search

tuckershea / constellation

My laptop and server configuration
0 stars 0 forks source link

Add Kanata keybinding daemon to darwin systems #86

Closed NoRePercussions closed 2 months ago

NoRePercussions commented 2 months ago

Kanata allows for keyboard and keybind manipulation at the input device level. This makes it suitable for controlling input to all other applications and daemons, for example the shkd hotkey daemon, which requires that any manipulations (such as adding a super key) occur below it in the keyboard stack.

This allows better system-wide keybinds, sets me up for a return to the shkd hotkey daemon as well as yabai, and opens the door for more complex keyboard manipulations in the future.

github-actions[bot] commented 2 months ago

Report for roland

Version changes:

Security vulnerability report 
50 derivations with active advisories
8 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.10.0

/nix/store/28j7hy7j7rz8sbzfh2kigpx370w6dg86-ShellCheck-0.10.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
audiofile-0.3.6

/nix/store/8i6zds8gv6ni8202r0npari0y9xzqjmj-audiofile-0.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-18781    5.5

------------------------------------------------------------------------
cereal-0.5.8.3

/nix/store/cd6cddw8lxiin97yw2wnmmhw40n2ypxy-cereal-0.5.8.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
commonmark-0.2.6

/nix/store/ml4wf4w7qgivqg8mdr1q0iggsc88a5yv-commonmark-0.2.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
cups-2.4.10

/nix/store/kv0raa6n8bzxxd920klq7qcg4y3n4y86-cups-2.4.10.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-26691    6.7

------------------------------------------------------------------------
dbus-1

/nix/store/5qsjfxnaphb5m7zw813cbn7a7chhw4bv-dbus-1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-42010    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42011    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42012    6.5

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/cfvz2yimqjr5ls2jn60gks3qm9bfl3y3-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-3.16.2

/nix/store/62hhzsanj4hw92r9lvysrvq63zfahj08-fuse-3.16.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
gcc-13.3.0

/nix/store/fkk73ndvkaz2hkjvazp3s412pb52kakk-gcc-13.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4039     4.8

------------------------------------------------------------------------
git-2.46.0

/nix/store/g7mhkv3cs9mj9h67bmwmnnhpwk427il5-git-2.46.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36882    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-30947    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-36883    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38663    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4
https://nvd.nist.gov/vuln/detail/CVE-2022-36884    5.3
https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3

------------------------------------------------------------------------
go-1.21.0-linux-amd64-bootstrap

/nix/store/1w5mfqsbqx54xfb3zbhf1ryzaqwb3807-go-1.21.0-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-39320    9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-24790    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-39323    8.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39321    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39322    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39325    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-44487    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39318    6.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39319    6.1
https://nvd.nist.gov/vuln/detail/CVE-2024-24789    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
go-1.22.6

/nix/store/12p4myq9yrziavblqxnxn799kadbjalp-go-1.22.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
hedgehog-1.4

/nix/store/afnz99k2vfyd6fygal0ifl0wzv14nn29-hedgehog-1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
hedgehog-1.4-r8.cabal

/nix/store/5m68ia8f5inbhkza1v8mfjddn4a2x5y6-hedgehog-1.4-r8.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
http-client-0.7.17

/nix/store/ysb8ncj66kbmmxskbbzs96wzxb3a2gmj-http-client-0.7.17.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
jbig2dec-0.20

/nix/store/x1sqwy7skbwgb7yycnfgpyg528h4ry3a-jbig2dec-0.20.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-46361    6.5

------------------------------------------------------------------------
libmemcached-1.0.18

/nix/store/i8x33vd61085kfix7srri5hzh06h0w5b-libmemcached-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-27478    6.5

------------------------------------------------------------------------
libmpeg2-0.5.1

/nix/store/pwpi5bmxga2if363nry1aw7qvpyzxj26-libmpeg2-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37416    6.5

------------------------------------------------------------------------
lodepng-3.10.1

/nix/store/il8ymdgr2gl3m32hdfdzc3i8gfmwds1s-lodepng-3.10.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-17178    7.5

------------------------------------------------------------------------
network-3.1.4.0

/nix/store/f8wmym8cwcl10jp659xkwjsr41rdh9vl-network-3.1.4.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
network-3.1.4.0-r1.cabal

/nix/store/74rzi1kcbdf0k1m8c5vr4ljf4a1apk0q-network-3.1.4.0-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
ninja-1.12.1

/nix/store/znflsi8ifra43452vzfbsrx541h0cwyp-ninja-1.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4336     9.8

------------------------------------------------------------------------
oh-my-zsh-2024-08-27

/nix/store/zllmshb2ryl0q29ki1qq2h09dbrfl8bs-oh-my-zsh-2024-08-27.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3727     9.8

------------------------------------------------------------------------
openvpn-2.6.12

/nix/store/d4fijh6ia0q11n2vzfq57xrvmxgila7p-openvpn-2.6.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27569    7.5

------------------------------------------------------------------------
pip-20.3.4-source

/nix/store/vn6nx0826p50v24p7qg6sv1jpwf1qnic-pip-20.3.4-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3572     5.7
https://nvd.nist.gov/vuln/detail/CVE-2023-5752     3.3

