chore(flake): Automatic flake update

EdenEast commented 2 years ago

Flake lock file changes:

Updated np: darwin ➡️ `` 'github:lnl7/nix-darwin/4fdbb8168f61d31d3f90bb0d07f48de709c4fe79' (2022-03-26) → 'github:lnl7/nix-darwin/2979028c51ba0ad7e2062dbdc1674be0f71092fc' (2022-04-19)
Updated np: fenix ➡️ `` 'github:nix-community/fenix/5cbb7720dcbb684fd8375fdd915fb725a6c2178b' (2022-04-16) → 'github:nix-community/fenix/6265516f6874bdd6b15904fe8483200cf9a07fe2' (2022-04-20)
Updated np: fenix/rust-analyzer-src ➡️ `` 'github:rust-analyzer/rust-analyzer/1c22537b3b7012f76952546ef90b18509a056690' (2022-04-15) → 'github:rust-analyzer/rust-analyzer/55824021e10d296a10948549e49a5bdc8dc1c661' (2022-04-19)
Updated np: flake-compat ➡️ `` 'github:edolstra/flake-compat/64a525ee38886ab9028e6f61790de0832aa3ef03' (2022-03-25) → 'github:edolstra/flake-compat/b4a34015c698c7793d592d66adbab377907a2be8' (2022-04-19)
Updated np: home-manager ➡️ `` 'github:nix-community/home-manager/8ab155c61f5821ffda723de88b0009769771d4f2' (2022-04-16) → 'github:nix-community/home-manager/93a69d07389311ffd6ce1f4d01836bbc2faec644' (2022-04-20)
Updated np: neovim-nightly ➡️ `` 'github:nix-community/neovim-nightly-overlay/ae9ee8abdce8256822879916d386550bb55f5b6c' (2022-04-16) → 'github:nix-community/neovim-nightly-overlay/edf6d999c74bf9772afd7c027e0d0a73bf033b4a' (2022-04-21)
Updated np: neovim-nightly/flake-compat ➡️ `` 'github:edolstra/flake-compat/64a525ee38886ab9028e6f61790de0832aa3ef03' (2022-03-25) → 'github:edolstra/flake-compat/b4a34015c698c7793d592d66adbab377907a2be8' (2022-04-19)
Updated np: neovim-nightly/neovim-flake ➡️ `` 'github:neovim/neovim/3f2e9298bdd971a4d2baa298aff7c6f2c2c1ad1a?dir=contrib' (2022-04-16) → 'github:neovim/neovim/db851cb105ac9f295a836a39ff73da14a70ae754?dir=contrib' (2022-04-21)
Updated np: nixpkgs ➡️ `` 'github:nixos/nixpkgs/75ad56bdc927f3a9f9e05e3c3614c4c1fcd99fcb' (2022-04-16) → 'github:nixos/nixpkgs/1ffba9f2f683063c2b14c9f4d12c55ad5f4ed887' (2022-04-17)
Updated np: nur ➡️ `` 'github:nix-community/nur/46611c782718da8dcbe5e51dde286928084d5d3b' (2022-04-17) → 'github:nix-community/nur/0191ce3e828a018796fb661b02e0e685cab52b73' (2022-04-21)

github-actions[bot] commented 2 years ago

Report for `eden`

Version changes:

Version 1 -> 2:
  busybox-static-x86_64-unknown-linux-musl: 1.34.1 → 1.35.0
  neovim-unwrapped: +30.4 KiB
  rust-analyzer-nightly: 1c22537 → 5582402, +43.9 KiB
  source: +15.9 KiB
  starship: ∅ → 1.6.2, +7649.2 KiB
  starship-unstable: 2022-04-12 → ∅, -7657.2 KiB

Security vulnerability report

29 derivations with active advisories
20 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.8.0

/nix/store/8s2kgwjycv4skyfmwkajwixspvqi9sv7-ShellCheck-0.8.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
anymap-0.12.1

