Rebuild on every commit to main

[NoRePercussions]

Previously we only rebuilt on changes to certain files. This has a few issues:

1. The configuration may break on other changes. For example, if we delete an external config file that is referenced by the config, the build should fail, but will never be run.

2. build action doesn't run on lock updates. I'm not too sure what is causing this, but this is the main difference between this and my other Renovate setups. I want to make sure it is run for every commit to main.

3. Other changes aren't cached. Changes to sourced configuration files won't be saved to my binary cache by the action unless it is run. This is of minor importance, but it is preferred for each system to be fully cached before updates are deployed, as most are better equipped for network reads than for building their own configuration. The most-updated input is also nixvim, which takes a long time to rebuild documentation when re-locked.

[github-actions[bot]]

Report for roland

Version changes:

Security vulnerability report

50 derivations with active advisories
8 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.10.0

/nix/store/28j7hy7j7rz8sbzfh2kigpx370w6dg86-ShellCheck-0.10.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
audiofile-0.3.6

/nix/store/8i6zds8gv6ni8202r0npari0y9xzqjmj-audiofile-0.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-18781    5.5

------------------------------------------------------------------------
cereal-0.5.8.3

/nix/store/cd6cddw8lxiin97yw2wnmmhw40n2ypxy-cereal-0.5.8.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
commonmark-0.2.6

/nix/store/ml4wf4w7qgivqg8mdr1q0iggsc88a5yv-commonmark-0.2.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
cups-2.4.10

/nix/store/kv0raa6n8bzxxd920klq7qcg4y3n4y86-cups-2.4.10.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-26691    6.7

------------------------------------------------------------------------
dbus-1

/nix/store/5qsjfxnaphb5m7zw813cbn7a7chhw4bv-dbus-1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-42010    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42011    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42012    6.5

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/cfvz2yimqjr5ls2jn60gks3qm9bfl3y3-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-3.16.2

/nix/store/62hhzsanj4hw92r9lvysrvq63zfahj08-fuse-3.16.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
gcc-13.3.0

/nix/store/fkk73ndvkaz2hkjvazp3s412pb52kakk-gcc-13.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4039     4.8

------------------------------------------------------------------------
git-2.46.0

/nix/store/g7mhkv3cs9mj9h67bmwmnnhpwk427il5-git-2.46.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36882    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-30947    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-36883    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38663    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4
https://nvd.nist.gov/vuln/detail/CVE-2022-36884    5.3
https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3

------------------------------------------------------------------------
go-1.21.0-linux-amd64-bootstrap

/nix/store/1w5mfqsbqx54xfb3zbhf1ryzaqwb3807-go-1.21.0-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-39320    9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-24790    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-39323    8.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39321    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39322    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39325    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-44487    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39318    6.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39319    6.1
https://nvd.nist.gov/vuln/detail/CVE-2024-24789    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
go-1.22.6

/nix/store/12p4myq9yrziavblqxnxn799kadbjalp-go-1.22.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
hedgehog-1.4

/nix/store/afnz99k2vfyd6fygal0ifl0wzv14nn29-hedgehog-1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
hedgehog-1.4-r8.cabal

/nix/store/5m68ia8f5inbhkza1v8mfjddn4a2x5y6-hedgehog-1.4-r8.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
http-client-0.7.17

/nix/store/ysb8ncj66kbmmxskbbzs96wzxb3a2gmj-http-client-0.7.17.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
jbig2dec-0.20

/nix/store/x1sqwy7skbwgb7yycnfgpyg528h4ry3a-jbig2dec-0.20.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-46361    6.5

------------------------------------------------------------------------
libmemcached-1.0.18

/nix/store/i8x33vd61085kfix7srri5hzh06h0w5b-libmemcached-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-27478    6.5

------------------------------------------------------------------------
libmpeg2-0.5.1

/nix/store/pwpi5bmxga2if363nry1aw7qvpyzxj26-libmpeg2-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37416    6.5

------------------------------------------------------------------------
lodepng-3.10.1

/nix/store/il8ymdgr2gl3m32hdfdzc3i8gfmwds1s-lodepng-3.10.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-17178    7.5

------------------------------------------------------------------------
network-3.1.4.0

/nix/store/f8wmym8cwcl10jp659xkwjsr41rdh9vl-network-3.1.4.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
network-3.1.4.0-r1.cabal

/nix/store/74rzi1kcbdf0k1m8c5vr4ljf4a1apk0q-network-3.1.4.0-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
ninja-1.12.1

/nix/store/znflsi8ifra43452vzfbsrx541h0cwyp-ninja-1.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4336     9.8

------------------------------------------------------------------------
oh-my-zsh-2024-08-27

/nix/store/zllmshb2ryl0q29ki1qq2h09dbrfl8bs-oh-my-zsh-2024-08-27.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3727     9.8

------------------------------------------------------------------------
openvpn-2.6.12

/nix/store/d4fijh6ia0q11n2vzfq57xrvmxgila7p-openvpn-2.6.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27569    7.5

------------------------------------------------------------------------
pip-20.3.4-source

/nix/store/vn6nx0826p50v24p7qg6sv1jpwf1qnic-pip-20.3.4-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3572     5.7
https://nvd.nist.gov/vuln/detail/CVE-2023-5752     3.3

------------------------------------------------------------------------
polkit-1.pam

/nix/store/80n075bwddhlxfhc50myy0r2xh2xgq6a-polkit-1.pam.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4034     7.8

------------------------------------------------------------------------
procps-3.3.17-binlore

/nix/store/03fh3wzy0ja5269nfjish2hw0mdlhgxz-procps-3.3.17-binlore.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
procps-3.3.17-lore-override

/nix/store/dbw12ba5fwgfkpjd6xl86zll20ayhmqq-procps-3.3.17-lore-override.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
python-2.7.18.8