------------------------------------------------------------------------
polkit-1.pam

/nix/store/80n075bwddhlxfhc50myy0r2xh2xgq6a-polkit-1.pam.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4034     7.8

------------------------------------------------------------------------
procps-3.3.17-binlore

/nix/store/03fh3wzy0ja5269nfjish2hw0mdlhgxz-procps-3.3.17-binlore.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
procps-3.3.17-lore-override

/nix/store/dbw12ba5fwgfkpjd6xl86zll20ayhmqq-procps-3.3.17-lore-override.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
python-2.7.18.8

/nix/store/hmiijzpqz73dgs7jr9lvkv6yiavbzjqx-python-2.7.18.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-48565    9.8
https://nvd.nist.gov/vuln/detail/CVE-2019-9674     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-0391     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-45061    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48560    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-24329    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-36632    7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-6232     7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-7592     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-26488    7.0
https://nvd.nist.gov/vuln/detail/CVE-2021-3733     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48564    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-23336    5.9
https://nvd.nist.gov/vuln/detail/CVE-2022-48566    5.9
https://nvd.nist.gov/vuln/detail/CVE-2023-40217    5.3

------------------------------------------------------------------------
quote-1.0.36

/nix/store/x4dylylvrrj9pix92hbpmg0jsi0ijkpn-quote-1.0.36.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
rubygems-3.5.16

/nix/store/741nm0pyh022cdnyavng47y9j6s4wix5-rubygems-3.5.16.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36073    8.8

------------------------------------------------------------------------
safe-0.3.21

/nix/store/63z2154ywqk9yzvc2l5a0q9jiqyv3a88-safe-0.3.21.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
safe-0.3.21-r1.cabal

/nix/store/5b96a8chlvh6bvbhpx9fj61xi1q4wwwi-safe-0.3.21-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
samba-4.20.4

/nix/store/gk7384161dmp7vi3vm765ki9jss70nda-samba-4.20.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37966    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-38023    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-32743    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-37967    7.2
https://nvd.nist.gov/vuln/detail/CVE-2021-3670     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-1615     5.5

------------------------------------------------------------------------
sassc-3.6.2

/nix/store/jzx01izqmq4kh7wln29f3c3f1862ykys-sassc-3.6.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-43357    7.5

------------------------------------------------------------------------
setuptools-44.0.0-source

/nix/store/2qgk79a0kazqyhghx1w5c5cb6vwc9as9-setuptools-44.0.0-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40897    5.9

------------------------------------------------------------------------
stringbuilder-0.5.1

/nix/store/36lwb84k8cpq1ndnnqp138li59jjlbiz-stringbuilder-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-21524    9.1

------------------------------------------------------------------------
unzip-6.0

/nix/store/03dvx39sdpvybbi6psky85ab413zgi80-unzip-6.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4217     3.3

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/wza5fbrprzmm37s3ic2kb7pi2hwha6xj-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
vault-0.3.1.5-r7.cabal

/nix/store/740i9rm23im41x9vbk5lw8jxfr4jdcr2-vault-0.3.1.5-r7.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
warp-3.3.31

/nix/store/ysq6bxlyv68d1xzy5flwfaql30v3k3gr-warp-3.3.31.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3320     9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-3512     8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4428     8.0
https://nvd.nist.gov/vuln/detail/CVE-2022-2145     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-2225     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-0652     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1412     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1862     7.3
https://nvd.nist.gov/vuln/detail/CVE-2023-2754     6.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4457     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0238     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0654     3.7

------------------------------------------------------------------------
wheel-0.37.1-source

/nix/store/7sm5bzb59dafwk8rj5bqvjzpx251chwn-wheel-0.37.1-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40898    7.5

------------------------------------------------------------------------
xdg-utils-1.2.1

/nix/store/k99j8vyz4whsrxh7mv702b8bzbyd35q2-xdg-utils-1.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27748    6.5

------------------------------------------------------------------------
yaml-0.11.11.2

/nix/store/b8k0kq9vx4iq0lxs9nqjnsh9ard5vkhm-yaml-0.11.11.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yaml-0.11.11.2-r2.cabal

/nix/store/yg0d6yl4a8blp1lxnx2hlpnk5xvicjvp-yaml-0.11.11.2-r2.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yara-4.5.0

/nix/store/30x3z3pcnbzdhh31678vdlk496jvdyvh-yara-4.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-45429    5.5

------------------------------------------------------------------------
yasm-1.3.0

/nix/store/20l221rfvy85j0pbpa29afip9xysmvi6-yasm-1.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33454    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33455    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33456    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33457    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33458    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33459    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33460    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33461    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33462    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33463    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33464    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33465    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33466    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33467    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33468    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-30402    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31972    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31973    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31974    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-51258    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31975    3.3

------------------------------------------------------------------------
zlib-0.6.3.0

/nix/store/7rnx7fgby145gszi75a4lg7wd38rqzds-zlib-0.6.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-0.6.3.0-r5.cabal

/nix/store/piy096kvsgzmx5mbhm8kzmjykl336cx3-zlib-0.6.3.0-r5.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-1.3.1

/nix/store/890wip2h8rdj94kzq44jzmf8mj33ik70-zlib-1.3.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

use --show-whitelisted to see derivations with only whitelisted CVEs
github-actions[bot] commented 2 months ago

