chore(flake): Automatic flake update

EdenEast commented 2 years ago

Flake lock file changes:

Updated np: darwin ➡️ `` 'github:lnl7/nix-darwin/bb3baef6e115ae47bc2ab4973bd3a486488485b0' (2022-04-26) → 'github:lnl7/nix-darwin/2f2bdf658d2b79bada78dc914af99c53cad37cba' (2022-05-07)
Updated np: fenix ➡️ `` 'github:nix-community/fenix/c043ece6b0a48c384bcdaf7b80851b97d50b13d4' (2022-04-30) → 'github:nix-community/fenix/fc75cd2a04c398c7f7f77e44b09776bf74198708' (2022-05-07)
Updated np: fenix/rust-analyzer-src ➡️ `` 'github:rust-analyzer/rust-analyzer/c6995a372f48afb40e2657defb448312281be8ad' (2022-04-29) → 'github:rust-lang/rust-analyzer/81b3e6d124db18cd6015b7d763addfd63e0bd54a' (2022-05-06)
Updated np: home-manager ➡️ `` 'github:nix-community/home-manager/df6010551daa826217939641ab805053f0890239' (2022-05-01) → 'github:nix-community/home-manager/882bd8118bdbff3a6e53e5ced393932b351ce2f6' (2022-05-07)
Updated np: neovim-flake ➡️ `` 'github:neovim/neovim/07660193a38918aa6a17ec691c4e8b021436ed67?dir=contrib' (2022-05-01) → 'github:neovim/neovim/1b1cc4d864b4b15e705c1a500e64c7bfbacedae7?dir=contrib' (2022-05-07)
Updated np: nixpkgs ➡️ `` 'github:nixos/nixpkgs/e10da1c7f542515b609f8dfbcf788f3d85b14936' (2022-04-26) → 'github:nixos/nixpkgs/c777cdf5c564015d5f63b09cc93bef4178b19b01' (2022-05-05)
Updated np: nur ➡️ `` 'github:nix-community/nur/f40e33bde8437989a08998fd230582168ab537a9' (2022-05-01) → 'github:nix-community/nur/9ac6be88c1f75b86545fd96feba56f7d880fe293' (2022-05-08)

github-actions[bot] commented 2 years ago

Report for `sloth`

Version changes:

Version 1 -> 2:
  aalib: ∅ → 1.4rc5, +107.5 KiB
  at-spi2-core: 2.44.0 → 2.44.1
  darkreader: 4.9.48 → 4.9.50
  ell: 0.49 → 0.50, +9.3 KiB
  eslint_d: 12.0.0 → 12.1.0, +20.6 KiB
  firefox: 99.0.1 → 100.0, +25.1 KiB
  firefox-unwrapped: 99.0.1 → 100.0, +612.8 KiB
  fluidsynth: 2.2.3 → 2.2.5
  git: 2.35.3 → 2.36.0, +1285.1 KiB
  glib: 2.72.0 → 2.72.1, +99.9 KiB
  gpm: 1.20.7 → ∅, -516.4 KiB
  gpm-unstable: ∅ → 2020-06-17, +516.6 KiB
  gst-plugins-bad: 1.20.0 → 1.20.1, +40.5 KiB
  gst-plugins-base: 1.20.0 → 1.20.1
  gst-plugins-good: ∅ → 1.20.1, +7954.1 KiB
  gstreamer: 1.20.0 → 1.20.1
  gtk4: 4.6.2 → 4.6.3, +21.9 KiB
  htop: 3.1.2 → 3.2.0, +13.6 KiB
  inih: ∅ → 53, +54.6 KiB
  inih-r53: ε → ∅, -54.6 KiB
  initrd-linux: 5.15.34 → 5.15.36
  just: 1.1.2 → 1.1.3
  libavc1394: ∅ → 0.5.4, +145.0 KiB
  libcaca: ∅ → 0.99.beta20, +873.4 KiB
  libcap-ng: 0.8.2 → 0.8.3
  libiec61883: ∅ → 1.2.0, +142.8 KiB
  libinput: 1.20.0 → 1.20.1
  libshout: ∅ → 2.4.5, +167.1 KiB
  libvdpau: 1.4 → 1.5, +12.0 KiB
  linux: 5.15.34, 5.15.34-modules → 5.15.36, 5.15.36-modules, -11.3 KiB
  linux-headers: 5.16 → 5.17, +101.0 KiB
  make-initrd-ng: ∅ → 0.1.0, +553.0 KiB
  mesa: 22.0.1 → 22.0.2, +13.9 KiB
  neovim-unwrapped: +22.0 KiB
  nixos: +26.6 KiB
  nixos-manual: +28.2 KiB
  nixos-system-sloth: 22.05.20220426.e10da1c → 22.05.20220505.c777cdf
  nodejs: 14.19.1, 16.14.2 → 14.19.2, 16.15.0, +749.0 KiB
  nss: 3.76.1 → 3.78
  openal-soft: 1.21.1 → 1.22.0, +122.0 KiB
  patchelf: ∅ → 0.14.5, +215.4 KiB
  pipewire: +2159.0 KiB
  pulseaudio: +105.9 KiB
  pyright: 1.1.239 → 1.1.243, +86.1 KiB
  python3: +509.7 KiB
  rust-analyzer-nightly: ∅ → 81b3e6d, +36503.0 KiB
  rust-analyzer-nightly-c6995a3: ε → ∅, -36489.6 KiB
  rustc-stable: +34.0 KiB
  shutdown-ramfs: ∅ → ε
  source: -653.0 KiB
  starship: 1.6.2 → 1.6.3
  sumneko-lua-language-server: 3.1.0 → 3.2.1, +49.1 KiB
  systemd: +20.0 KiB
  systemd-minimal: +20.0 KiB
  taglib: ∅ → 1.12, +2099.1 KiB
  tree-style-tab: 3.8.22 → 3.8.23
  twolame: ∅ → 2017-09-27, +233.2 KiB
  typescript: 4.6.3 → 4.6.4
  v4l-utils: ∅ → 1.22.1, +891.6 KiB
  vulkan-loader: 1.2.198.0 → 1.3.211.0, +96.6 KiB
  wavpack: ∅ → 5.4.0, +502.4 KiB
  wezterm: ∅ → ε
  zellij: 0.27.0 → 0.29.1, +150.4 KiB