/nix/store/hmiijzpqz73dgs7jr9lvkv6yiavbzjqx-python-2.7.18.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-48565    9.8
https://nvd.nist.gov/vuln/detail/CVE-2019-9674     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-0391     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-45061    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48560    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-24329    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-36632    7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-6232     7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-7592     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-26488    7.0
https://nvd.nist.gov/vuln/detail/CVE-2021-3733     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48564    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-23336    5.9
https://nvd.nist.gov/vuln/detail/CVE-2022-48566    5.9
https://nvd.nist.gov/vuln/detail/CVE-2023-40217    5.3

------------------------------------------------------------------------
quote-1.0.36

/nix/store/x4dylylvrrj9pix92hbpmg0jsi0ijkpn-quote-1.0.36.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
rubygems-3.5.16

/nix/store/741nm0pyh022cdnyavng47y9j6s4wix5-rubygems-3.5.16.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36073    8.8

------------------------------------------------------------------------
safe-0.3.21

/nix/store/63z2154ywqk9yzvc2l5a0q9jiqyv3a88-safe-0.3.21.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
safe-0.3.21-r1.cabal

/nix/store/5b96a8chlvh6bvbhpx9fj61xi1q4wwwi-safe-0.3.21-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
samba-4.20.4

/nix/store/gk7384161dmp7vi3vm765ki9jss70nda-samba-4.20.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37966    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-38023    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-32743    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-37967    7.2
https://nvd.nist.gov/vuln/detail/CVE-2021-3670     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-1615     5.5

------------------------------------------------------------------------
sassc-3.6.2

/nix/store/jzx01izqmq4kh7wln29f3c3f1862ykys-sassc-3.6.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-43357    7.5

------------------------------------------------------------------------
setuptools-44.0.0-source

/nix/store/2qgk79a0kazqyhghx1w5c5cb6vwc9as9-setuptools-44.0.0-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40897    5.9

------------------------------------------------------------------------
stringbuilder-0.5.1

/nix/store/36lwb84k8cpq1ndnnqp138li59jjlbiz-stringbuilder-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-21524    9.1

------------------------------------------------------------------------
unzip-6.0

/nix/store/03dvx39sdpvybbi6psky85ab413zgi80-unzip-6.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4217     3.3

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/wza5fbrprzmm37s3ic2kb7pi2hwha6xj-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
vault-0.3.1.5-r7.cabal

/nix/store/740i9rm23im41x9vbk5lw8jxfr4jdcr2-vault-0.3.1.5-r7.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
warp-3.3.31

/nix/store/ysq6bxlyv68d1xzy5flwfaql30v3k3gr-warp-3.3.31.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3320     9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-3512     8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4428     8.0
https://nvd.nist.gov/vuln/detail/CVE-2022-2145     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-2225     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-0652     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1412     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1862     7.3
https://nvd.nist.gov/vuln/detail/CVE-2023-2754     6.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4457     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0238     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0654     3.7

------------------------------------------------------------------------
wheel-0.37.1-source

/nix/store/7sm5bzb59dafwk8rj5bqvjzpx251chwn-wheel-0.37.1-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40898    7.5

------------------------------------------------------------------------
xdg-utils-1.2.1

/nix/store/k99j8vyz4whsrxh7mv702b8bzbyd35q2-xdg-utils-1.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27748    6.5

------------------------------------------------------------------------
yaml-0.11.11.2

/nix/store/b8k0kq9vx4iq0lxs9nqjnsh9ard5vkhm-yaml-0.11.11.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yaml-0.11.11.2-r2.cabal

/nix/store/yg0d6yl4a8blp1lxnx2hlpnk5xvicjvp-yaml-0.11.11.2-r2.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yara-4.5.0

/nix/store/30x3z3pcnbzdhh31678vdlk496jvdyvh-yara-4.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-45429    5.5

------------------------------------------------------------------------
yasm-1.3.0

/nix/store/20l221rfvy85j0pbpa29afip9xysmvi6-yasm-1.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33454    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33455    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33456    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33457    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33458    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33459    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33460    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33461    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33462    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33463    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33464    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33465    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33466    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33467    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33468    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-30402    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31972    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31973    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31974    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-51258    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31975    3.3

------------------------------------------------------------------------
zlib-0.6.3.0

/nix/store/7rnx7fgby145gszi75a4lg7wd38rqzds-zlib-0.6.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-0.6.3.0-r5.cabal

/nix/store/piy096kvsgzmx5mbhm8kzmjykl336cx3-zlib-0.6.3.0-r5.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-1.3.1

/nix/store/890wip2h8rdj94kzq44jzmf8mj33ik70-zlib-1.3.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

use --show-whitelisted to see derivations with only whitelisted CVEs

[github-actions[bot]]

Report for marlon

Version changes:

Security vulnerability report

51 derivations with active advisories
8 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.10.0

/nix/store/28j7hy7j7rz8sbzfh2kigpx370w6dg86-ShellCheck-0.10.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
aardvark-dns-1.12.1

/nix/store/0s07nyhlpiqdr4ikmss0w1i56ip1fkwl-aardvark-dns-1.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-8418     7.5

------------------------------------------------------------------------
audiofile-0.3.6

/nix/store/8i6zds8gv6ni8202r0npari0y9xzqjmj-audiofile-0.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-18781    5.5

------------------------------------------------------------------------
cereal-0.5.8.3

/nix/store/cd6cddw8lxiin97yw2wnmmhw40n2ypxy-cereal-0.5.8.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
commonmark-0.2.6

/nix/store/ml4wf4w7qgivqg8mdr1q0iggsc88a5yv-commonmark-0.2.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
cups-2.4.10