Report for marlon

Version changes:

Security vulnerability report 
51 derivations with active advisories
8 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.10.0

/nix/store/28j7hy7j7rz8sbzfh2kigpx370w6dg86-ShellCheck-0.10.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
aardvark-dns-1.12.1

/nix/store/0s07nyhlpiqdr4ikmss0w1i56ip1fkwl-aardvark-dns-1.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-8418     7.5

------------------------------------------------------------------------
audiofile-0.3.6

/nix/store/8i6zds8gv6ni8202r0npari0y9xzqjmj-audiofile-0.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-18781    5.5

------------------------------------------------------------------------
cereal-0.5.8.3

/nix/store/cd6cddw8lxiin97yw2wnmmhw40n2ypxy-cereal-0.5.8.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
commonmark-0.2.6

/nix/store/ml4wf4w7qgivqg8mdr1q0iggsc88a5yv-commonmark-0.2.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
cups-2.4.10

/nix/store/kv0raa6n8bzxxd920klq7qcg4y3n4y86-cups-2.4.10.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-26691    6.7

------------------------------------------------------------------------
dbus-1

/nix/store/60wydzcd80nylqjlmkm8jbj12cm548z6-dbus-1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-42010    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42011    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42012    6.5

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/cfvz2yimqjr5ls2jn60gks3qm9bfl3y3-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-3.16.2

/nix/store/62hhzsanj4hw92r9lvysrvq63zfahj08-fuse-3.16.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
gcc-13.3.0

/nix/store/fkk73ndvkaz2hkjvazp3s412pb52kakk-gcc-13.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4039     4.8

------------------------------------------------------------------------
git-2.46.0

/nix/store/g7mhkv3cs9mj9h67bmwmnnhpwk427il5-git-2.46.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36882    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-30947    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-36883    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38663    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4
https://nvd.nist.gov/vuln/detail/CVE-2022-36884    5.3
https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3

------------------------------------------------------------------------
go-1.21.0-linux-amd64-bootstrap

/nix/store/1w5mfqsbqx54xfb3zbhf1ryzaqwb3807-go-1.21.0-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-39320    9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-24790    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-39323    8.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39321    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39322    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39325    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-44487    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39318    6.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39319    6.1
https://nvd.nist.gov/vuln/detail/CVE-2024-24789    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
go-1.22.6

/nix/store/12p4myq9yrziavblqxnxn799kadbjalp-go-1.22.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
hedgehog-1.4

/nix/store/afnz99k2vfyd6fygal0ifl0wzv14nn29-hedgehog-1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
hedgehog-1.4-r8.cabal

/nix/store/5m68ia8f5inbhkza1v8mfjddn4a2x5y6-hedgehog-1.4-r8.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
http-client-0.7.17

/nix/store/ysb8ncj66kbmmxskbbzs96wzxb3a2gmj-http-client-0.7.17.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
jbig2dec-0.20

/nix/store/x1sqwy7skbwgb7yycnfgpyg528h4ry3a-jbig2dec-0.20.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-46361    6.5

------------------------------------------------------------------------
libmemcached-1.0.18

/nix/store/i8x33vd61085kfix7srri5hzh06h0w5b-libmemcached-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-27478    6.5

------------------------------------------------------------------------
libmpeg2-0.5.1

/nix/store/pwpi5bmxga2if363nry1aw7qvpyzxj26-libmpeg2-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37416    6.5

------------------------------------------------------------------------
lodepng-3.10.1

/nix/store/il8ymdgr2gl3m32hdfdzc3i8gfmwds1s-lodepng-3.10.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-17178    7.5

------------------------------------------------------------------------
network-3.1.4.0

/nix/store/f8wmym8cwcl10jp659xkwjsr41rdh9vl-network-3.1.4.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
network-3.1.4.0-r1.cabal

/nix/store/74rzi1kcbdf0k1m8c5vr4ljf4a1apk0q-network-3.1.4.0-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
ninja-1.12.1

/nix/store/znflsi8ifra43452vzfbsrx541h0cwyp-ninja-1.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4336     9.8

------------------------------------------------------------------------
oh-my-zsh-2024-08-27

/nix/store/zllmshb2ryl0q29ki1qq2h09dbrfl8bs-oh-my-zsh-2024-08-27.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3727     9.8

------------------------------------------------------------------------
openvpn-2.6.12

/nix/store/d4fijh6ia0q11n2vzfq57xrvmxgila7p-openvpn-2.6.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27569    7.5

------------------------------------------------------------------------
pip-20.3.4-source

/nix/store/vn6nx0826p50v24p7qg6sv1jpwf1qnic-pip-20.3.4-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3572     5.7
https://nvd.nist.gov/vuln/detail/CVE-2023-5752     3.3

------------------------------------------------------------------------
polkit-1.pam

/nix/store/80n075bwddhlxfhc50myy0r2xh2xgq6a-polkit-1.pam.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4034     7.8

------------------------------------------------------------------------
procps-3.3.17-binlore

/nix/store/03fh3wzy0ja5269nfjish2hw0mdlhgxz-procps-3.3.17-binlore.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
procps-3.3.17-lore-override