/nix/store/vhp6fcd1fn2czspknvlj4wwf344kkpwf-anymap-0.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38187    9.8

------------------------------------------------------------------------
async-2.2.4

/nix/store/l7msl1624f7r8ka8yr352aazd2ssccva-async-2.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
async-2.2.4-r1.cabal

/nix/store/57b103vn5qvkl7k4cjsnbbrai1ksfk7w-async-2.2.4-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
cereal-0.5.8.2

/nix/store/xbvnfzk7l7w4fxcqpicyvz3amqwm28j8-cereal-0.5.8.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
charset-0.3.9

/nix/store/7m1lqa1hj22aw2xq80mdic76cmw6y0yl-charset-0.3.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-16098    7.5

------------------------------------------------------------------------
commonmark-0.2.2

/nix/store/2gaayq8z3akzdgjwygwny5pam3y2d1gi-commonmark-0.2.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
dot-0.1.4

/nix/store/4agrkywx94x6117jgpwv88x3sx3i8hm7-dot-0.1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-7639     5.3

------------------------------------------------------------------------
go-1.16-linux-amd64-bootstrap

/nix/store/66q6dq59dn7rwj0gw5hhf807cfr3bwb4-go-1.16-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38297    9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-23806    9.1
https://nvd.nist.gov/vuln/detail/CVE-2021-39293    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41771    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44716    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23773    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-24921    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-34558    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44717    4.8

------------------------------------------------------------------------
home-0.5.3

/nix/store/vvssh6ybf52ff7pbswilxdjdwn4yik4n-home-0.5.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-25264    6.7

------------------------------------------------------------------------
http-client-0.7.11

/nix/store/275cd8mpfi1s54ymcbiw359v9hzj1xn0-http-client-0.7.11.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
http-client-0.7.11-r1.cabal

/nix/store/agh5mx6g16x79fpjhrcn7yfpnm22ccxc-http-client-0.7.11-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
instant-0.1.12

/nix/store/0m21rq76j0a1wabjyxh0kvf2cw6d2dig-instant-0.1.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-13099    5.9

------------------------------------------------------------------------
jose-0.9

/nix/store/sxny5a2xzr91rgday6879innyfba0g0w-jose-0.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-29444    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29445    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29446    5.9

------------------------------------------------------------------------
lens-5.0.1

/nix/store/6s4ywrhssmkcvd8di5xps4fzijq0h3b2-lens-5.0.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
lens-5.0.1-r3.cabal

/nix/store/3p9imnk54pjcyx93ynlqpzg53537n38s-lens-5.0.1-r3.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
lua-2.1.0

/nix/store/mvdx5hx9gn0bkwg7yxrjmiysk0nb8rpn-lua-2.1.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5

------------------------------------------------------------------------
lua-5.3.6

/nix/store/g23ffw9xjhsyzk97sxrj7y5w4b57mwi4-lua-5.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
network-3.1.2.7

/nix/store/rk2d9k1dvxb6rfan4iwlf5gzdvapn6kq-network-3.1.2.7.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
quote-1.0.18

/nix/store/m8b2i1i4gwv8ign1bvc5irra8j70jpbz-quote-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
safe-0.3.19

/nix/store/1nrqi14yi9hyq12snv4kvysfdi4jfqla-safe-0.3.19.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5

------------------------------------------------------------------------
systemd-2.3.0

/nix/store/0dhnri2n0f8pi6maq0myfjdqxc0jk7v7-systemd-2.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-1000082  9.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15688    8.8
https://nvd.nist.gov/vuln/detail/CVE-2017-18078    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-6954     7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15686    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16864    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16865    7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3843     7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3844     7.8
https://nvd.nist.gov/vuln/detail/CVE-2020-1712     7.8
https://nvd.nist.gov/vuln/detail/CVE-2017-9217     7.5
https://nvd.nist.gov/vuln/detail/CVE-2018-15687    7.0
https://nvd.nist.gov/vuln/detail/CVE-2019-3842     7.0
https://nvd.nist.gov/vuln/detail/CVE-2020-13776    6.7
https://nvd.nist.gov/vuln/detail/CVE-2018-1049     5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-33910    5.5
https://nvd.nist.gov/vuln/detail/CVE-2018-16888    4.7
https://nvd.nist.gov/vuln/detail/CVE-2019-20386    2.4