Security vulnerability report

47 derivations with active advisories
25 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.8.0

/nix/store/bjgwh9r267022f99wwxarvcxc375chyw-ShellCheck-0.8.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
anymap-0.12.1

/nix/store/g4gd4hlyjwjd696sxpszlx971lird2rs-anymap-0.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38187    9.8

------------------------------------------------------------------------
async-2.2.4

/nix/store/4n1jcb686h3niv9q5gx8vg448psp0gsj-async-2.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
async-2.2.4-r1.cabal

/nix/store/025anm381a1p2n9wpizn4z7mm357xxbv-async-2.2.4-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
cereal-0.5.8.2

/nix/store/bpbm4w4iz93wwjgdlq3653ifdjya10da-cereal-0.5.8.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
charset-0.3.9

/nix/store/0pg0lq4cwr5z3vgbh2dbx9jcrczx4z9k-charset-0.3.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-16098    7.5

------------------------------------------------------------------------
commonmark-0.2.2

/nix/store/fivs2ns1kpsljrks6zl3ziap4riy4rsw-commonmark-0.2.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
dot-0.1.4

/nix/store/vjsm0np0955wp4pn6sfs80sbizgnd0zh-dot-0.1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-7639     5.3

------------------------------------------------------------------------
e2fsprogs-1.46.5

/nix/store/skjjzc8mdm4mfmph6h56aagc4fsmkxrj-e2fsprogs-1.46.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1304     7.8

------------------------------------------------------------------------
freetype-2.12.0

/nix/store/is0m7q5dsdczb26ijy8llzrvih2nr203-freetype-2.12.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-27404    9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-27405    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-27406    7.5

------------------------------------------------------------------------
fuse-2.9.9

/nix/store/bhvvp6v8b24844xyj23yp9297z33g2dx-fuse-2.9.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/h327gy6b9q5ya01by5k1bzra2rj876kc-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-3.10.5

/nix/store/5rvja58ci0i74jshhm6ng3mixgp3y4ms-fuse-3.10.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
gcc-6.5.0

/nix/store/sfs13pbm7dpb3hsa5igcjavhkjdhmpab-gcc-6.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-37322    7.8

------------------------------------------------------------------------
giflib-5.2.1

/nix/store/7cig8wfjbbd6swyhzrpal9vfcpdak7nc-giflib-5.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28506    8.8

------------------------------------------------------------------------
git-2.36.0

/nix/store/g9ngrysnq4m33vdjykpm8k6psx8zgif8-git-2.36.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-1000182  6.4
https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4
https://nvd.nist.gov/vuln/detail/CVE-2018-1000110  5.3
https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3

------------------------------------------------------------------------
go-1.16-linux-amd64-bootstrap

/nix/store/3f41dyr969vdbw3cqnxnpz6dwg0gqyyd-go-1.16-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38297    9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-23806    9.1
https://nvd.nist.gov/vuln/detail/CVE-2021-39293    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41771    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44716    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23773    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-24675    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-24921    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-28327    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-34558    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44717    4.8

------------------------------------------------------------------------
home-0.5.3

/nix/store/10rvrirhbb7glhzlfma5fdjdq26fb8nf-home-0.5.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-25264    6.7

------------------------------------------------------------------------
http-client-0.7.11

/nix/store/cp33mq0p1rvraigqywrn0k5lgn8jj5kf-http-client-0.7.11.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
http-client-0.7.11-r1.cabal

/nix/store/srdh3dz37ybdg1y74zgdg0rk15d9pm4f-http-client-0.7.11-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
hub-2.14.2

/nix/store/mp3300cxxfb3arvx3vjz4prhgrdh2n8w-hub-2.14.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-29811    4.8

------------------------------------------------------------------------
instant-0.1.12

/nix/store/2mx42fs0abqhk9lqdm1d8r3lld7gdy3b-instant-0.1.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-13099    5.9

------------------------------------------------------------------------
jose-0.9

/nix/store/758am9p42wbv9ksh9byj0p4lhwxri7d2-jose-0.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-29444    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29445    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29446    5.9

------------------------------------------------------------------------
lens-5.0.1

/nix/store/pdksxdjmrr5249nns6apips008xmv4lw-lens-5.0.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
lens-5.0.1-r3.cabal

/nix/store/w4lsih9mqawxhxzm7vrlmi548h352210-lens-5.0.1-r3.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
libde265-1.0.8

/nix/store/r6mswq9dxrhgbiik4d2970v2v8kkkadz-libde265-1.0.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1253     9.8

------------------------------------------------------------------------
lua-2.1.0

/nix/store/bg9rh6wy788fxy0bj94im965imj7vf1z-lua-2.1.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5

------------------------------------------------------------------------
lua-5.2.4

/nix/store/c88lbbxg8sjhx9s7xp0y7zyzz2s0pcks-lua-5.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
lua-5.2.4-env

/nix/store/1ppkyl6v2g0s7skz9lkznsms8rpi04mb-lua-5.2.4-env.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-43519    5.5

------------------------------------------------------------------------
lua-5.3.6

/nix/store/f9gvaahiffbxmzvqbsxq14w6w4xvv0cn-lua-5.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
markdown-0.33-1.rockspec

/nix/store/1vh2w9dcsaxahgsrc6lflfyhw6bqpv5v-markdown-0.33-1.rockspec.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-1000874  6.1

------------------------------------------------------------------------
ncurses-6.3