/nix/store/dbw12ba5fwgfkpjd6xl86zll20ayhmqq-procps-3.3.17-lore-override.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
python-2.7.18.8

/nix/store/hmiijzpqz73dgs7jr9lvkv6yiavbzjqx-python-2.7.18.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-48565    9.8
https://nvd.nist.gov/vuln/detail/CVE-2019-9674     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-0391     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-45061    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48560    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-24329    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-36632    7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-6232     7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-7592     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-26488    7.0
https://nvd.nist.gov/vuln/detail/CVE-2021-3733     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48564    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-23336    5.9
https://nvd.nist.gov/vuln/detail/CVE-2022-48566    5.9
https://nvd.nist.gov/vuln/detail/CVE-2023-40217    5.3

------------------------------------------------------------------------
quote-1.0.36

/nix/store/x4dylylvrrj9pix92hbpmg0jsi0ijkpn-quote-1.0.36.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
rubygems-3.5.16

/nix/store/741nm0pyh022cdnyavng47y9j6s4wix5-rubygems-3.5.16.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36073    8.8

------------------------------------------------------------------------
safe-0.3.21

/nix/store/63z2154ywqk9yzvc2l5a0q9jiqyv3a88-safe-0.3.21.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
safe-0.3.21-r1.cabal

/nix/store/5b96a8chlvh6bvbhpx9fj61xi1q4wwwi-safe-0.3.21-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
samba-4.20.4

/nix/store/gk7384161dmp7vi3vm765ki9jss70nda-samba-4.20.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37966    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-38023    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-32743    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-37967    7.2
https://nvd.nist.gov/vuln/detail/CVE-2021-3670     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-1615     5.5

------------------------------------------------------------------------
sassc-3.6.2

/nix/store/jzx01izqmq4kh7wln29f3c3f1862ykys-sassc-3.6.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-43357    7.5

------------------------------------------------------------------------
setuptools-44.0.0-source

/nix/store/2qgk79a0kazqyhghx1w5c5cb6vwc9as9-setuptools-44.0.0-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40897    5.9

------------------------------------------------------------------------
stringbuilder-0.5.1

/nix/store/36lwb84k8cpq1ndnnqp138li59jjlbiz-stringbuilder-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-21524    9.1

------------------------------------------------------------------------
unzip-6.0

/nix/store/03dvx39sdpvybbi6psky85ab413zgi80-unzip-6.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4217     3.3

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/wza5fbrprzmm37s3ic2kb7pi2hwha6xj-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
vault-0.3.1.5-r7.cabal

/nix/store/740i9rm23im41x9vbk5lw8jxfr4jdcr2-vault-0.3.1.5-r7.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
warp-3.3.31

/nix/store/ysq6bxlyv68d1xzy5flwfaql30v3k3gr-warp-3.3.31.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3320     9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-3512     8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4428     8.0
https://nvd.nist.gov/vuln/detail/CVE-2022-2145     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-2225     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-0652     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1412     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1862     7.3
https://nvd.nist.gov/vuln/detail/CVE-2023-2754     6.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4457     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0238     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0654     3.7

------------------------------------------------------------------------
wheel-0.37.1-source

/nix/store/7sm5bzb59dafwk8rj5bqvjzpx251chwn-wheel-0.37.1-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40898    7.5

------------------------------------------------------------------------
xdg-utils-1.2.1

/nix/store/k99j8vyz4whsrxh7mv702b8bzbyd35q2-xdg-utils-1.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27748    6.5

------------------------------------------------------------------------
yaml-0.11.11.2

/nix/store/b8k0kq9vx4iq0lxs9nqjnsh9ard5vkhm-yaml-0.11.11.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yaml-0.11.11.2-r2.cabal

/nix/store/yg0d6yl4a8blp1lxnx2hlpnk5xvicjvp-yaml-0.11.11.2-r2.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yara-4.5.0

/nix/store/30x3z3pcnbzdhh31678vdlk496jvdyvh-yara-4.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-45429    5.5

------------------------------------------------------------------------
yasm-1.3.0

/nix/store/20l221rfvy85j0pbpa29afip9xysmvi6-yasm-1.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33454    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33455    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33456    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33457    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33458    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33459    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33460    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33461    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33462    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33463    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33464    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33465    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33466    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33467    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33468    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-30402    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31972    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31973    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31974    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-51258    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31975    3.3

------------------------------------------------------------------------
zlib-0.6.3.0

/nix/store/7rnx7fgby145gszi75a4lg7wd38rqzds-zlib-0.6.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-0.6.3.0-r5.cabal

/nix/store/piy096kvsgzmx5mbhm8kzmjykl336cx3-zlib-0.6.3.0-r5.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-1.3.1

/nix/store/4gw9bs30lgjylxn5wvzzscw4b5blijmi-zlib-1.3.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

use --show-whitelisted to see derivations with only whitelisted CVEs
github-actions[bot] commented 2 months ago

Report for vic

Version changes:

Security vulnerability report 
63 derivations with active advisories
9 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.10.0

/nix/store/28j7hy7j7rz8sbzfh2kigpx370w6dg86-ShellCheck-0.10.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
accountsservice-23.13.9