/nix/store/kv0raa6n8bzxxd920klq7qcg4y3n4y86-cups-2.4.10.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-26691    6.7

------------------------------------------------------------------------
dbus-1

/nix/store/60wydzcd80nylqjlmkm8jbj12cm548z6-dbus-1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-42010    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42011    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42012    6.5

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/cfvz2yimqjr5ls2jn60gks3qm9bfl3y3-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-3.16.2

/nix/store/62hhzsanj4hw92r9lvysrvq63zfahj08-fuse-3.16.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
gcc-13.3.0

/nix/store/fkk73ndvkaz2hkjvazp3s412pb52kakk-gcc-13.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4039     4.8

------------------------------------------------------------------------
git-2.46.0

/nix/store/g7mhkv3cs9mj9h67bmwmnnhpwk427il5-git-2.46.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36882    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-30947    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-36883    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38663    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4
https://nvd.nist.gov/vuln/detail/CVE-2022-36884    5.3
https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3

------------------------------------------------------------------------
go-1.21.0-linux-amd64-bootstrap

/nix/store/1w5mfqsbqx54xfb3zbhf1ryzaqwb3807-go-1.21.0-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-39320    9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-24790    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-39323    8.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39321    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39322    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39325    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-44487    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39318    6.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39319    6.1
https://nvd.nist.gov/vuln/detail/CVE-2024-24789    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
go-1.22.6

/nix/store/12p4myq9yrziavblqxnxn799kadbjalp-go-1.22.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
hedgehog-1.4

/nix/store/afnz99k2vfyd6fygal0ifl0wzv14nn29-hedgehog-1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
hedgehog-1.4-r8.cabal

/nix/store/5m68ia8f5inbhkza1v8mfjddn4a2x5y6-hedgehog-1.4-r8.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
http-client-0.7.17

/nix/store/ysb8ncj66kbmmxskbbzs96wzxb3a2gmj-http-client-0.7.17.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
jbig2dec-0.20

/nix/store/x1sqwy7skbwgb7yycnfgpyg528h4ry3a-jbig2dec-0.20.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-46361    6.5

------------------------------------------------------------------------
libmemcached-1.0.18

/nix/store/i8x33vd61085kfix7srri5hzh06h0w5b-libmemcached-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-27478    6.5

------------------------------------------------------------------------
libmpeg2-0.5.1

/nix/store/pwpi5bmxga2if363nry1aw7qvpyzxj26-libmpeg2-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37416    6.5

------------------------------------------------------------------------
lodepng-3.10.1

/nix/store/il8ymdgr2gl3m32hdfdzc3i8gfmwds1s-lodepng-3.10.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-17178    7.5

------------------------------------------------------------------------
network-3.1.4.0

/nix/store/f8wmym8cwcl10jp659xkwjsr41rdh9vl-network-3.1.4.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
network-3.1.4.0-r1.cabal

/nix/store/74rzi1kcbdf0k1m8c5vr4ljf4a1apk0q-network-3.1.4.0-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
ninja-1.12.1

/nix/store/znflsi8ifra43452vzfbsrx541h0cwyp-ninja-1.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4336     9.8

------------------------------------------------------------------------
oh-my-zsh-2024-08-27

/nix/store/zllmshb2ryl0q29ki1qq2h09dbrfl8bs-oh-my-zsh-2024-08-27.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3727     9.8

------------------------------------------------------------------------
openvpn-2.6.12

/nix/store/d4fijh6ia0q11n2vzfq57xrvmxgila7p-openvpn-2.6.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27569    7.5

------------------------------------------------------------------------
pip-20.3.4-source

/nix/store/vn6nx0826p50v24p7qg6sv1jpwf1qnic-pip-20.3.4-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3572     5.7
https://nvd.nist.gov/vuln/detail/CVE-2023-5752     3.3

------------------------------------------------------------------------
polkit-1.pam

/nix/store/80n075bwddhlxfhc50myy0r2xh2xgq6a-polkit-1.pam.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4034     7.8

------------------------------------------------------------------------
procps-3.3.17-binlore

/nix/store/03fh3wzy0ja5269nfjish2hw0mdlhgxz-procps-3.3.17-binlore.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
procps-3.3.17-lore-override

/nix/store/dbw12ba5fwgfkpjd6xl86zll20ayhmqq-procps-3.3.17-lore-override.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
python-2.7.18.8

/nix/store/hmiijzpqz73dgs7jr9lvkv6yiavbzjqx-python-2.7.18.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-48565    9.8
https://nvd.nist.gov/vuln/detail/CVE-2019-9674     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-0391     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-45061    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48560    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-24329    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-36632    7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-6232     7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-7592     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-26488    7.0
https://nvd.nist.gov/vuln/detail/CVE-2021-3733     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48564    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-23336    5.9
https://nvd.nist.gov/vuln/detail/CVE-2022-48566    5.9
https://nvd.nist.gov/vuln/detail/CVE-2023-40217    5.3

------------------------------------------------------------------------
quote-1.0.36

/nix/store/x4dylylvrrj9pix92hbpmg0jsi0ijkpn-quote-1.0.36.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
rubygems-3.5.16

/nix/store/741nm0pyh022cdnyavng47y9j6s4wix5-rubygems-3.5.16.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36073    8.8

------------------------------------------------------------------------
safe-0.3.21

/nix/store/63z2154ywqk9yzvc2l5a0q9jiqyv3a88-safe-0.3.21.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
safe-0.3.21-r1.cabal

/nix/store/5b96a8chlvh6bvbhpx9fj61xi1q4wwwi-safe-0.3.21-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
samba-4.20.4

/nix/store/gk7384161dmp7vi3vm765ki9jss70nda-samba-4.20.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37966    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-38023    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-32743    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-37967    7.2
https://nvd.nist.gov/vuln/detail/CVE-2021-3670     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-1615     5.5