/nix/store/65165j8m659lq5dgdzjcf8y2i6d9il6f-ncurses-6.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-29458    7.1

------------------------------------------------------------------------
network-3.1.2.7

/nix/store/37h47y0l3fdd91xh9nkb5dcca8i2nazf-network-3.1.2.7.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
nss-3.68.3

/nix/store/vknddws9s6n9ikppdzd6mrj8xdik47sy-nss-3.68.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43527    9.8

------------------------------------------------------------------------
quote-1.0.18

/nix/store/sjscrwz0rpc1ywafv036a7qsp745x3b6-quote-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
ruby-2.7.6

/nix/store/0vp2s51jmxam25fcbv1sx7h6yl2rwv0l-ruby-2.7.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28966    7.5

------------------------------------------------------------------------
ruby-2.7.6

/nix/store/03lmzryr74arvk4cd1czkq1znhk1sqzy-ruby-2.7.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28966    7.5

------------------------------------------------------------------------
safe-0.3.19

/nix/store/j3aj8lfs0ihj62v610yffb3ary6m1s4m-safe-0.3.19.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5

------------------------------------------------------------------------
systemd-2.3.0

/nix/store/5kklz4wimam57pam4r57401n5jzl59mx-systemd-2.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-1000082  9.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15688    8.8
https://nvd.nist.gov/vuln/detail/CVE-2017-18078    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-6954     7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15686    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16864    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16865    7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3843     7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3844     7.8
https://nvd.nist.gov/vuln/detail/CVE-2020-1712     7.8
https://nvd.nist.gov/vuln/detail/CVE-2017-9217     7.5
https://nvd.nist.gov/vuln/detail/CVE-2018-15687    7.0
https://nvd.nist.gov/vuln/detail/CVE-2019-3842     7.0
https://nvd.nist.gov/vuln/detail/CVE-2020-13776    6.7
https://nvd.nist.gov/vuln/detail/CVE-2018-1049     5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-33910    5.5
https://nvd.nist.gov/vuln/detail/CVE-2018-16888    4.7
https://nvd.nist.gov/vuln/detail/CVE-2019-20386    2.4

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/7dhx50ydxyy23p4vr9vwnb4nqkwhvx17-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
vault-0.3.1.5-r1.cabal

/nix/store/abymyap24qq17l79aw2nxarfxplqfijr-vault-0.3.1.5-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
vim-8.2.4609

/nix/store/21wgxdcmypj5fd2z12phsxwfkbml6src-vim-8.2.4609.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1154     9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-1160     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-1381     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-1420     5.5

------------------------------------------------------------------------
websockets-0.12.7.3

/nix/store/yxy01rzggkzv5q79qnmjgjn7482ml6rf-websockets-0.12.7.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
websockets-0.12.7.3-r1.cabal

/nix/store/idq7xc9vi6545kgcaml41rnv20n0ddlb-websockets-0.12.7.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
xshell-0.2.1

/nix/store/2dg803knz03hhfnjdi6n9fcy77p4yz9m-xshell-0.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-42095    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-27966    6.5

------------------------------------------------------------------------
zlib-0.6.2.3

/nix/store/pjz2gz7ygcldd5qfw5692d3rcn0xf926-zlib-0.6.2.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

------------------------------------------------------------------------
zlib-0.6.2.3-r1.cabal

/nix/store/rzq6phrnli4mxvxs8c6mv4yyii2b6rfz-zlib-0.6.2.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

use --show-whitelisted to see derivations with only whitelisted CVEs

github-actions[bot] commented 2 years ago

Report for `theman`

Version changes:

Version 1 -> 2:'
'  ICU: [32;1m-2205.5 KiB[0m'
'  bzip2: [32;1m-57.1 KiB[0m'
'  darwin-system: 22.05.20220426.e10da1c+darwin4.bb3baef → 22.05.20220505.c777cdf+darwin4.2f2bdf6'
'  eslint_d: 12.0.0 → 12.1.0, [31;1m+20.6 KiB[0m'
'  git: 2.35.3 → 2.36.0, [31;1m+754.9 KiB[0m'
'  home-manager: [32;1m-20.9 KiB[0m'
'  man-db: [32;1m-633.2 KiB[0m'
'  neovim-unwrapped: [31;1m+21.6 KiB[0m'
'  nodejs: 14.19.1, 16.14.2 → 14.19.2, 16.15.0, [32;1m-88.1 KiB[0m'
'  pyright: 1.1.239 → 1.1.243, [31;1m+86.1 KiB[0m'
'  python3: [31;1m+148.7 KiB[0m'
'  source: [32;1m-653.0 KiB[0m'
'  starship: 1.6.2 → 1.6.3'
'  typescript: 4.6.3 → 4.6.4'
'  xz: [32;1m-130.6 KiB[0m