/nix/store/y8m8wg0wg5ybpjawdf6kayijc0y65x1c-accountsservice-23.13.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-3297     7.8

------------------------------------------------------------------------
audiofile-0.3.6

/nix/store/8i6zds8gv6ni8202r0npari0y9xzqjmj-audiofile-0.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-18781    5.5

------------------------------------------------------------------------
cereal-0.5.8.3

/nix/store/cd6cddw8lxiin97yw2wnmmhw40n2ypxy-cereal-0.5.8.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
commonmark-0.2.6

/nix/store/ml4wf4w7qgivqg8mdr1q0iggsc88a5yv-commonmark-0.2.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
console-0.15.8

/nix/store/phxfxsncszx2hliqkw595llcpvrlajqr-console-0.15.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-33955    5.3

------------------------------------------------------------------------
cups-2.4.10

/nix/store/kv0raa6n8bzxxd920klq7qcg4y3n4y86-cups-2.4.10.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-26691    6.7

------------------------------------------------------------------------
dash-0.5.12

/nix/store/5mwkmc9gccys5ii2djq8m1ss645hd860-dash-0.5.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-21485    5.4

------------------------------------------------------------------------
dbus-1

/nix/store/acfpv6pwav1572wjg603jdn796dg2wbd-dbus-1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-42010    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42011    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42012    6.5

------------------------------------------------------------------------
djvulibre-3.5.28

/nix/store/74p12yq7f3jqv0mnfl727fb6hg3cj9c0-djvulibre-3.5.28.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-46310    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-46312    6.5

------------------------------------------------------------------------
firefox-129.0.2

/nix/store/9vk3zin020h74hmz4jch985a3zs0jmv2-firefox-129.0.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-8381     9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-8384     9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-8385     9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-8382     8.8
https://nvd.nist.gov/vuln/detail/CVE-2024-8383     7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8386     6.1
https://nvd.nist.gov/vuln/detail/CVE-2024-8388     5.3

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/cfvz2yimqjr5ls2jn60gks3qm9bfl3y3-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-3.16.2

/nix/store/62hhzsanj4hw92r9lvysrvq63zfahj08-fuse-3.16.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
gcc-13.3.0

/nix/store/fkk73ndvkaz2hkjvazp3s412pb52kakk-gcc-13.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4039     4.8

------------------------------------------------------------------------
git-2.46.0

/nix/store/g7mhkv3cs9mj9h67bmwmnnhpwk427il5-git-2.46.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36882    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-30947    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-36883    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38663    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4
https://nvd.nist.gov/vuln/detail/CVE-2022-36884    5.3
https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3

------------------------------------------------------------------------
go-1.21.0-linux-amd64-bootstrap

/nix/store/1w5mfqsbqx54xfb3zbhf1ryzaqwb3807-go-1.21.0-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-39320    9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-24790    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-39323    8.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39321    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39322    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39325    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-44487    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39318    6.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39319    6.1
https://nvd.nist.gov/vuln/detail/CVE-2024-24789    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
go-1.22.6

/nix/store/12p4myq9yrziavblqxnxn799kadbjalp-go-1.22.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
hedgehog-1.4

/nix/store/afnz99k2vfyd6fygal0ifl0wzv14nn29-hedgehog-1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
hedgehog-1.4-r8.cabal

/nix/store/5m68ia8f5inbhkza1v8mfjddn4a2x5y6-hedgehog-1.4-r8.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
http-client-0.7.17

/nix/store/ysb8ncj66kbmmxskbbzs96wzxb3a2gmj-http-client-0.7.17.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
imagemagick-7.1.1-37

/nix/store/bb4x0jpa6pznvbhr4mszhl27if3yvkdc-imagemagick-7.1.1-37.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-41817    7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-5341     5.5

------------------------------------------------------------------------
jbig2dec-0.20

/nix/store/x1sqwy7skbwgb7yycnfgpyg528h4ry3a-jbig2dec-0.20.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-46361    6.5

------------------------------------------------------------------------
libmemcached-1.0.18

/nix/store/i8x33vd61085kfix7srri5hzh06h0w5b-libmemcached-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-27478    6.5

------------------------------------------------------------------------
libmpeg2-0.5.1

/nix/store/pwpi5bmxga2if363nry1aw7qvpyzxj26-libmpeg2-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37416    6.5

------------------------------------------------------------------------
lodepng-3.10.1

/nix/store/il8ymdgr2gl3m32hdfdzc3i8gfmwds1s-lodepng-3.10.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-17178    7.5

------------------------------------------------------------------------
mercurial-6.8.1

/nix/store/adgwz43w27clwyyxj5i5axkl95yrjf0x-mercurial-6.8.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-43410    5.3

------------------------------------------------------------------------
network-3.1.4.0

/nix/store/f8wmym8cwcl10jp659xkwjsr41rdh9vl-network-3.1.4.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
network-3.1.4.0-r1.cabal

/nix/store/74rzi1kcbdf0k1m8c5vr4ljf4a1apk0q-network-3.1.4.0-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
ninja-1.12.1

/nix/store/znflsi8ifra43452vzfbsrx541h0cwyp-ninja-1.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4336     9.8