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/mav1s5v8r3s019gg4pa6c2hbmcw4qs0n-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
vault-0.3.1.5-r1.cabal

/nix/store/8pzqir4l18p21907g0ba8adlrjvhkzwx-vault-0.3.1.5-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
websockets-0.12.7.3

/nix/store/2r1cxymkpmywc0cfqdg1qirb80jpq2rs-websockets-0.12.7.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
websockets-0.12.7.3-r1.cabal

/nix/store/mcnaf6d8iwml2mq55i5dxa4q6icbr34q-websockets-0.12.7.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
xshell-0.2.1

/nix/store/711ah0xyb6lx33jpix6vxk6r8n8fpgm5-xshell-0.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-42095    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-27966    6.5

------------------------------------------------------------------------
zlib-0.6.2.3

/nix/store/02470wbmlinzv799fm3k5f832q4vcs0b-zlib-0.6.2.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

------------------------------------------------------------------------
zlib-0.6.2.3-r1.cabal

/nix/store/7yik5gv39ncr9a0mbi90m4r3swbpw1zk-zlib-0.6.2.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

use --show-whitelisted to see derivations with only whitelisted CVEs

github-actions[bot] commented 2 years ago

Report for `sloth`

Version changes:

Version 1 -> 2:
  busybox: 1.34.1 → 1.35.0
  busybox-static-x86_64-unknown-linux-musl: 1.34.1 → 1.35.0
  extra: ε → ∅, -21803.1 KiB
  firefox: +120.0 KiB
  firefox-unwrapped: +280.5 KiB
  initrd: ε → ∅
  keymap: ε → ∅
  neovim-unwrapped: +30.4 KiB
  nixos-system-sloth: 22.05.20220416.75ad56b → 22.05.20220417.1ffba9f
  rust-analyzer-nightly: 1c22537 → 5582402, +43.9 KiB
  sof-firmware: 2.0 → 2.1.1, +1271.9 KiB
  source: +15.9 KiB
  stage: 1-init.sh → ∅, -19.6 KiB
  starship: ∅ → 1.6.2, +7649.2 KiB
  starship-unstable: 2022-04-12 → ∅, -7657.2 KiB
  udev: -35.4 KiB

Security vulnerability report

36 derivations with active advisories
34 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.8.0

/nix/store/8s2kgwjycv4skyfmwkajwixspvqi9sv7-ShellCheck-0.8.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
anymap-0.12.1

/nix/store/vhp6fcd1fn2czspknvlj4wwf344kkpwf-anymap-0.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38187    9.8

------------------------------------------------------------------------
async-2.2.4

/nix/store/l7msl1624f7r8ka8yr352aazd2ssccva-async-2.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
async-2.2.4-r1.cabal

/nix/store/57b103vn5qvkl7k4cjsnbbrai1ksfk7w-async-2.2.4-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
cereal-0.5.8.2

/nix/store/xbvnfzk7l7w4fxcqpicyvz3amqwm28j8-cereal-0.5.8.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
charset-0.3.9

/nix/store/7m1lqa1hj22aw2xq80mdic76cmw6y0yl-charset-0.3.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-16098    7.5

------------------------------------------------------------------------
commonmark-0.2.2

/nix/store/2gaayq8z3akzdgjwygwny5pam3y2d1gi-commonmark-0.2.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
dot-0.1.4

/nix/store/4agrkywx94x6117jgpwv88x3sx3i8hm7-dot-0.1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-7639     5.3