------------------------------------------------------------------------
sassc-3.6.2

/nix/store/jzx01izqmq4kh7wln29f3c3f1862ykys-sassc-3.6.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-43357    7.5

------------------------------------------------------------------------
setuptools-44.0.0-source

/nix/store/2qgk79a0kazqyhghx1w5c5cb6vwc9as9-setuptools-44.0.0-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40897    5.9

------------------------------------------------------------------------
stringbuilder-0.5.1

/nix/store/36lwb84k8cpq1ndnnqp138li59jjlbiz-stringbuilder-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-21524    9.1

------------------------------------------------------------------------
unzip-6.0

/nix/store/03dvx39sdpvybbi6psky85ab413zgi80-unzip-6.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4217     3.3

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/wza5fbrprzmm37s3ic2kb7pi2hwha6xj-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
vault-0.3.1.5-r7.cabal

/nix/store/740i9rm23im41x9vbk5lw8jxfr4jdcr2-vault-0.3.1.5-r7.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
warp-3.3.31

/nix/store/ysq6bxlyv68d1xzy5flwfaql30v3k3gr-warp-3.3.31.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3320     9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-3512     8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4428     8.0
https://nvd.nist.gov/vuln/detail/CVE-2022-2145     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-2225     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-0652     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1412     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1862     7.3
https://nvd.nist.gov/vuln/detail/CVE-2023-2754     6.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4457     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0238     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0654     3.7

------------------------------------------------------------------------
wheel-0.37.1-source

/nix/store/7sm5bzb59dafwk8rj5bqvjzpx251chwn-wheel-0.37.1-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40898    7.5

------------------------------------------------------------------------
xdg-utils-1.2.1

/nix/store/k99j8vyz4whsrxh7mv702b8bzbyd35q2-xdg-utils-1.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27748    6.5

------------------------------------------------------------------------
yaml-0.11.11.2

/nix/store/b8k0kq9vx4iq0lxs9nqjnsh9ard5vkhm-yaml-0.11.11.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yaml-0.11.11.2-r2.cabal

/nix/store/yg0d6yl4a8blp1lxnx2hlpnk5xvicjvp-yaml-0.11.11.2-r2.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yara-4.5.0

/nix/store/30x3z3pcnbzdhh31678vdlk496jvdyvh-yara-4.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-45429    5.5

------------------------------------------------------------------------
yasm-1.3.0

/nix/store/20l221rfvy85j0pbpa29afip9xysmvi6-yasm-1.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33454    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33455    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33456    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33457    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33458    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33459    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33460    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33461    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33462    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33463    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33464    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33465    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33466    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33467    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33468    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-30402    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31972    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31973    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31974    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-51258    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31975    3.3

------------------------------------------------------------------------
zlib-0.6.3.0

/nix/store/7rnx7fgby145gszi75a4lg7wd38rqzds-zlib-0.6.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-0.6.3.0-r5.cabal

/nix/store/piy096kvsgzmx5mbhm8kzmjykl336cx3-zlib-0.6.3.0-r5.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-1.3.1

/nix/store/4gw9bs30lgjylxn5wvzzscw4b5blijmi-zlib-1.3.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

use --show-whitelisted to see derivations with only whitelisted CVEs

[github-actions[bot]]

Report for elmira

Version changes:

Security vulnerability report

34 derivations with active advisories'
'6 derivations left out due to whitelisting'
''
'------------------------------------------------------------------------'
'ShellCheck-0.10.0'
''
'/nix/store/4lhskjhd4yp4nva20cqjil2rbcz7xigx-ShellCheck-0.10.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8'
''
'------------------------------------------------------------------------'
'cereal-0.5.8.3'
''
'/nix/store/a90l449mdq32304j9ncrspa6gnj1xppv-cereal-0.5.8.3.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3'
''
'------------------------------------------------------------------------'
'commonmark-0.2.6'
''
'/nix/store/qqvqcwjjvqczvbjkdf9hzzdml6s5sp7q-commonmark-0.2.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1'
''
'------------------------------------------------------------------------'
'gcc-13.3.0'
''
'/nix/store/6b4vr9v6sfj58kcclyiff6i1v0a1y6iy-gcc-13.3.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-4039     4.8'
''
'------------------------------------------------------------------------'
'git-2.46.0'
''
'/nix/store/0b8c762f5fwvy903lpq121l8r7bz8apc-git-2.46.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-36882    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-30947    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-36883    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38663    6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2022-36884    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3'
''
'------------------------------------------------------------------------'
'go-1.21.0-darwin-arm64-bootstrap'
''
'/nix/store/hiczw1c8kgxgcb7b26hvs9y2gw8xxvcp-go-1.21.0-darwin-arm64-bootstrap.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39320    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2024-24790    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39323    8.1'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39321    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39322    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39325    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-44487    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39318    6.1'
'https://nvd.nist.gov/vuln/detail/CVE-2023-39319    6.1'
'https://nvd.nist.gov/vuln/detail/CVE-2024-24789    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8'
''
'------------------------------------------------------------------------'
'go-1.22.6'
''
'/nix/store/wlk6ql6l3fylh7qqihrijzflqrn74i9v-go-1.22.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8'
''
'------------------------------------------------------------------------'
'hedgehog-1.4'
''
'/nix/store/jg3m0as9ym33srmv3glycrszpgjc30rn-hedgehog-1.4.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8'
''
'------------------------------------------------------------------------'
'hedgehog-1.4-r8.cabal'
''
'/nix/store/yc9z7pwxrv0ls4smxaz5d64m842g4r38-hedgehog-1.4-r8.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8'
''
'------------------------------------------------------------------------'
'http-client-0.7.17'
''
'/nix/store/5d3vjys3agwzvj2h8p1hzdbap149gkap-http-client-0.7.17.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5'
''
'------------------------------------------------------------------------'
'indent-2.2.13'
''
'/nix/store/30dbvvblr228zkwhrgy11sczb4g4pdi5-indent-2.2.13.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2024-0911     5.5'
''
'------------------------------------------------------------------------'
'libmemcached-1.0.18'
''
'/nix/store/bdjnwzbbqjvrsbqh34skisllk36f8nxx-libmemcached-1.0.18.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-27478    6.5'
''
'------------------------------------------------------------------------'
'lodepng-3.10.1'
''
'/nix/store/png3mn10gly9km9n8cw4knirgv3nah4d-lodepng-3.10.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2019-17178    7.5'
''
'------------------------------------------------------------------------'
'network-3.1.4.0'
''
'/nix/store/is772ciiw7d6vq9skl703ir56j6dzs8c-network-3.1.4.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5'
''
'------------------------------------------------------------------------'
'network-3.1.4.0-r1.cabal'
''
'/nix/store/jacnjv46wrp629klypppdn53l8a1iygm-network-3.1.4.0-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5'
''
'------------------------------------------------------------------------'
'ninja-1.12.1'
''
'/nix/store/8b5yv718gpr9d93ln68byrs1jxx56zm2-ninja-1.12.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4336     9.8'
''
'------------------------------------------------------------------------'
'oh-my-zsh-2024-08-27'
''
'/nix/store/i6djb7vgl3xny2w3kmbva319yb3sq023-oh-my-zsh-2024-08-27.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-3727     9.8'
''
'------------------------------------------------------------------------'
'openmp-16.0.6'
''
'/nix/store/jvkmlw4pfhbf377mjyjbpgcppk917bd4-openmp-16.0.6.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-26345    7.3'
''
'------------------------------------------------------------------------'
'quote-1.0.36'
''
'/nix/store/4qr3c0nipmw6zajq02dc05fwkij13dkf-quote-1.0.36.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3'
''
'------------------------------------------------------------------------'
'rubygems-3.5.16'
''
'/nix/store/r2jzqs70zxfmlq537c4ihr3cs3ym8pz2-rubygems-3.5.16.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-36073    8.8'
''
'------------------------------------------------------------------------'
'safe-0.3.21'
''
'/nix/store/0g1fzhaq1yvnla9h1lkrswgk3n756jsr-safe-0.3.21.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5'
''
'------------------------------------------------------------------------'
'safe-0.3.21-r1.cabal'
''
'/nix/store/nf1vrmi9yx5qd9wh09df644l4xhh6vfk-safe-0.3.21-r1.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5'
'https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5'
''
'------------------------------------------------------------------------'
'stringbuilder-0.5.1'
''
'/nix/store/wdvqz8y1wmf00i0c77gylzf75943j56n-stringbuilder-0.5.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2024-21524    9.1'
''
'------------------------------------------------------------------------'
'subversion-1.14.3'
''
'/nix/store/w8hhn0f697qainjdrjzak4n7z10wj6wy-subversion-1.14.3.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-21698    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2304     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2020-2111     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29046    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2022-29048    4.3'
''
'------------------------------------------------------------------------'
'unzip-6.0'
''
'/nix/store/czx7qrml7z29ffzz8pmwqa1vsnzn9044-unzip-6.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4217     3.3'
''
'------------------------------------------------------------------------'
'vault-0.3.1.5'
''
'/nix/store/pr93fj61y05ypnizl556lgifxqv597qi-vault-0.3.1.5.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1'
'https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7'
''
'------------------------------------------------------------------------'
'vault-0.3.1.5-r7.cabal'
''
'/nix/store/13akdwmpx2s5q1wkgyill8rf5ppzzv35-vault-0.3.1.5-r7.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1'
'https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4'
'https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7'
''
'------------------------------------------------------------------------'
'warp-3.3.31'
''
'/nix/store/mr8fj6i6scb92z2nra29nwrv7b4gxbwv-warp-3.3.31.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-3320     9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-3512     8.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-4428     8.0'
'https://nvd.nist.gov/vuln/detail/CVE-2022-2145     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-2225     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0652     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-1412     7.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-1862     7.3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-2754     6.8'
'https://nvd.nist.gov/vuln/detail/CVE-2022-4457     5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0238     5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-0654     3.7'
''
'------------------------------------------------------------------------'
'yaml-0.11.11.2'
''
'/nix/store/9y47yq1k1q0bv1fyra91iwws4kdygg7b-yaml-0.11.11.2.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5'
''
'------------------------------------------------------------------------'
'yaml-0.11.11.2-r2.cabal'
''
'/nix/store/z3nph879p862xwq2dly8p0ymngh61aly-yaml-0.11.11.2-r2.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5'
''
'------------------------------------------------------------------------'
'yasm-1.3.0'
''
'/nix/store/j3d7gxin4b6l04vh443rzdi87m8j1phg-yasm-1.3.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33454    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33455    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33456    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33457    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33458    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33459    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33460    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33461    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33462    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33463    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33464    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33465    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33466    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33467    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2021-33468    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-30402    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-31972    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-31973    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-31974    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-51258    5.5'
'https://nvd.nist.gov/vuln/detail/CVE-2023-31975    3.3'
''
'------------------------------------------------------------------------'
'zlib-0.6.3.0'
''
'/nix/store/ci4fhgsw9m7ha15zghfx97jrvy5b179y-zlib-0.6.3.0.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5'
''
'------------------------------------------------------------------------'
'zlib-0.6.3.0-r5.cabal'
''
'/nix/store/dr7x280pq7rlhx917l16xhiwzzdmr1p9-zlib-0.6.3.0-r5.cabal.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5'
''
'------------------------------------------------------------------------'
'zlib-1.3.1'
''
'/nix/store/jsbb4mry7njn1fd5icfykh5w4p06mqg9-zlib-1.3.1.drv'
'CVE                                                CVSSv3'
'https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5'
''
'use --show-whitelisted to see derivations with only whitelisted CVEs