------------------------------------------------------------------------
oh-my-zsh-2024-08-27

/nix/store/zllmshb2ryl0q29ki1qq2h09dbrfl8bs-oh-my-zsh-2024-08-27.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3727     9.8

------------------------------------------------------------------------
openexr-2.5.10

/nix/store/k6jx138fnv4a7clkb604vif3mwypq7qs-openexr-2.5.10.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-5841     9.1
https://nvd.nist.gov/vuln/detail/CVE-2021-23169    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-3598     5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-3605     5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-23215    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-26260    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-26945    5.5

------------------------------------------------------------------------
openvpn-2.6.12

/nix/store/d4fijh6ia0q11n2vzfq57xrvmxgila7p-openvpn-2.6.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27569    7.5

------------------------------------------------------------------------
pip-20.3.4-source

/nix/store/vn6nx0826p50v24p7qg6sv1jpwf1qnic-pip-20.3.4-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3572     5.7
https://nvd.nist.gov/vuln/detail/CVE-2023-5752     3.3

------------------------------------------------------------------------
plasma-workspace-5.27.11.1

/nix/store/by45mqsgm4zpz336yxl2l5v0zxigq65w-plasma-workspace-5.27.11.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-1433     3.7

------------------------------------------------------------------------
polkit-1.pam

/nix/store/qs11nnf9k3i9jy06cryx3i24faysp4yk-polkit-1.pam.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4034     7.8

------------------------------------------------------------------------
procps-3.3.17-binlore

/nix/store/03fh3wzy0ja5269nfjish2hw0mdlhgxz-procps-3.3.17-binlore.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
procps-3.3.17-lore-override

/nix/store/dbw12ba5fwgfkpjd6xl86zll20ayhmqq-procps-3.3.17-lore-override.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
python-2.7.18.8

/nix/store/hmiijzpqz73dgs7jr9lvkv6yiavbzjqx-python-2.7.18.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-48565    9.8
https://nvd.nist.gov/vuln/detail/CVE-2019-9674     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-0391     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-45061    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48560    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-24329    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-36632    7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-6232     7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-7592     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-26488    7.0
https://nvd.nist.gov/vuln/detail/CVE-2021-3733     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48564    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-23336    5.9
https://nvd.nist.gov/vuln/detail/CVE-2022-48566    5.9
https://nvd.nist.gov/vuln/detail/CVE-2023-40217    5.3

------------------------------------------------------------------------
quote-1.0.35

/nix/store/5xlri9sfq5lxgr4h8cwmyf5w709lcv5s-quote-1.0.35.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
quote-1.0.36

/nix/store/x4dylylvrrj9pix92hbpmg0jsi0ijkpn-quote-1.0.36.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
rubygems-3.5.16

/nix/store/741nm0pyh022cdnyavng47y9j6s4wix5-rubygems-3.5.16.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36073    8.8

------------------------------------------------------------------------
safe-0.3.21

/nix/store/63z2154ywqk9yzvc2l5a0q9jiqyv3a88-safe-0.3.21.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
safe-0.3.21-r1.cabal

/nix/store/5b96a8chlvh6bvbhpx9fj61xi1q4wwwi-safe-0.3.21-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
samba-4.20.4

/nix/store/gk7384161dmp7vi3vm765ki9jss70nda-samba-4.20.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37966    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-38023    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-32743    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-37967    7.2
https://nvd.nist.gov/vuln/detail/CVE-2021-3670     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-1615     5.5

------------------------------------------------------------------------
sassc-3.6.2

/nix/store/jzx01izqmq4kh7wln29f3c3f1862ykys-sassc-3.6.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-43357    7.5

------------------------------------------------------------------------
semver-1.0.22

/nix/store/pihdv8mj700zljzn30wfwg33xgzsysr6-semver-1.0.22.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-25883    7.5

------------------------------------------------------------------------
setuptools-44.0.0-source

/nix/store/2qgk79a0kazqyhghx1w5c5cb6vwc9as9-setuptools-44.0.0-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40897    5.9

------------------------------------------------------------------------
snappy-1.2.1

/nix/store/620p8bw67cv47zadn8yk0yb0hkxqawsx-snappy-1.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-28115    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-41330    9.8

------------------------------------------------------------------------
stringbuilder-0.5.1

/nix/store/36lwb84k8cpq1ndnnqp138li59jjlbiz-stringbuilder-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-21524    9.1

------------------------------------------------------------------------
tap-1.0.1

/nix/store/skck9f2xa7bf1rz4haw90p97swi3z6bh-tap-1.0.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-41940    5.4

------------------------------------------------------------------------
unzip-6.0

/nix/store/03dvx39sdpvybbi6psky85ab413zgi80-unzip-6.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4217     3.3

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/wza5fbrprzmm37s3ic2kb7pi2hwha6xj-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
vault-0.3.1.5-r7.cabal

/nix/store/740i9rm23im41x9vbk5lw8jxfr4jdcr2-vault-0.3.1.5-r7.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
warp-3.3.31

/nix/store/ysq6bxlyv68d1xzy5flwfaql30v3k3gr-warp-3.3.31.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3320     9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-3512     8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4428     8.0
https://nvd.nist.gov/vuln/detail/CVE-2022-2145     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-2225     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-0652     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1412     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1862     7.3
https://nvd.nist.gov/vuln/detail/CVE-2023-2754     6.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4457     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0238     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0654     3.7