Security vulnerability report

24 derivations with active advisories'
'11 derivations left out due to whitelisting'
''
'------------------------------------------------------------------------'
'async-2.2.4'
''
'/nix/store/fk9vlqlzfvxz2fhkkf6cb1zwjzm631md-async-2.2.4.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8'
''
'------------------------------------------------------------------------'
'async-2.2.4-r1.cabal'
''
'/nix/store/f85k4zdwzi7898gr9dlspnkdr8jqvy03-async-2.2.4-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8'
''
'------------------------------------------------------------------------'
'cereal-0.5.8.2'
''
'/nix/store/878qqx6p3h7kpajhdvngys81z999pliv-cereal-0.5.8.2.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3'
''
'------------------------------------------------------------------------'
'charset-0.3.9'
''
'/nix/store/g85laizbyzdn2vgkahwrjsnr464gwc5b-charset-0.3.9.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2017-16098    7.5'
''
'------------------------------------------------------------------------'
'commonmark-0.2.2'
''
'/nix/store/w9vakgnxn676r8wj6bj4yhkzsq22hn7n-commonmark-0.2.2.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1'
''
'------------------------------------------------------------------------'
'freetype-2.12.0'
''
'/nix/store/gcdinbgdwaxk6l3agvndwkxj10533vqn-freetype-2.12.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-27404    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-27405    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-27406    7.5'
''
'------------------------------------------------------------------------'
'giflib-5.2.1'
''
'/nix/store/2pwwqkj5qjky6ng7xc7c9q032q95gmb3-giflib-5.2.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28506    8.8'
''
'------------------------------------------------------------------------'
'git-2.36.0'
''
'/nix/store/xjaz37jrm8iavx4f7q21943kgrd39g4p-git-2.36.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2018-1000182  6.4'
'https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2018-1000110  5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3'
''
'------------------------------------------------------------------------'
'go-1.16-darwin-amd64-bootstrap'
''
'/nix/store/p0zb3l8yfv6dwajb39vvrp0i96s212bd-go-1.16-darwin-amd64-bootstrap.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-38297    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-23806    9.1'
'https://nvd.nist.gov/vuln/detail/CVE-2021-39293    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-41771    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-41772    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44716    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-23772    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-23773    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24675    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24921    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28327    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-34558    6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44717    4.8'
''
'------------------------------------------------------------------------'
'http-client-0.7.11'
''
'/nix/store/11w454139iik6bf4y3fv0j4y069n66hh-http-client-0.7.11.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5'
''
'------------------------------------------------------------------------'
'http-client-0.7.11-r1.cabal'
''
'/nix/store/0rrbig5y3ryn0z53frbh6vhcfpira2a3-http-client-0.7.11-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5'
''
'------------------------------------------------------------------------'
'hub-2.14.2'
''
'/nix/store/42agdwpk7bm9qyyxzs3pd02ps3h01vns-hub-2.14.2.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29811    4.8'
''
'------------------------------------------------------------------------'
'lens-5.0.1'
''
'/nix/store/i3yjdv0gns3v8i326fzifnd4ry3isibk-lens-5.0.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6'
'https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8'
''
'------------------------------------------------------------------------'
'lens-5.0.1-r3.cabal'
''
'/nix/store/v9jplab54klbysg25l1x2spg8mk5arqn-lens-5.0.1-r3.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6'
'https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8'
''
'------------------------------------------------------------------------'
'lua-2.1.0'
''
'/nix/store/rr90p8kk60n018rpyj814wlkn6p8ybjy-lua-2.1.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1'
'https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5'
''
'------------------------------------------------------------------------'
'lua-5.3.6'
''
'/nix/store/fgwivddkapbwycflgn0mp8hfhfw2ci7g-lua-5.3.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1'
''
'------------------------------------------------------------------------'
'ncurses-6.3'
''
'/nix/store/iq1rgm6v68mkp1dz4cbj4vzjg9ppxli9-ncurses-6.3.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29458    7.1'
''
'------------------------------------------------------------------------'
'network-3.1.2.7'
''
'/nix/store/aqaylzay6zb33vbjahywqfvw6b9jsg7n-network-3.1.2.7.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5'
''
'------------------------------------------------------------------------'
'ruby-2.7.6'
''
'/nix/store/x9jg73x5paqgrbb3184vllkv15v3kpi7-ruby-2.7.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-28966    7.5'
''
'------------------------------------------------------------------------'
'ruby-2.7.6'
''
'/nix/store/jv4shx1v0dbq1xblw3a88y9k2rxccqd4-ruby-2.7.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-28966    7.5'
''
'------------------------------------------------------------------------'
'safe-0.3.19'
''
'/nix/store/sx604zyvyvisrfq1b6fn3fvihi6ikdbp-safe-0.3.19.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5'
''
'------------------------------------------------------------------------'
'subversion-1.14.2'
''
'/nix/store/9sjc96a1kdk1adh2cc31rplhffci4p39-subversion-1.14.2.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-21698    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2017-1000085  6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2304     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2111     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29046    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2018-1000111  5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29048    4.3'
''
'------------------------------------------------------------------------'
'zlib-0.6.2.3'
''
'/nix/store/dm9my6pb9pshhqw1nxz31flhdqwsw8ad-zlib-0.6.2.3.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5'
''
'------------------------------------------------------------------------'
'zlib-0.6.2.3-r1.cabal'
''
'/nix/store/qg5ib38vy428h65h8r7ab6mjw96bk8a3-zlib-0.6.2.3-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5'
''
'use --show-whitelisted to see derivations with only whitelisted CVEs

github-actions[bot] commented 2 years ago

Report for `eden`

Version changes:

Version 1 -> 2:
  eslint_d: 12.0.0 → 12.1.0, +20.6 KiB
  git: 2.35.3 → 2.36.0, +1285.1 KiB
  glib: 2.72.0 → 2.72.1, +49.9 KiB
  htop: 3.1.2 → 3.2.0, +13.6 KiB
  just: 1.1.2 → 1.1.3
  libcap-ng: 0.8.2 → 0.8.3
  linux-headers: 5.16 → 5.17, +101.0 KiB
  neovim-unwrapped: +22.0 KiB
  nodejs: 14.19.1, 16.14.2 → 14.19.2, 16.15.0, +749.0 KiB
  pyright: 1.1.239 → 1.1.243, +86.1 KiB
  rust-analyzer-nightly: ∅ → 81b3e6d, +36503.0 KiB
  rust-analyzer-nightly-c6995a3: ε → ∅, -36489.6 KiB
  rustc-stable: +34.0 KiB
  source: -653.0 KiB
  starship: 1.6.2 → 1.6.3
  sumneko-lua-language-server: 3.1.0 → 3.2.1, +49.1 KiB
  systemd: +12.0 KiB
  systemd-minimal: +12.0 KiB
  typescript: 4.6.3 → 4.6.4
  zellij: 0.27.0 → 0.29.1, +150.4 KiB