[github-actions[bot]]

Report for vic

Version changes:

Security vulnerability report

63 derivations with active advisories
9 derivations left out due to whitelisting

------------------------------------------------------------------------
ShellCheck-0.10.0

/nix/store/28j7hy7j7rz8sbzfh2kigpx370w6dg86-ShellCheck-0.10.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-28794    9.8

------------------------------------------------------------------------
accountsservice-23.13.9

/nix/store/y8m8wg0wg5ybpjawdf6kayijc0y65x1c-accountsservice-23.13.9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-3297     7.8

------------------------------------------------------------------------
audiofile-0.3.6

/nix/store/8i6zds8gv6ni8202r0npari0y9xzqjmj-audiofile-0.3.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-18781    5.5

------------------------------------------------------------------------
cereal-0.5.8.3

/nix/store/cd6cddw8lxiin97yw2wnmmhw40n2ypxy-cereal-0.5.8.3.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11105    9.8
https://nvd.nist.gov/vuln/detail/CVE-2020-11104    5.3

------------------------------------------------------------------------
commonmark-0.2.6

/nix/store/ml4wf4w7qgivqg8mdr1q0iggsc88a5yv-commonmark-0.2.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-10010    6.1

------------------------------------------------------------------------
console-0.15.8

/nix/store/phxfxsncszx2hliqkw595llcpvrlajqr-console-0.15.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-33955    5.3

------------------------------------------------------------------------
cups-2.4.10

/nix/store/kv0raa6n8bzxxd920klq7qcg4y3n4y86-cups-2.4.10.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-26691    6.7

------------------------------------------------------------------------
dash-0.5.12

/nix/store/5mwkmc9gccys5ii2djq8m1ss645hd860-dash-0.5.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-21485    5.4

------------------------------------------------------------------------
dbus-1

/nix/store/acfpv6pwav1572wjg603jdn796dg2wbd-dbus-1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-42010    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42011    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-42012    6.5

------------------------------------------------------------------------
djvulibre-3.5.28

/nix/store/74p12yq7f3jqv0mnfl727fb6hg3cj9c0-djvulibre-3.5.28.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-46310    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-46312    6.5

------------------------------------------------------------------------
firefox-129.0.2

/nix/store/9vk3zin020h74hmz4jch985a3zs0jmv2-firefox-129.0.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-8381     9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-8384     9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-8385     9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-8382     8.8
https://nvd.nist.gov/vuln/detail/CVE-2024-8383     7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8386     6.1
https://nvd.nist.gov/vuln/detail/CVE-2024-8388     5.3

------------------------------------------------------------------------
fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9

/nix/store/cfvz2yimqjr5ls2jn60gks3qm9bfl3y3-fuse-2.9.9-closefrom-glibc-2-34.patch?id=8a970396fca7aca2d5a761b8e7a8242f1eef14c9.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
fuse-3.16.2

/nix/store/62hhzsanj4hw92r9lvysrvq63zfahj08-fuse-3.16.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-14860    6.5
https://nvd.nist.gov/vuln/detail/CVE-2019-14900    6.5

------------------------------------------------------------------------
gcc-13.3.0

/nix/store/fkk73ndvkaz2hkjvazp3s412pb52kakk-gcc-13.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4039     4.8

------------------------------------------------------------------------
git-2.46.0

/nix/store/g7mhkv3cs9mj9h67bmwmnnhpwk427il5-git-2.46.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36882    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-30947    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-36883    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38663    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-21684    6.1
https://nvd.nist.gov/vuln/detail/CVE-2020-2136     5.4
https://nvd.nist.gov/vuln/detail/CVE-2022-36884    5.3
https://nvd.nist.gov/vuln/detail/CVE-2019-1003010  4.3

------------------------------------------------------------------------
go-1.21.0-linux-amd64-bootstrap

/nix/store/1w5mfqsbqx54xfb3zbhf1ryzaqwb3807-go-1.21.0-linux-amd64-bootstrap.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-39320    9.8
https://nvd.nist.gov/vuln/detail/CVE-2024-24790    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-39323    8.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39321    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39322    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39325    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-44487    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-39318    6.1
https://nvd.nist.gov/vuln/detail/CVE-2023-39319    6.1
https://nvd.nist.gov/vuln/detail/CVE-2024-24789    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
go-1.22.6

/nix/store/12p4myq9yrziavblqxnxn799kadbjalp-go-1.22.6.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-49292    4.8

------------------------------------------------------------------------
hedgehog-1.4

/nix/store/afnz99k2vfyd6fygal0ifl0wzv14nn29-hedgehog-1.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
hedgehog-1.4-r8.cabal

/nix/store/5m68ia8f5inbhkza1v8mfjddn4a2x5y6-hedgehog-1.4-r8.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4276     8.8

------------------------------------------------------------------------
http-client-0.7.17

/nix/store/ysb8ncj66kbmmxskbbzs96wzxb3a2gmj-http-client-0.7.17.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-11021    7.5

------------------------------------------------------------------------
imagemagick-7.1.1-37

/nix/store/bb4x0jpa6pznvbhr4mszhl27if3yvkdc-imagemagick-7.1.1-37.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-41817    7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-5341     5.5

------------------------------------------------------------------------
jbig2dec-0.20

/nix/store/x1sqwy7skbwgb7yycnfgpyg528h4ry3a-jbig2dec-0.20.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-46361    6.5

------------------------------------------------------------------------
libmemcached-1.0.18