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/hinimm71v50xynl7mzsc834jmc7mphbd-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5

------------------------------------------------------------------------
gcc-6.5.0

/nix/store/chilm7h80nhdcwzcqxp7y0f3l8safyih-gcc-6.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-37322    7.8

------------------------------------------------------------------------
go-1.16-linux-amd64-bootstrap

/nix/store/66q6dq59dn7rwj0gw5hhf807cfr3bwb4-go-1.16-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38297    9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-23806    9.1
https://nvd.nist.gov/vuln/detail/CVE-2021-39293    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41771    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44716    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23773    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-24921    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-34558    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44717    4.8

------------------------------------------------------------------------
home-0.5.3

/nix/store/vvssh6ybf52ff7pbswilxdjdwn4yik4n-home-0.5.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-25264    6.7

------------------------------------------------------------------------
http-client-0.7.11

/nix/store/275cd8mpfi1s54ymcbiw359v9hzj1xn0-http-client-0.7.11.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
http-client-0.7.11-r1.cabal

/nix/store/agh5mx6g16x79fpjhrcn7yfpnm22ccxc-http-client-0.7.11-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
instant-0.1.12

/nix/store/0m21rq76j0a1wabjyxh0kvf2cw6d2dig-instant-0.1.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-13099    5.9

------------------------------------------------------------------------
jose-0.9

/nix/store/sxny5a2xzr91rgday6879innyfba0g0w-jose-0.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-29444    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29445    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29446    5.9

------------------------------------------------------------------------
lens-5.0.1

/nix/store/6s4ywrhssmkcvd8di5xps4fzijq0h3b2-lens-5.0.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
lens-5.0.1-r3.cabal

/nix/store/3p9imnk54pjcyx93ynlqpzg53537n38s-lens-5.0.1-r3.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
libde265-1.0.8

/nix/store/sgkbvnqlj5qwkcihr5dnys6hgzl1hjac-libde265-1.0.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1253     9.8

------------------------------------------------------------------------
lua-2.1.0

/nix/store/mvdx5hx9gn0bkwg7yxrjmiysk0nb8rpn-lua-2.1.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5

------------------------------------------------------------------------
lua-5.2.4

/nix/store/3ys80zy1cna0d4kjwccrwafdaji5q1xh-lua-5.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
lua-5.2.4-env

/nix/store/58pb70mr7bf0c6p7wsi1pdgingip952a-lua-5.2.4-env.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-43519    5.5

------------------------------------------------------------------------
lua-5.3.6

/nix/store/g23ffw9xjhsyzk97sxrj7y5w4b57mwi4-lua-5.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
markdown-0.33-1.rockspec

/nix/store/15d1b4dzy87hxk5g2ap1kjc6394my1ll-markdown-0.33-1.rockspec.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-1000874  6.1

------------------------------------------------------------------------
network-3.1.2.7

/nix/store/rk2d9k1dvxb6rfan4iwlf5gzdvapn6kq-network-3.1.2.7.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
quote-1.0.18

/nix/store/m8b2i1i4gwv8ign1bvc5irra8j70jpbz-quote-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
safe-0.3.19

/nix/store/1nrqi14yi9hyq12snv4kvysfdi4jfqla-safe-0.3.19.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5

------------------------------------------------------------------------
subversion-1.14.2

/nix/store/xazaybglnj9p725p8g7bgrpx301kippf-subversion-1.14.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-21698    7.5
https://nvd.nist.gov/vuln/detail/CVE-2017-1000085  6.5
https://nvd.nist.gov/vuln/detail/CVE-2020-2304     6.5
https://nvd.nist.gov/vuln/detail/CVE-2020-2111     5.4
https://nvd.nist.gov/vuln/detail/CVE-2022-29046    5.4
https://nvd.nist.gov/vuln/detail/CVE-2018-1000111  5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-29048    4.3