Security vulnerability report

41 derivations with active advisories
13 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.8.0

/nix/store/bjgwh9r267022f99wwxarvcxc375chyw-ShellCheck-0.8.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
anymap-0.12.1

/nix/store/g4gd4hlyjwjd696sxpszlx971lird2rs-anymap-0.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38187    9.8

------------------------------------------------------------------------
async-2.2.4

/nix/store/4n1jcb686h3niv9q5gx8vg448psp0gsj-async-2.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
async-2.2.4-r1.cabal

/nix/store/025anm381a1p2n9wpizn4z7mm357xxbv-async-2.2.4-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
cereal-0.5.8.2

/nix/store/bpbm4w4iz93wwjgdlq3653ifdjya10da-cereal-0.5.8.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
charset-0.3.9

/nix/store/0pg0lq4cwr5z3vgbh2dbx9jcrczx4z9k-charset-0.3.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-16098    7.5

------------------------------------------------------------------------
commonmark-0.2.2

/nix/store/fivs2ns1kpsljrks6zl3ziap4riy4rsw-commonmark-0.2.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
dot-0.1.4

/nix/store/vjsm0np0955wp4pn6sfs80sbizgnd0zh-dot-0.1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-7639     5.3

------------------------------------------------------------------------
e2fsprogs-1.46.5

/nix/store/skjjzc8mdm4mfmph6h56aagc4fsmkxrj-e2fsprogs-1.46.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1304     7.8

------------------------------------------------------------------------
freetype-2.12.0

/nix/store/is0m7q5dsdczb26ijy8llzrvih2nr203-freetype-2.12.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-27404    9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-27405    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-27406    7.5

------------------------------------------------------------------------
fuse-2.9.9

/nix/store/bhvvp6v8b24844xyj23yp9297z33g2dx-fuse-2.9.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/h327gy6b9q5ya01by5k1bzra2rj876kc-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-3.10.5

/nix/store/5rvja58ci0i74jshhm6ng3mixgp3y4ms-fuse-3.10.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
giflib-5.2.1

/nix/store/7cig8wfjbbd6swyhzrpal9vfcpdak7nc-giflib-5.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28506    8.8

------------------------------------------------------------------------
git-2.36.0

/nix/store/g9ngrysnq4m33vdjykpm8k6psx8zgif8-git-2.36.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-1000182  6.4
https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4
https://nvd.nist.gov/vuln/detail/CVE-2018-1000110  5.3
https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3

------------------------------------------------------------------------
go-1.16-linux-amd64-bootstrap

/nix/store/3f41dyr969vdbw3cqnxnpz6dwg0gqyyd-go-1.16-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38297    9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-23806    9.1
https://nvd.nist.gov/vuln/detail/CVE-2021-39293    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41771    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44716    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23773    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-24675    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-24921    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-28327    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-34558    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44717    4.8

------------------------------------------------------------------------
home-0.5.3

/nix/store/10rvrirhbb7glhzlfma5fdjdq26fb8nf-home-0.5.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-25264    6.7

------------------------------------------------------------------------
http-client-0.7.11

/nix/store/cp33mq0p1rvraigqywrn0k5lgn8jj5kf-http-client-0.7.11.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
http-client-0.7.11-r1.cabal

/nix/store/srdh3dz37ybdg1y74zgdg0rk15d9pm4f-http-client-0.7.11-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
hub-2.14.2

/nix/store/mp3300cxxfb3arvx3vjz4prhgrdh2n8w-hub-2.14.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-29811    4.8

------------------------------------------------------------------------
instant-0.1.12

/nix/store/2mx42fs0abqhk9lqdm1d8r3lld7gdy3b-instant-0.1.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-13099    5.9

------------------------------------------------------------------------
jose-0.9

/nix/store/758am9p42wbv9ksh9byj0p4lhwxri7d2-jose-0.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-29444    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29445    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29446    5.9

------------------------------------------------------------------------
lens-5.0.1

/nix/store/pdksxdjmrr5249nns6apips008xmv4lw-lens-5.0.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
lens-5.0.1-r3.cabal

/nix/store/w4lsih9mqawxhxzm7vrlmi548h352210-lens-5.0.1-r3.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
lua-2.1.0

/nix/store/bg9rh6wy788fxy0bj94im965imj7vf1z-lua-2.1.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5

------------------------------------------------------------------------
lua-5.3.6

/nix/store/f9gvaahiffbxmzvqbsxq14w6w4xvv0cn-lua-5.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
ncurses-6.3

/nix/store/65165j8m659lq5dgdzjcf8y2i6d9il6f-ncurses-6.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-29458    7.1

------------------------------------------------------------------------
network-3.1.2.7

/nix/store/37h47y0l3fdd91xh9nkb5dcca8i2nazf-network-3.1.2.7.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
quote-1.0.18

/nix/store/sjscrwz0rpc1ywafv036a7qsp745x3b6-quote-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
ruby-2.7.6

/nix/store/0vp2s51jmxam25fcbv1sx7h6yl2rwv0l-ruby-2.7.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28966    7.5

------------------------------------------------------------------------
ruby-2.7.6

/nix/store/03lmzryr74arvk4cd1czkq1znhk1sqzy-ruby-2.7.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28966    7.5

------------------------------------------------------------------------
safe-0.3.19

/nix/store/j3aj8lfs0ihj62v610yffb3ary6m1s4m-safe-0.3.19.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5

------------------------------------------------------------------------
systemd-2.3.0