/nix/store/i8x33vd61085kfix7srri5hzh06h0w5b-libmemcached-1.0.18.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-27478    6.5

------------------------------------------------------------------------
libmpeg2-0.5.1

/nix/store/pwpi5bmxga2if363nry1aw7qvpyzxj26-libmpeg2-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37416    6.5

------------------------------------------------------------------------
lodepng-3.10.1

/nix/store/il8ymdgr2gl3m32hdfdzc3i8gfmwds1s-lodepng-3.10.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2019-17178    7.5

------------------------------------------------------------------------
mercurial-6.8.1

/nix/store/adgwz43w27clwyyxj5i5axkl95yrjf0x-mercurial-6.8.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-43410    5.3

------------------------------------------------------------------------
network-3.1.4.0

/nix/store/f8wmym8cwcl10jp659xkwjsr41rdh9vl-network-3.1.4.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
network-3.1.4.0-r1.cabal

/nix/store/74rzi1kcbdf0k1m8c5vr4ljf4a1apk0q-network-3.1.4.0-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-35048    9.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35047    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35049    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24388    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24389    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24390    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24391    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24392    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24393    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-24394    8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0486     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-0997     7.8
https://nvd.nist.gov/vuln/detail/CVE-2021-35050    7.5

------------------------------------------------------------------------
ninja-1.12.1

/nix/store/znflsi8ifra43452vzfbsrx541h0cwyp-ninja-1.12.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4336     9.8

------------------------------------------------------------------------
oh-my-zsh-2024-08-27

/nix/store/zllmshb2ryl0q29ki1qq2h09dbrfl8bs-oh-my-zsh-2024-08-27.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3727     9.8

------------------------------------------------------------------------
openexr-2.5.10

/nix/store/k6jx138fnv4a7clkb604vif3mwypq7qs-openexr-2.5.10.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-5841     9.1
https://nvd.nist.gov/vuln/detail/CVE-2021-23169    8.8
https://nvd.nist.gov/vuln/detail/CVE-2021-3598     5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-3605     5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-23215    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-26260    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-26945    5.5

------------------------------------------------------------------------
openvpn-2.6.12

/nix/store/d4fijh6ia0q11n2vzfq57xrvmxgila7p-openvpn-2.6.12.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27569    7.5

------------------------------------------------------------------------
pip-20.3.4-source

/nix/store/vn6nx0826p50v24p7qg6sv1jpwf1qnic-pip-20.3.4-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-3572     5.7
https://nvd.nist.gov/vuln/detail/CVE-2023-5752     3.3

------------------------------------------------------------------------
plasma-workspace-5.27.11.1

/nix/store/by45mqsgm4zpz336yxl2l5v0zxigq65w-plasma-workspace-5.27.11.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-1433     3.7

------------------------------------------------------------------------
polkit-1.pam

/nix/store/qs11nnf9k3i9jy06cryx3i24faysp4yk-polkit-1.pam.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4034     7.8

------------------------------------------------------------------------
procps-3.3.17-binlore

/nix/store/03fh3wzy0ja5269nfjish2hw0mdlhgxz-procps-3.3.17-binlore.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
procps-3.3.17-lore-override

/nix/store/dbw12ba5fwgfkpjd6xl86zll20ayhmqq-procps-3.3.17-lore-override.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-4016     3.3

------------------------------------------------------------------------
python-2.7.18.8

/nix/store/hmiijzpqz73dgs7jr9lvkv6yiavbzjqx-python-2.7.18.8.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-48565    9.8
https://nvd.nist.gov/vuln/detail/CVE-2019-9674     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-0391     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-45061    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48560    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-24329    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-36632    7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-6232     7.5
https://nvd.nist.gov/vuln/detail/CVE-2024-7592     7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-26488    7.0
https://nvd.nist.gov/vuln/detail/CVE-2021-3733     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-48564    6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-23336    5.9
https://nvd.nist.gov/vuln/detail/CVE-2022-48566    5.9
https://nvd.nist.gov/vuln/detail/CVE-2023-40217    5.3

------------------------------------------------------------------------
quote-1.0.35

/nix/store/5xlri9sfq5lxgr4h8cwmyf5w709lcv5s-quote-1.0.35.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
quote-1.0.36

/nix/store/x4dylylvrrj9pix92hbpmg0jsi0ijkpn-quote-1.0.36.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-16194    5.3

------------------------------------------------------------------------
rubygems-3.5.16

/nix/store/741nm0pyh022cdnyavng47y9j6s4wix5-rubygems-3.5.16.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-36073    8.8

------------------------------------------------------------------------
safe-0.3.21

/nix/store/63z2154ywqk9yzvc2l5a0q9jiqyv3a88-safe-0.3.21.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
safe-0.3.21-r1.cabal

/nix/store/5b96a8chlvh6bvbhpx9fj61xi1q4wwwi-safe-0.3.21-r1.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-28872    8.8
https://nvd.nist.gov/vuln/detail/CVE-2019-11644    7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-38164    6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-47524    5.4
https://nvd.nist.gov/vuln/detail/CVE-2021-44751    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40834    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-40835    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28868    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28869    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28870    4.3
https://nvd.nist.gov/vuln/detail/CVE-2022-28873    4.3
https://nvd.nist.gov/vuln/detail/CVE-2021-33596    4.1
https://nvd.nist.gov/vuln/detail/CVE-2021-33594    3.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33595    3.5
https://nvd.nist.gov/vuln/detail/CVE-2022-38163    3.5

------------------------------------------------------------------------
samba-4.20.4

/nix/store/gk7384161dmp7vi3vm765ki9jss70nda-samba-4.20.4.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37966    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-38023    8.1
https://nvd.nist.gov/vuln/detail/CVE-2022-32743    7.5
https://nvd.nist.gov/vuln/detail/CVE-2022-37967    7.2
https://nvd.nist.gov/vuln/detail/CVE-2021-3670     6.5
https://nvd.nist.gov/vuln/detail/CVE-2022-1615     5.5

