search

nix-community / vulnix

Vulnerability (CVE) scanner for Nix/NixOS.
BSD 3-Clause "New" or "Revised" License
464 stars 35 forks source link

False positive: Bolt from Freedesktop #91

Open fabianhjr opened 1 year ago

fabianhjr commented 1 year ago

attr: bolt path: pkgs/os-specific/linux/bolt/default.nix

/nix/store/50hyqiq0wnjaqylnn6advp9g9f25y5ap-bolt-0.9.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-31321    9.1
https://nvd.nist.gov/vuln/detail/CVE-2019-9185     8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-27367    7.5
https://nvd.nist.gov/vuln/detail/CVE-2019-15483    6.1
https://nvd.nist.gov/vuln/detail/CVE-2019-15484    6.1
https://nvd.nist.gov/vuln/detail/CVE-2019-15485    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-4041     6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-28925    5.3
https://nvd.nist.gov/vuln/detail/CVE-2020-4040     4.3

Confused as a PHP package and reports crit vulnerabilities