/nix/store/5kklz4wimam57pam4r57401n5jzl59mx-systemd-2.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-1000082  9.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15688    8.8
https://nvd.nist.gov/vuln/detail/CVE-2017-18078    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-6954     7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15686    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16864    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16865    7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3843     7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3844     7.8
https://nvd.nist.gov/vuln/detail/CVE-2020-1712     7.8
https://nvd.nist.gov/vuln/detail/CVE-2017-9217     7.5
https://nvd.nist.gov/vuln/detail/CVE-2018-15687    7.0
https://nvd.nist.gov/vuln/detail/CVE-2019-3842     7.0
https://nvd.nist.gov/vuln/detail/CVE-2020-13776    6.7
https://nvd.nist.gov/vuln/detail/CVE-2018-1049     5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-33910    5.5
https://nvd.nist.gov/vuln/detail/CVE-2018-16888    4.7
https://nvd.nist.gov/vuln/detail/CVE-2019-20386    2.4

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/7dhx50ydxyy23p4vr9vwnb4nqkwhvx17-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
vault-0.3.1.5-r1.cabal

/nix/store/abymyap24qq17l79aw2nxarfxplqfijr-vault-0.3.1.5-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
vim-8.2.4609

/nix/store/21wgxdcmypj5fd2z12phsxwfkbml6src-vim-8.2.4609.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1154     9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-1160     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-1381     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-1420     5.5

------------------------------------------------------------------------
websockets-0.12.7.3

/nix/store/yxy01rzggkzv5q79qnmjgjn7482ml6rf-websockets-0.12.7.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
websockets-0.12.7.3-r1.cabal

/nix/store/idq7xc9vi6545kgcaml41rnv20n0ddlb-websockets-0.12.7.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
xshell-0.2.1

/nix/store/2dg803knz03hhfnjdi6n9fcy77p4yz9m-xshell-0.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-42095    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-27966    6.5

------------------------------------------------------------------------
zlib-0.6.2.3

/nix/store/pjz2gz7ygcldd5qfw5692d3rcn0xf926-zlib-0.6.2.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

------------------------------------------------------------------------
zlib-0.6.2.3-r1.cabal

/nix/store/rzq6phrnli4mxvxs8c6mv4yyii2b6rfz-zlib-0.6.2.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

use --show-whitelisted to see derivations with only whitelisted CVEs

github-actions[bot] commented 2 years ago

Report for `pride`

Version changes:

Version 1 -> 2:
  aalib: ∅ → 1.4rc5, +107.5 KiB
  at-spi2-core: 2.44.0 → 2.44.1
  cpupower: 5.17.2 → 5.17.5
  darkreader: 4.9.48 → 4.9.50
  ell: 0.49 → 0.50, +14.5 KiB
  eslint_d: 12.0.0 → 12.1.0, +20.6 KiB
  extra: ε → ∅, -21816.8 KiB
  ffmpeg-full: +51.8 KiB
  firefox: 99.0.1 → 100.0, +25.1 KiB
  firefox-unwrapped: 99.0.1 → 100.0, +612.8 KiB
  fluidsynth: 2.2.3 → 2.2.5, +8.0 KiB
  git: 2.35.3 → 2.36.0, +1285.1 KiB
  glib: 2.72.0 → 2.72.1, +99.9 KiB
  gpm: 1.20.7 → ∅, -516.4 KiB
  gpm-unstable: ∅ → 2020-06-17, +516.6 KiB
  gst-plugins-bad: 1.20.0 → 1.20.1, +75.4 KiB
  gst-plugins-base: 1.20.0 → 1.20.1
  gst-plugins-good: ∅ → 1.20.1, +7954.1 KiB
  gst-plugins-ugly: 1.20.0 → 1.20.1
  gstreamer: 1.20.0 → 1.20.1
  gtk4: 4.6.2 → 4.6.3, +21.9 KiB
  htop: 3.1.2 → 3.2.0, +13.6 KiB
  inih: ∅ → 53, +54.6 KiB
  inih-r53: ε → ∅, -54.6 KiB
  initrd: ε → ∅
  initrd-kmod-blacklist: ε → ∅
  initrd-linux: 5.17.2 → 5.17.5, -8.0 KiB
  just: 1.1.2 → 1.1.3
  keymap: ε → ∅
  libavc1394: ∅ → 0.5.4, +145.0 KiB
  libcap-ng: 0.8.2 → 0.8.3
  libiec61883: ∅ → 1.2.0, +142.8 KiB
  libinput: 1.20.0 → 1.20.1
  libshout: ∅ → 2.4.5, +167.1 KiB
  libvdpau: 1.4 → 1.5, +20.2 KiB
  libvlc: 3.0.17 → 3.0.17.3
  linux: 5.17.2, 5.17.2-modules → 5.17.5, 5.17.5-modules, -84.2 KiB
  linux-headers: 5.16 → 5.17, +202.0 KiB
  make-initrd-ng: ∅ → 0.1.0, +553.0 KiB
  mdadm.conf: ε → ∅
  mesa: 22.0.1 → 22.0.2, +19.9 KiB
  neovim-unwrapped: +22.0 KiB
  nixos: +26.6 KiB
  nixos-manual: +28.2 KiB
  nixos-system-pride: 22.05.20220426.e10da1c → 22.05.20220505.c777cdf
  nodejs: 14.19.1, 16.14.2 → 14.19.2, 16.15.0, +749.0 KiB
  nss: 3.76.1 → 3.78
  nvidia-settings: 510.60.02 → 510.68.02
  nvidia-x11: 510.60.02-5.17.2 → 510.68.02-5.17.5, +41.4 KiB
  obs-studio: +9534.9 KiB
  openal-soft: 1.21.1 → 1.22.0, +245.8 KiB
  patchelf: ∅ → 0.14.5, +215.4 KiB
  pipewire: +1733.9 KiB
  pulseaudio: +105.9 KiB
  pyright: 1.1.239 → 1.1.243, +86.1 KiB
  python3: +509.7 KiB
  rust-analyzer-nightly: ∅ → 81b3e6d, +36503.0 KiB
  rust-analyzer-nightly-c6995a3: ε → ∅, -36489.6 KiB
  rustc-stable: +34.0 KiB
  shutdown-ramfs: ∅ → ε
  source: -653.0 KiB
  stage: 1-init.sh → ∅, -19.6 KiB
  starship: 1.6.2 → 1.6.3
  steam: +55.3 KiB
  steam-run: +55.0 KiB
  sumneko-lua-language-server: 3.1.0 → 3.2.1, +49.1 KiB
  systemd: +20.0 KiB
  systemd-minimal: +20.0 KiB
  tree-style-tab: 3.8.22 → 3.8.23
  twolame: ∅ → 2017-09-27, +233.2 KiB
  typescript: 4.6.3 → 4.6.4
  udev: -35.4 KiB
  vulkan-loader: 1.2.198.0 → 1.3.211.0, +224.6 KiB
  wavpack: ∅ → 5.4.0, +502.4 KiB
  wezterm: ∅ → ε
  zellij: 0.27.0 → 0.29.1, +150.4 KiB
  zenity: 3.42.0 → 3.42.1