------------------------------------------------------------------------
sassc-3.6.2

/nix/store/jzx01izqmq4kh7wln29f3c3f1862ykys-sassc-3.6.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-43357    7.5

------------------------------------------------------------------------
semver-1.0.22

/nix/store/pihdv8mj700zljzn30wfwg33xgzsysr6-semver-1.0.22.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-25883    7.5

------------------------------------------------------------------------
setuptools-44.0.0-source

/nix/store/2qgk79a0kazqyhghx1w5c5cb6vwc9as9-setuptools-44.0.0-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40897    5.9

------------------------------------------------------------------------
snappy-1.2.1

/nix/store/620p8bw67cv47zadn8yk0yb0hkxqawsx-snappy-1.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-28115    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-41330    9.8

------------------------------------------------------------------------
stringbuilder-0.5.1

/nix/store/36lwb84k8cpq1ndnnqp138li59jjlbiz-stringbuilder-0.5.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2024-21524    9.1

------------------------------------------------------------------------
tap-1.0.1

/nix/store/skck9f2xa7bf1rz4haw90p97swi3z6bh-tap-1.0.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-41940    5.4

------------------------------------------------------------------------
unzip-6.0

/nix/store/03dvx39sdpvybbi6psky85ab413zgi80-unzip-6.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-4217     3.3

------------------------------------------------------------------------
vault-0.3.1.5

/nix/store/wza5fbrprzmm37s3ic2kb7pi2hwha6xj-vault-0.3.1.5.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
vault-0.3.1.5-r7.cabal

/nix/store/740i9rm23im41x9vbk5lw8jxfr4jdcr2-vault-0.3.1.5-r7.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-24999    8.1
https://nvd.nist.gov/vuln/detail/CVE-2020-13223    7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-27400    7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-6337     7.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0620     6.7
https://nvd.nist.gov/vuln/detail/CVE-2023-0665     6.5
https://nvd.nist.gov/vuln/detail/CVE-2024-8365     6.5
https://nvd.nist.gov/vuln/detail/CVE-2021-41802    5.4
https://nvd.nist.gov/vuln/detail/CVE-2023-2121     5.4
https://nvd.nist.gov/vuln/detail/CVE-2020-25594    5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-3024     5.3
https://nvd.nist.gov/vuln/detail/CVE-2021-38554    5.3
https://nvd.nist.gov/vuln/detail/CVE-2022-41316    5.3
https://nvd.nist.gov/vuln/detail/CVE-2023-25000    4.7

------------------------------------------------------------------------
warp-3.3.31

/nix/store/ysq6bxlyv68d1xzy5flwfaql30v3k3gr-warp-3.3.31.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3320     9.8
https://nvd.nist.gov/vuln/detail/CVE-2022-3512     8.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4428     8.0
https://nvd.nist.gov/vuln/detail/CVE-2022-2145     7.8
https://nvd.nist.gov/vuln/detail/CVE-2022-2225     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-0652     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1412     7.8
https://nvd.nist.gov/vuln/detail/CVE-2023-1862     7.3
https://nvd.nist.gov/vuln/detail/CVE-2023-2754     6.8
https://nvd.nist.gov/vuln/detail/CVE-2022-4457     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0238     5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-0654     3.7

------------------------------------------------------------------------
wheel-0.37.1-source

/nix/store/7sm5bzb59dafwk8rj5bqvjzpx251chwn-wheel-0.37.1-source.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-40898    7.5

------------------------------------------------------------------------
xdg-utils-1.2.1

/nix/store/k99j8vyz4whsrxh7mv702b8bzbyd35q2-xdg-utils-1.2.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2020-27748    6.5

------------------------------------------------------------------------
yaml-0.11.11.2

/nix/store/b8k0kq9vx4iq0lxs9nqjnsh9ard5vkhm-yaml-0.11.11.2.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yaml-0.11.11.2-r2.cabal

/nix/store/yg0d6yl4a8blp1lxnx2hlpnk5xvicjvp-yaml-0.11.11.2-r2.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-3064     7.5
https://nvd.nist.gov/vuln/detail/CVE-2021-4235     5.5

------------------------------------------------------------------------
yara-4.5.0

/nix/store/30x3z3pcnbzdhh31678vdlk496jvdyvh-yara-4.5.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-45429    5.5

------------------------------------------------------------------------
yasm-1.3.0

/nix/store/20l221rfvy85j0pbpa29afip9xysmvi6-yasm-1.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2021-33454    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33455    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33456    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33457    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33458    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33459    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33460    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33461    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33462    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33463    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33464    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33465    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33466    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33467    5.5
https://nvd.nist.gov/vuln/detail/CVE-2021-33468    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-30402    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31972    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31973    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31974    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-51258    5.5
https://nvd.nist.gov/vuln/detail/CVE-2023-31975    3.3

------------------------------------------------------------------------
zlib-0.6.3.0

/nix/store/7rnx7fgby145gszi75a4lg7wd38rqzds-zlib-0.6.3.0.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-0.6.3.0-r5.cabal

/nix/store/piy096kvsgzmx5mbhm8kzmjykl336cx3-zlib-0.6.3.0-r5.cabal.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2022-37434    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-45853    9.8
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

------------------------------------------------------------------------
zlib-1.3.1

/nix/store/890wip2h8rdj94kzq44jzmf8mj33ik70-zlib-1.3.1.drv
CVE                                                CVSSv3
https://nvd.nist.gov/vuln/detail/CVE-2023-6992     5.5

use --show-whitelisted to see derivations with only whitelisted CVEs