------------------------------------------------------------------------
systemd-2.3.0

/nix/store/0dhnri2n0f8pi6maq0myfjdqxc0jk7v7-systemd-2.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-1000082  9.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15688    8.8
https://nvd.nist.gov/vuln/detail/CVE-2017-18078    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-6954     7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15686    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16864    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16865    7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3843     7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3844     7.8
https://nvd.nist.gov/vuln/detail/CVE-2020-1712     7.8
https://nvd.nist.gov/vuln/detail/CVE-2017-9217     7.5
https://nvd.nist.gov/vuln/detail/CVE-2018-15687    7.0
https://nvd.nist.gov/vuln/detail/CVE-2019-3842     7.0
https://nvd.nist.gov/vuln/detail/CVE-2020-13776    6.7
https://nvd.nist.gov/vuln/detail/CVE-2018-1049     5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-33910    5.5
https://nvd.nist.gov/vuln/detail/CVE-2018-16888    4.7
https://nvd.nist.gov/vuln/detail/CVE-2019-20386    2.4

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/mav1s5v8r3s019gg4pa6c2hbmcw4qs0n-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
vault-0.3.1.5-r1.cabal

/nix/store/8pzqir4l18p21907g0ba8adlrjvhkzwx-vault-0.3.1.5-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
websockets-0.12.7.3

/nix/store/2r1cxymkpmywc0cfqdg1qirb80jpq2rs-websockets-0.12.7.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
websockets-0.12.7.3-r1.cabal

/nix/store/mcnaf6d8iwml2mq55i5dxa4q6icbr34q-websockets-0.12.7.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
xshell-0.2.1

/nix/store/711ah0xyb6lx33jpix6vxk6r8n8fpgm5-xshell-0.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-42095    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-27966    6.5

------------------------------------------------------------------------
zlib-0.6.2.3

/nix/store/02470wbmlinzv799fm3k5f832q4vcs0b-zlib-0.6.2.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

------------------------------------------------------------------------
zlib-0.6.2.3-r1.cabal

/nix/store/7yik5gv39ncr9a0mbi90m4r3swbpw1zk-zlib-0.6.2.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

use --show-whitelisted to see derivations with only whitelisted CVEs

github-actions[bot] commented 2 years ago

Report for `pride`

Version changes:

Version 1 -> 2:
  busybox: 1.34.1 → 1.35.0
  busybox-static-x86_64-unknown-linux-musl: 1.34.1 → 1.35.0
  firefox: +120.0 KiB
  firefox-unwrapped: +280.5 KiB
  neovim-unwrapped: +30.4 KiB
  nixos-system-pride: 22.05.20220416.75ad56b → 22.05.20220417.1ffba9f
  rust-analyzer-nightly: 1c22537 → 5582402, +43.9 KiB
  sof-firmware: 2.0 → 2.1.1, +1271.9 KiB
  source: +15.9 KiB
  starship: ∅ → 1.6.2, +7649.2 KiB
  starship-unstable: 2022-04-12 → ∅, -7657.2 KiB

Security vulnerability report

37 derivations with active advisories
36 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.8.0

/nix/store/8s2kgwjycv4skyfmwkajwixspvqi9sv7-ShellCheck-0.8.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
anymap-0.12.1

/nix/store/vhp6fcd1fn2czspknvlj4wwf344kkpwf-anymap-0.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38187    9.8

------------------------------------------------------------------------
async-2.2.4

/nix/store/l7msl1624f7r8ka8yr352aazd2ssccva-async-2.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
async-2.2.4-r1.cabal

/nix/store/57b103vn5qvkl7k4cjsnbbrai1ksfk7w-async-2.2.4-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
cereal-0.5.8.2

/nix/store/xbvnfzk7l7w4fxcqpicyvz3amqwm28j8-cereal-0.5.8.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
charset-0.3.9

/nix/store/7m1lqa1hj22aw2xq80mdic76cmw6y0yl-charset-0.3.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-16098    7.5

