn977754sg802k1gyp3z-subversion-1.14.1.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2017-1000085 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-2304 6.5 https://nvd.nist.gov/vuln/detail/CVE-2020-2111 5.4 https://nvd.nist.gov/vuln/detail/CVE-2018-1000111 5.3 ------------------------------------------------------------------------ tcl-8.6.11 /nix/store/368vbypih74inhm4d3v4nmypfgggvvni-tcl-8.6.11.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-35331 7.8 ------------------------------------------------------------------------ util-linux-2.36.2 /nix/store/2c9ab725kccddpjlxb5r8s1hxzbrjdqq-util-linux-2.36.2.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-37600 5.5 ------------------------------------------------------------------------ vault-0.3.1.5 /nix/store/7dby4s54ynhrbmr1gzbpcw49dgcknwj7-vault-0.3.1.5.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2018-19786 8.1 https://nvd.nist.gov/vuln/detail/CVE-2020-13223 7.5 https://nvd.nist.gov/vuln/detail/CVE-2021-27400 7.5 https://nvd.nist.gov/vuln/detail/CVE-2020-25594 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-3024 5.3 https://nvd.nist.gov/vuln/detail/CVE-2021-38554 5.3 ------------------------------------------------------------------------ vim-8.2.3337 /nix/store/sna129sszmh4bl7wqqf48kp7hlbgaln9-vim-8.2.3337.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 7.8 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 7.8 ------------------------------------------------------------------------ wget-1.21.1 /nix/store/6fg72qw9rdkl23x3h6yzl0sndxzm3fks-wget-1.21.1.drv CVE CVSSv3 https://nvd.nist.gov/vuln/detail/CVE-2021-31879 6.1 use --show-whitelisted to see derivations with only whitelisted CVEs
Report for
edenVersion changes:
Security vulnerability report