------------------------------------------------------------------------
wheel-0.37.1-source

/nix/store/7sm5bzb59dafwk8rj5bqvjzpx251chwn-wheel-0.37.1-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40898    7.5

------------------------------------------------------------------------
xdg-utils-1.2.1

/nix/store/k99j8vyz4whsrxh7mv702b8bzbyd35q2-xdg-utils-1.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27748    6.5

------------------------------------------------------------------------
yaml-0.11.11.2

/nix/store/b8k0kq9vx4iq0lxs9nqjnsh9ard5vkhm-yaml-0.11.11.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yaml-0.11.11.2-r2.cabal

/nix/store/yg0d6yl4a8blp1lxnx2hlpnk5xvicjvp-yaml-0.11.11.2-r2.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yara-4.5.0

/nix/store/30x3z3pcnbzdhh31678vdlk496jvdyvh-yara-4.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-45429    5.5

------------------------------------------------------------------------
yasm-1.3.0

/nix/store/20l221rfvy85j0pbpa29afip9xysmvi6-yasm-1.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33454    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33455    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33456    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33457    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33458    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33459    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33460    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33461    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33462    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33463    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33464    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33465    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33466    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33467    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33468    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-30402    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31972    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31973    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31974    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-51258    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31975    3.3

------------------------------------------------------------------------
zlib-0.6.3.0

/nix/store/7rnx7fgby145gszi75a4lg7wd38rqzds-zlib-0.6.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-0.6.3.0-r5.cabal

/nix/store/piy096kvsgzmx5mbhm8kzmjykl336cx3-zlib-0.6.3.0-r5.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-1.3.1

/nix/store/890wip2h8rdj94kzq44jzmf8mj33ik70-zlib-1.3.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

use --show-whitelisted to see derivations with only whitelisted CVEs
github-actions[bot] commented 2 months ago

Report for elmira

Version changes:

Version 1 -> 2:'
'  kanata: ∅ → ε, +2593.0 KiB'
'  kanata.kbd: ∅ → ε'
'  org.nixos.kanata.plist: ∅ → ε
Security vulnerability report 
34 derivations with active advisories'
'6 derivations left out due to whitelisting'
''
'------------------------------------------------------------------------'
'ShellCheck-0.10.0'
''
'/nix/store/4lhskjhd4yp4nva20cqjil2rbcz7xigx-ShellCheck-0.10.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8'
''
'------------------------------------------------------------------------'
'cereal-0.5.8.3'
''
'/nix/store/a90l449mdq32304j9ncrspa6gnj1xppv-cereal-0.5.8.3.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3'
''
'------------------------------------------------------------------------'
'commonmark-0.2.6'
''
'/nix/store/qqvqcwjjvqczvbjkdf9hzzdml6s5sp7q-commonmark-0.2.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1'
''
'------------------------------------------------------------------------'
'gcc-13.3.0'
''
'/nix/store/6b4vr9v6sfj58kcclyiff6i1v0a1y6iy-gcc-13.3.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-4039     4.8'
''
'------------------------------------------------------------------------'
'git-2.46.0'
''
'/nix/store/0b8c762f5fwvy903lpq121l8r7bz8apc-git-2.46.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-36882    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-30947    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-36883    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38663    6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2022-36884    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3'
''
'------------------------------------------------------------------------'
'go-1.21.0-darwin-arm64-bootstrap'
''
'/nix/store/hiczw1c8kgxgcb7b26hvs9y2gw8xxvcp-go-1.21.0-darwin-arm64-bootstrap.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39320    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2024-24790    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39323    8.1'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39321    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39322    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39325    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-44487    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39318    6.1'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39319    6.1'
'https://nvd.nist.gov/vuln/detail/CVE-2024-24789    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8'
''
'------------------------------------------------------------------------'
'go-1.22.6'
''
'/nix/store/wlk6ql6l3fylh7qqihrijzflqrn74i9v-go-1.22.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8'
''
'------------------------------------------------------------------------'
'hedgehog-1.4'
''
'/nix/store/jg3m0as9ym33srmv3glycrszpgjc30rn-hedgehog-1.4.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8'
''
'------------------------------------------------------------------------'
'hedgehog-1.4-r8.cabal'
''
'/nix/store/yc9z7pwxrv0ls4smxaz5d64m842g4r38-hedgehog-1.4-r8.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8'
''
'------------------------------------------------------------------------'
'http-client-0.7.17'
''
'/nix/store/5d3vjys3agwzvj2h8p1hzdbap149gkap-http-client-0.7.17.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5'
''
'------------------------------------------------------------------------'
'indent-2.2.13'
''
'/nix/store/30dbvvblr228zkwhrgy11sczb4g4pdi5-indent-2.2.13.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2024-0911     5.5'
''
'------------------------------------------------------------------------'
'libmemcached-1.0.18'
''
'/nix/store/bdjnwzbbqjvrsbqh34skisllk36f8nxx-libmemcached-1.0.18.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-27478    6.5'
''
'------------------------------------------------------------------------'
'lodepng-3.10.1'
''
'/nix/store/png3mn10gly9km9n8cw4knirgv3nah4d-lodepng-3.10.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-17178    7.5'
''
'------------------------------------------------------------------------'
'network-3.1.4.0'
''
'/nix/store/is772ciiw7d6vq9skl703ir56j6dzs8c-network-3.1.4.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5'
''
'------------------------------------------------------------------------'
'network-3.1.4.0-r1.cabal'
''
'/nix/store/jacnjv46wrp629klypppdn53l8a1iygm-network-3.1.4.0-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5'
''
'------------------------------------------------------------------------'
'ninja-1.12.1'
''
'/nix/store/8b5yv718gpr9d93ln68byrs1jxx56zm2-ninja-1.12.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4336     9.8'
''
'------------------------------------------------------------------------'
'oh-my-zsh-2024-08-27'
''
'/nix/store/i6djb7vgl3xny2w3kmbva319yb3sq023-oh-my-zsh-2024-08-27.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-3727     9.8'
''
'------------------------------------------------------------------------'
'openmp-16.0.6'
''
'/nix/store/jvkmlw4pfhbf377mjyjbpgcppk917bd4-openmp-16.0.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-26345    7.3'
''
'------------------------------------------------------------------------'
'quote-1.0.36'
''
'/nix/store/4qr3c0nipmw6zajq02dc05fwkij13dkf-quote-1.0.36.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3'
''
'------------------------------------------------------------------------'
'rubygems-3.5.16'
''
'/nix/store/r2jzqs70zxfmlq537c4ihr3cs3ym8pz2-rubygems-3.5.16.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-36073    8.8'
''
'------------------------------------------------------------------------'
'safe-0.3.21'
''
'/nix/store/0g1fzhaq1yvnla9h1lkrswgk3n756jsr-safe-0.3.21.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5'
''
'------------------------------------------------------------------------'
'safe-0.3.21-r1.cabal'
''
'/nix/store/nf1vrmi9yx5qd9wh09df644l4xhh6vfk-safe-0.3.21-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5'
''
'------------------------------------------------------------------------'
'stringbuilder-0.5.1'
''
'/nix/store/wdvqz8y1wmf00i0c77gylzf75943j56n-stringbuilder-0.5.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2024-21524    9.1'
''
'------------------------------------------------------------------------'
'subversion-1.14.3'
''
'/nix/store/w8hhn0f697qainjdrjzak4n7z10wj6wy-subversion-1.14.3.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-21698    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2304     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2111     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29046    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29048    4.3'
''
'------------------------------------------------------------------------'
'unzip-6.0'
''
'/nix/store/czx7qrml7z29ffzz8pmwqa1vsnzn9044-unzip-6.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4217     3.3'
''
'------------------------------------------------------------------------'
'vault-0.3.1.5'
''
'/nix/store/pr93fj61y05ypnizl556lgifxqv597qi-vault-0.3.1.5.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1'
'https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7'
''
'------------------------------------------------------------------------'
'vault-0.3.1.5-r7.cabal'
''
'/nix/store/13akdwmpx2s5q1wkgyill8rf5ppzzv35-vault-0.3.1.5-r7.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1'
'https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7'
''
'------------------------------------------------------------------------'
'warp-3.3.31'
''
'/nix/store/mr8fj6i6scb92z2nra29nwrv7b4gxbwv-warp-3.3.31.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-3320     9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-3512     8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-4428     8.0'
'https://nvd.nist.gov/vuln/detail/CVE-2022-2145     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-2225     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0652     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-1412     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-1862     7.3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-2754     6.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-4457     5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0238     5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0654     3.7'
''
'------------------------------------------------------------------------'
'yaml-0.11.11.2'
''
'/nix/store/9y47yq1k1q0bv1fyra91iwws4kdygg7b-yaml-0.11.11.2.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5'
''
'------------------------------------------------------------------------'
'yaml-0.11.11.2-r2.cabal'
''
'/nix/store/z3nph879p862xwq2dly8p0ymngh61aly-yaml-0.11.11.2-r2.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5'
''
'------------------------------------------------------------------------'
'yasm-1.3.0'
''
'/nix/store/j3d7gxin4b6l04vh443rzdi87m8j1phg-yasm-1.3.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33454    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33455    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33456    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33457    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33458    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33459    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33460    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33461    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33462    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33463    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33464    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33465    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33466    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33467    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33468    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-30402    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-31972    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-31973    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-31974    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-51258    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-31975    3.3'
''
'------------------------------------------------------------------------'
'zlib-0.6.3.0'
''
'/nix/store/ci4fhgsw9m7ha15zghfx97jrvy5b179y-zlib-0.6.3.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5'
''
'------------------------------------------------------------------------'
'zlib-0.6.3.0-r5.cabal'
''
'/nix/store/dr7x280pq7rlhx917l16xhiwzzdmr1p9-zlib-0.6.3.0-r5.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5'
''
'------------------------------------------------------------------------'
'zlib-1.3.1'
''
'/nix/store/jsbb4mry7njn1fd5icfykh5w4p06mqg9-zlib-1.3.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5'
''
'use --show-whitelisted to see derivations with only whitelisted CVEs