------------------------------------------------------------------------
commonmark-0.2.2

/nix/store/2gaayq8z3akzdgjwygwny5pam3y2d1gi-commonmark-0.2.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
dot-0.1.4

/nix/store/4agrkywx94x6117jgpwv88x3sx3i8hm7-dot-0.1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-7639     5.3

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/hinimm71v50xynl7mzsc834jmc7mphbd-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5

------------------------------------------------------------------------
gcc-6.5.0

/nix/store/chilm7h80nhdcwzcqxp7y0f3l8safyih-gcc-6.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-37322    7.8

------------------------------------------------------------------------
gcc-7.5.0

/nix/store/v3di8rw9s4r5clzf1zzh63r5ixqyrvfi-gcc-7.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-12886    8.1
https://nvd.nist.gov/vuln/detail/CVE-2021-37322    7.8

------------------------------------------------------------------------
go-1.16-linux-amd64-bootstrap

/nix/store/66q6dq59dn7rwj0gw5hhf807cfr3bwb4-go-1.16-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38297    9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-23806    9.1
https://nvd.nist.gov/vuln/detail/CVE-2021-39293    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41771    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44716    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23773    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-24921    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-34558    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44717    4.8

------------------------------------------------------------------------
home-0.5.3

/nix/store/vvssh6ybf52ff7pbswilxdjdwn4yik4n-home-0.5.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-25264    6.7

------------------------------------------------------------------------
http-client-0.7.11

/nix/store/275cd8mpfi1s54ymcbiw359v9hzj1xn0-http-client-0.7.11.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
http-client-0.7.11-r1.cabal

/nix/store/agh5mx6g16x79fpjhrcn7yfpnm22ccxc-http-client-0.7.11-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
instant-0.1.12

/nix/store/0m21rq76j0a1wabjyxh0kvf2cw6d2dig-instant-0.1.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-13099    5.9

------------------------------------------------------------------------
jose-0.9

/nix/store/sxny5a2xzr91rgday6879innyfba0g0w-jose-0.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-29444    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29445    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29446    5.9

------------------------------------------------------------------------
lens-5.0.1

/nix/store/6s4ywrhssmkcvd8di5xps4fzijq0h3b2-lens-5.0.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
lens-5.0.1-r3.cabal

/nix/store/3p9imnk54pjcyx93ynlqpzg53537n38s-lens-5.0.1-r3.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
libde265-1.0.8

/nix/store/sgkbvnqlj5qwkcihr5dnys6hgzl1hjac-libde265-1.0.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1253     9.8

------------------------------------------------------------------------
lua-2.1.0

/nix/store/mvdx5hx9gn0bkwg7yxrjmiysk0nb8rpn-lua-2.1.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5

------------------------------------------------------------------------
lua-5.2.4

/nix/store/3ys80zy1cna0d4kjwccrwafdaji5q1xh-lua-5.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
lua-5.2.4-env

/nix/store/58pb70mr7bf0c6p7wsi1pdgingip952a-lua-5.2.4-env.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-43519    5.5

------------------------------------------------------------------------
lua-5.3.6

/nix/store/g23ffw9xjhsyzk97sxrj7y5w4b57mwi4-lua-5.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
markdown-0.33-1.rockspec

/nix/store/15d1b4dzy87hxk5g2ap1kjc6394my1ll-markdown-0.33-1.rockspec.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-1000874  6.1

------------------------------------------------------------------------
network-3.1.2.7

/nix/store/rk2d9k1dvxb6rfan4iwlf5gzdvapn6kq-network-3.1.2.7.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
quote-1.0.18

/nix/store/m8b2i1i4gwv8ign1bvc5irra8j70jpbz-quote-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
safe-0.3.19

/nix/store/1nrqi14yi9hyq12snv4kvysfdi4jfqla-safe-0.3.19.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5