Security vulnerability report

49 derivations with active advisories
27 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.8.0

/nix/store/bjgwh9r267022f99wwxarvcxc375chyw-ShellCheck-0.8.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
anymap-0.12.1

/nix/store/g4gd4hlyjwjd696sxpszlx971lird2rs-anymap-0.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38187    9.8

------------------------------------------------------------------------
async-2.2.4

/nix/store/4n1jcb686h3niv9q5gx8vg448psp0gsj-async-2.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
async-2.2.4-r1.cabal

/nix/store/025anm381a1p2n9wpizn4z7mm357xxbv-async-2.2.4-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43138    7.8

------------------------------------------------------------------------
cereal-0.5.8.2

/nix/store/bpbm4w4iz93wwjgdlq3653ifdjya10da-cereal-0.5.8.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
charset-0.3.9

/nix/store/0pg0lq4cwr5z3vgbh2dbx9jcrczx4z9k-charset-0.3.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-16098    7.5

------------------------------------------------------------------------
commonmark-0.2.2

/nix/store/fivs2ns1kpsljrks6zl3ziap4riy4rsw-commonmark-0.2.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
dot-0.1.4

/nix/store/vjsm0np0955wp4pn6sfs80sbizgnd0zh-dot-0.1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-7639     5.3

------------------------------------------------------------------------
e2fsprogs-1.46.5

/nix/store/skjjzc8mdm4mfmph6h56aagc4fsmkxrj-e2fsprogs-1.46.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1304     7.8

------------------------------------------------------------------------
freetype-2.12.0

/nix/store/is0m7q5dsdczb26ijy8llzrvih2nr203-freetype-2.12.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-27404    9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-27405    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-27406    7.5

------------------------------------------------------------------------
fuse-2.9.9

/nix/store/bhvvp6v8b24844xyj23yp9297z33g2dx-fuse-2.9.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/h327gy6b9q5ya01by5k1bzra2rj876kc-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-3.10.5

/nix/store/5rvja58ci0i74jshhm6ng3mixgp3y4ms-fuse-3.10.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
gcc-6.5.0

/nix/store/sfs13pbm7dpb3hsa5igcjavhkjdhmpab-gcc-6.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-37322    7.8

------------------------------------------------------------------------
gcc-7.5.0

/nix/store/l2026n0326g5mzmq93l9c3dqkr40i48r-gcc-7.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-12886    8.1
https://nvd.nist.gov/vuln/detail/CVE-2021-37322    7.8

------------------------------------------------------------------------
giflib-5.2.1

/nix/store/7cig8wfjbbd6swyhzrpal9vfcpdak7nc-giflib-5.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28506    8.8

------------------------------------------------------------------------
git-2.36.0

/nix/store/g9ngrysnq4m33vdjykpm8k6psx8zgif8-git-2.36.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-1000182  6.4
https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4
https://nvd.nist.gov/vuln/detail/CVE-2018-1000110  5.3
https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3

------------------------------------------------------------------------
go-1.16-linux-amd64-bootstrap

/nix/store/3f41dyr969vdbw3cqnxnpz6dwg0gqyyd-go-1.16-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-38297    9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-23806    9.1
https://nvd.nist.gov/vuln/detail/CVE-2021-39293    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41771    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44716    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23772    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-23773    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-24675    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-24921    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-28327    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-34558    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-44717    4.8

------------------------------------------------------------------------
home-0.5.3

/nix/store/10rvrirhbb7glhzlfma5fdjdq26fb8nf-home-0.5.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-25264    6.7

------------------------------------------------------------------------
http-client-0.7.11

/nix/store/cp33mq0p1rvraigqywrn0k5lgn8jj5kf-http-client-0.7.11.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
http-client-0.7.11-r1.cabal

/nix/store/srdh3dz37ybdg1y74zgdg0rk15d9pm4f-http-client-0.7.11-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
hub-2.14.2

/nix/store/mp3300cxxfb3arvx3vjz4prhgrdh2n8w-hub-2.14.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-29811    4.8

------------------------------------------------------------------------
instant-0.1.12

/nix/store/2mx42fs0abqhk9lqdm1d8r3lld7gdy3b-instant-0.1.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-13099    5.9

------------------------------------------------------------------------
jose-0.9

/nix/store/758am9p42wbv9ksh9byj0p4lhwxri7d2-jose-0.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-29444    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29445    5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-29446    5.9

------------------------------------------------------------------------
lens-5.0.1

/nix/store/pdksxdjmrr5249nns6apips008xmv4lw-lens-5.0.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
lens-5.0.1-r3.cabal

/nix/store/w4lsih9mqawxhxzm7vrlmi548h352210-lens-5.0.1-r3.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-44458    9.6
https://nvd.nist.gov/vuln/detail/CVE-2021-23154    7.8

------------------------------------------------------------------------
libde265-1.0.8

/nix/store/r6mswq9dxrhgbiik4d2970v2v8kkkadz-libde265-1.0.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1253     9.8

------------------------------------------------------------------------
lua-2.1.0

/nix/store/bg9rh6wy788fxy0bj94im965imj7vf1z-lua-2.1.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5

------------------------------------------------------------------------
lua-5.2.4

/nix/store/c88lbbxg8sjhx9s7xp0y7zyzz2s0pcks-lua-5.2.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
lua-5.2.4-env

/nix/store/1ppkyl6v2g0s7skz9lkznsms8rpi04mb-lua-5.2.4-env.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1
https://nvd.nist.gov/vuln/detail/CVE-2020-15888    8.8
https://nvd.nist.gov/vuln/detail/CVE-2020-15945    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-43519    5.5

------------------------------------------------------------------------
lua-5.3.6

/nix/store/f9gvaahiffbxmzvqbsxq14w6w4xvv0cn-lua-5.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28805    9.1

------------------------------------------------------------------------
markdown-0.33-1.rockspec

/nix/store/1vh2w9dcsaxahgsrc6lflfyhw6bqpv5v-markdown-0.33-1.rockspec.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-1000874  6.1

------------------------------------------------------------------------
ncurses-6.3

/nix/store/65165j8m659lq5dgdzjcf8y2i6d9il6f-ncurses-6.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-29458    7.1

------------------------------------------------------------------------
network-3.1.2.7

/nix/store/37h47y0l3fdd91xh9nkb5dcca8i2nazf-network-3.1.2.7.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
nss-3.68.3

/nix/store/vknddws9s6n9ikppdzd6mrj8xdik47sy-nss-3.68.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-43527    9.8

------------------------------------------------------------------------
quote-1.0.18

/nix/store/sjscrwz0rpc1ywafv036a7qsp745x3b6-quote-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
ruby-2.7.6

/nix/store/0vp2s51jmxam25fcbv1sx7h6yl2rwv0l-ruby-2.7.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28966    7.5

------------------------------------------------------------------------
ruby-2.7.6

/nix/store/03lmzryr74arvk4cd1czkq1znhk1sqzy-ruby-2.7.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28966    7.5

------------------------------------------------------------------------
safe-0.3.19

/nix/store/j3aj8lfs0ihj62v610yffb3ary6m1s4m-safe-0.3.19.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5

------------------------------------------------------------------------
subversion-1.14.2

/nix/store/9sn1imjp9k774s9kmy3zcl2vrca1i13p-subversion-1.14.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-21698    7.5
https://nvd.nist.gov/vuln/detail/CVE-2017-1000085  6.5
https://nvd.nist.gov/vuln/detail/CVE-2020-2304     6.5
https://nvd.nist.gov/vuln/detail/CVE-2020-2111     5.4
https://nvd.nist.gov/vuln/detail/CVE-2022-29046    5.4
https://nvd.nist.gov/vuln/detail/CVE-2018-1000111  5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-29048    4.3

------------------------------------------------------------------------
systemd-2.3.0

/nix/store/5kklz4wimam57pam4r57401n5jzl59mx-systemd-2.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2017-1000082  9.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15688    8.8
https://nvd.nist.gov/vuln/detail/CVE-2017-18078    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-6954     7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-15686    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16864    7.8
https://nvd.nist.gov/vuln/detail/CVE-2018-16865    7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3843     7.8
https://nvd.nist.gov/vuln/detail/CVE-2019-3844     7.8
https://nvd.nist.gov/vuln/detail/CVE-2020-1712     7.8
https://nvd.nist.gov/vuln/detail/CVE-2017-9217     7.5
https://nvd.nist.gov/vuln/detail/CVE-2018-15687    7.0
https://nvd.nist.gov/vuln/detail/CVE-2019-3842     7.0
https://nvd.nist.gov/vuln/detail/CVE-2020-13776    6.7
https://nvd.nist.gov/vuln/detail/CVE-2018-1049     5.9
https://nvd.nist.gov/vuln/detail/CVE-2021-33910    5.5
https://nvd.nist.gov/vuln/detail/CVE-2018-16888    4.7
https://nvd.nist.gov/vuln/detail/CVE-2019-20386    2.4

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/7dhx50ydxyy23p4vr9vwnb4nqkwhvx17-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
vault-0.3.1.5-r1.cabal

/nix/store/abymyap24qq17l79aw2nxarfxplqfijr-vault-0.3.1.5-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-19786    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3

------------------------------------------------------------------------
vim-8.2.4609

/nix/store/21wgxdcmypj5fd2z12phsxwfkbml6src-vim-8.2.4609.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-1154     9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-1160     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-1381     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-1420     5.5

------------------------------------------------------------------------
websockets-0.12.7.3

/nix/store/yxy01rzggkzv5q79qnmjgjn7482ml6rf-websockets-0.12.7.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
websockets-0.12.7.3-r1.cabal

/nix/store/idq7xc9vi6545kgcaml41rnv20n0ddlb-websockets-0.12.7.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33880    5.9

------------------------------------------------------------------------
xshell-0.2.1

/nix/store/2dg803knz03hhfnjdi6n9fcy77p4yz9m-xshell-0.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-42095    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-27966    6.5

------------------------------------------------------------------------
zlib-0.6.2.3

/nix/store/pjz2gz7ygcldd5qfw5692d3rcn0xf926-zlib-0.6.2.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

------------------------------------------------------------------------
zlib-0.6.2.3-r1.cabal

/nix/store/rzq6phrnli4mxvxs8c6mv4yyii2b6rfz-zlib-0.6.2.3-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2018-25032    7.5

use --show-whitelisted to see derivations with only whitelisted CVEs

EdenEast / nyx

chore(flake): Automatic flake update #43

Report for `sloth`

Report for `theman`

Report for `eden`

Report for `pride`

EdenEast / nyx

chore(flake): Automatic flake update #43

Report for sloth

Report for theman

Report for eden

Report for pride

Report for `sloth`

Report for `theman`

Report for `eden`

Report for `pride`