------------------------------------------------------------------------
subversion-1.14.2

/nix/store/xazaybglnj9p725p8g7bgrpx301kippf-subversion-1.14.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-21698    7.5
https://nvd.nist.gov/vuln/detail/CVE-2017-1000085  6.5
https://nvd.nist.gov/vuln/detail/CVE-2020-2304     6.5
https://nvd.nist.gov/vuln/detail/CVE-2020-2111     5.4
https://nvd.nist.gov/vuln/detail/CVE-2022-29046    5.4
https://nvd.nist.gov/vuln/detail/CVE-2018-1000111  5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-29048    4.3

------------------------------------------------------------------------
systemd-2.3.0

/nix/store/0dhnri2n0f8pi6maq0myfjdqxc0jk7v7-systemd-2.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-1000082  9.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15688    8.8
https://nvd.nist.gov/vuln/detail/CVE-2017-18078    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-6954     7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15686    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16864    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16865    7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3843     7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3844     7.8
https://nvd.nist.gov/vuln/detail/CVE-2020-1712     7.8
https://nvd.nist.gov/vuln/detail/CVE-2017-9217     7.5
https://nvd.nist.gov/vuln/detail/CVE-2018-15687    7.0
https://nvd.nist.gov/vuln/detail/CVE-2019-3842     7.0
https://nvd.nist.gov/vuln/detail/CVE-2020-13776    6.7
https://nvd.nist.gov/vuln/detail/CVE-2018-1049     5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-33910    5.5
https://nvd.nist.gov/vuln/detail/CVE-2018-16888    4.7
https://nvd.nist.gov/vuln/detail/CVE-2019-20386    2.4

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/mav1s5v8r3s019gg4pa6c2hbmcw4qs0n-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
vault-0.3.1.5-r1.cabal

/nix/store/8pzqir4l18p21907g0ba8adlrjvhkzwx-vault-0.3.1.5-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
websockets-0.12.7.3

/nix/store/2r1cxymkpmywc0cfqdg1qirb80jpq2rs-websockets-0.12.7.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
websockets-0.12.7.3-r1.cabal

/nix/store/mcnaf6d8iwml2mq55i5dxa4q6icbr34q-websockets-0.12.7.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
xshell-0.2.1

/nix/store/711ah0xyb6lx33jpix6vxk6r8n8fpgm5-xshell-0.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-42095    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-27966    6.5

------------------------------------------------------------------------
zlib-0.6.2.3

/nix/store/02470wbmlinzv799fm3k5f832q4vcs0b-zlib-0.6.2.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

------------------------------------------------------------------------
zlib-0.6.2.3-r1.cabal

/nix/store/7yik5gv39ncr9a0mbi90m4r3swbpw1zk-zlib-0.6.2.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

use --show-whitelisted to see derivations with only whitelisted CVEs

github-actions[bot] commented 2 years ago

Report for `theman`

Version changes:

Version 1 -> 2:'
'  darwin-system: 22.05.20220416.75ad56b+darwin4.4fdbb81 → 22.05.20220417.1ffba9f+darwin4.2979028'
'  neovim-unwrapped: [31;1m+30.3 KiB[0m'
'  source: [31;1m+15.9 KiB[0m'
'  starship: ∅ → 1.6.2, [31;1m+5416.4 KiB[0m'
'  starship-unstable: 2022-04-12 → ∅, [32;1m-5424.4 KiB[0m

Security vulnerability report

17 derivations with active advisories'
'16 derivations left out due to whitelisting'
''
'------------------------------------------------------------------------'
'async-2.2.4'
''
'/nix/store/kz0a4hh4a18zf8m396q07nsl8d65yppw-async-2.2.4.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8'
''
'------------------------------------------------------------------------'
'async-2.2.4-r1.cabal'
''
'/nix/store/00pc92514qyw6m6170pr2z0r9ha7ylbp-async-2.2.4-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8'
''
'------------------------------------------------------------------------'
'cereal-0.5.8.2'
''
'/nix/store/4877rjjyc7h0rv2jh8x8vglfxbsihdd1-cereal-0.5.8.2.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3'
''
'------------------------------------------------------------------------'
'charset-0.3.9'
''
'/nix/store/qm5vbbpfrmsh4mr5plddaf3xiaxjg4j8-charset-0.3.9.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2017-16098    7.5'
''
'------------------------------------------------------------------------'
'commonmark-0.2.2'
''
'/nix/store/q0qd1k60g81r3hg9vkcxd0fx9aczia1x-commonmark-0.2.2.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1'
''
'------------------------------------------------------------------------'
'go-1.16-darwin-amd64-bootstrap'
''
'/nix/store/kdpzhf164h60qh6zpyxwv680pch61dm6-go-1.16-darwin-amd64-bootstrap.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-38297    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-23806    9.1'
'https://nvd.nist.gov/vuln/detail/CVE-2021-39293    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-41771    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-41772    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44716    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-23772    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-23773    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24921    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-34558    6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44717    4.8'
''
'------------------------------------------------------------------------'
'http-client-0.7.11'
''
'/nix/store/l006vmkj3gci6isxymagbwkk0akjhqxa-http-client-0.7.11.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5'
''
'------------------------------------------------------------------------'
'http-client-0.7.11-r1.cabal'
''
'/nix/store/w83lgsiwskrb9armh1148n9kd53i4ahv-http-client-0.7.11-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5'
''
'------------------------------------------------------------------------'
'lens-5.0.1'
''
'/nix/store/39vlx7gy370l2yqyhzyjvnvrvllpvfsp-lens-5.0.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6'
'https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8'
''
'------------------------------------------------------------------------'
'lens-5.0.1-r3.cabal'
''
'/nix/store/46s7nqs3lwl376qx7qilsx62p3afyfrs-lens-5.0.1-r3.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6'
'https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8'
''
'------------------------------------------------------------------------'
'lua-2.1.0'
''
'/nix/store/y65544whk22yj3psbbr54dxzkl18ydjy-lua-2.1.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1'
'https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5'
''
'------------------------------------------------------------------------'
'lua-5.3.6'
''
'/nix/store/dxb0n1s5qcjflls39rlxlgw81lg0547y-lua-5.3.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1'
''
'------------------------------------------------------------------------'
'network-3.1.2.7'
''
'/nix/store/0d3dy4mdjdks3xdfxby7zw39phcrqrqi-network-3.1.2.7.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5'
''
'------------------------------------------------------------------------'
'safe-0.3.19'
''
'/nix/store/swi0m84v7g6z4cgv39ax6y8a2r4pnkmc-safe-0.3.19.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5'
''
'------------------------------------------------------------------------'
'subversion-1.14.2'
''
'/nix/store/bzp6656fgd4y8kwaq672b901dr349z34-subversion-1.14.2.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-21698    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2017-1000085  6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2304     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2111     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29046    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2018-1000111  5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29048    4.3'
''
'------------------------------------------------------------------------'
'zlib-0.6.2.3'
''
'/nix/store/xy1ic7y1pdikqd0gzfvvddgngh3bwycc-zlib-0.6.2.3.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5'
''
'------------------------------------------------------------------------'
'zlib-0.6.2.3-r1.cabal'
''
'/nix/store/fh5gc29ak4j556rg22iwbzgxl2d5l7h4-zlib-0.6.2.3-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5'
''
'use --show-whitelisted to see derivations with only whitelisted CVEs

EdenEast / nyx

chore(flake): Automatic flake update #40

Report for `eden`

Report for `sloth`

Report for `pride`

Report for `theman`

EdenEast / nyx

chore(flake): Automatic flake update #40

Report for eden

Report for sloth

Report for pride

Report for theman

Report for `eden`

Report for `sloth`

Report for `pride`

Report for `theman`