From 5adaab103ad24c66805939a4c161232ce1b7e866 Mon Sep 17 00:00:00 2001
From: henrirosten <henrirosten@users.noreply.github.com>
Date: Thu, 2 Jan 2025 03:48:04 +0000
Subject: [PATCH] Automatic vulnerability report update

---
 reports/main/data.csv                         | 313 +++++++++-
 ...6_64-linux.lenovo-x1-carbon-gen11-debug.md | 585 +++++++++++++++---
 2 files changed, 804 insertions(+), 94 deletions(-)

diff --git a/reports/main/data.csv b/reports/main/data.csv
index 8ec47a9..068a1cb 100644
--- a/reports/main/data.csv
+++ b/reports/main/data.csv
@@ -2,7 +2,47 @@
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-pxg6-pf52-xh8x","https://osv.dev/GHSA-pxg6-pf52-xh8x","cookie","","0.4.6","0.5.0","0.5.0","haskell:cookie","2024A1728000000","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-fwr7-v2mv-hh25","https://osv.dev/GHSA-fwr7-v2mv-hh25","async","","2.2.5","2.2.5","2.2.5","haskell:async","2024A1719187200","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-56732","https://nvd.nist.gov/vuln/detail/CVE-2024-56732","harfbuzz","8.8","10.0.1","10.1.0","10.1.0","harfbuzz","2024A0000056732","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-50613","https://nvd.nist.gov/vuln/detail/CVE-2024-50613","libsndfile","6.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050613","False","","fix_not_available",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-50612","https://nvd.nist.gov/vuln/detail/CVE-2024-50612","libsndfile","5.5","1.2.2","1.2.2","1.2.2","libsndfile","2024A0000050612","False","","fix_not_available",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-50602","https://nvd.nist.gov/vuln/detail/CVE-2024-50602","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2024A0000050602","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/354155"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47835","https://nvd.nist.gov/vuln/detail/CVE-2024-47835","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047835","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47834","https://nvd.nist.gov/vuln/detail/CVE-2024-47834","gstreamer","9.1","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047834","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47778","https://nvd.nist.gov/vuln/detail/CVE-2024-47778","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047778","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47777","https://nvd.nist.gov/vuln/detail/CVE-2024-47777","gstreamer","9.1","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047777","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47776","https://nvd.nist.gov/vuln/detail/CVE-2024-47776","gstreamer","9.1","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047776","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47775","https://nvd.nist.gov/vuln/detail/CVE-2024-47775","gstreamer","9.1","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047775","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47774","https://nvd.nist.gov/vuln/detail/CVE-2024-47774","gstreamer","9.1","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047774","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47615","https://nvd.nist.gov/vuln/detail/CVE-2024-47615","gstreamer","9.8","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047615","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47613","https://nvd.nist.gov/vuln/detail/CVE-2024-47613","gstreamer","9.8","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047613","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47607","https://nvd.nist.gov/vuln/detail/CVE-2024-47607","gstreamer","9.8","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047607","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47606","https://nvd.nist.gov/vuln/detail/CVE-2024-47606","gstreamer","9.8","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047606","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47603","https://nvd.nist.gov/vuln/detail/CVE-2024-47603","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047603","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47602","https://nvd.nist.gov/vuln/detail/CVE-2024-47602","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047602","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47601","https://nvd.nist.gov/vuln/detail/CVE-2024-47601","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047601","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47600","https://nvd.nist.gov/vuln/detail/CVE-2024-47600","gstreamer","9.1","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047600","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47599","https://nvd.nist.gov/vuln/detail/CVE-2024-47599","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047599","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47598","https://nvd.nist.gov/vuln/detail/CVE-2024-47598","gstreamer","9.1","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047598","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47597","https://nvd.nist.gov/vuln/detail/CVE-2024-47597","gstreamer","9.1","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047597","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47596","https://nvd.nist.gov/vuln/detail/CVE-2024-47596","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047596","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47546","https://nvd.nist.gov/vuln/detail/CVE-2024-47546","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047546","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47545","https://nvd.nist.gov/vuln/detail/CVE-2024-47545","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047545","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47544","https://nvd.nist.gov/vuln/detail/CVE-2024-47544","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047544","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47543","https://nvd.nist.gov/vuln/detail/CVE-2024-47543","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047543","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47542","https://nvd.nist.gov/vuln/detail/CVE-2024-47542","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047542","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47541","https://nvd.nist.gov/vuln/detail/CVE-2024-47541","gstreamer","7.5","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047541","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47540","https://nvd.nist.gov/vuln/detail/CVE-2024-47540","gstreamer","9.8","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047540","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47539","https://nvd.nist.gov/vuln/detail/CVE-2024-47539","gstreamer","9.8","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047539","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47538","https://nvd.nist.gov/vuln/detail/CVE-2024-47538","gstreamer","9.8","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047538","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-47537","https://nvd.nist.gov/vuln/detail/CVE-2024-47537","gstreamer","9.8","1.24.7","1.24.10","1.24.10","gstreamer","2024A0000047537","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-24790","https://nvd.nist.gov/vuln/detail/CVE-2024-24790","go","9.8","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2024A0000024790","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/319485 
+https://github.com/NixOS/nixpkgs/pull/331906 
+https://github.com/NixOS/nixpkgs/pull/361606"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-24789","https://nvd.nist.gov/vuln/detail/CVE-2024-24789","go","5.5","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2024A0000024789","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/319485 
+https://github.com/NixOS/nixpkgs/pull/361606"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-23741","https://nvd.nist.gov/vuln/detail/CVE-2024-23741","hyper","9.8","1.5.0","","","","2024A0000023741","False","","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-23741","https://nvd.nist.gov/vuln/detail/CVE-2024-23741","hyper","9.8","1.4.1","","","","2024A0000023741","False","","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-21524","https://nvd.nist.gov/vuln/detail/CVE-2024-21524","stringbuilder","9.1","0.5.1","0.5.1","0.5.1","haskell:stringbuilder","2024A0000021524","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-21485","https://nvd.nist.gov/vuln/detail/CVE-2024-21485","dash","5.4","0.5.12","","","","2024A0000021485","False","","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-11498","https://nvd.nist.gov/vuln/detail/CVE-2024-11498","libjxl","","0.11.0","0.11.1","0.11.1","libjxl","2024A0000011498","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/359791"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-11403","https://nvd.nist.gov/vuln/detail/CVE-2024-11403","libjxl","","0.11.0","0.11.1","0.11.1","libjxl","2024A0000011403","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/359791"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-11168","https://nvd.nist.gov/vuln/detail/CVE-2024-11168","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000011168","False","","err_not_vulnerable_based_on_repology",""
@@ -10,6 +50,8 @@
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-9287","https://nvd.nist.gov/vuln/detail/CVE-2024-9287","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000009287","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","MAL-2024-9233","https://osv.dev/MAL-2024-9233","foldl","","1.4.17","1.4.17","1.4.18","haskell:foldl","2024A0000009233","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-9143","https://nvd.nist.gov/vuln/detail/CVE-2024-9143","openssl","4.3","3.3.2","3.3.2","3.4.0","openssl","2024A0000009143","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8365","https://nvd.nist.gov/vuln/detail/CVE-2024-8365","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2024A0000008365","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8354","https://nvd.nist.gov/vuln/detail/CVE-2024-8354","qemu","5.5","9.1.1","9.2.0","9.2.0","qemu","2024A0000008354","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-8088","https://nvd.nist.gov/vuln/detail/CVE-2024-8088","python","","2.7.18.8","3.13.1","3.13.1","python","2024A0000008088","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2024-7592","https://nvd.nist.gov/vuln/detail/CVE-2024-7592","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2024A0000007592","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
@@ -51,34 +93,99 @@ https://github.com/NixOS/nixpkgs/pull/299125"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-vjrq-cg9x-rfjp","https://osv.dev/GHSA-vjrq-cg9x-rfjp","cookie","","0.4.6","0.5.0","0.5.0","haskell:cookie","2023A1686614400","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-9cp3-fh5x-xfcj","https://osv.dev/GHSA-9cp3-fh5x-xfcj","charset","","0.3.10","0.3.10","0.3.11","haskell:charset","2023A1680220800","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-52356","https://nvd.nist.gov/vuln/detail/CVE-2023-52356","libtiff","7.5","4.7.0","4.7.0","4.7.0","tiff","2023A0000052356","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-51258","https://nvd.nist.gov/vuln/detail/CVE-2023-51258","yasm","5.5","1.3.0","1.3.0","1.3.0","yasm","2023A0000051258","False","","fix_not_available",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-49292","https://nvd.nist.gov/vuln/detail/CVE-2023-49292","go","4.8","1.23.3","1.23.4","1.23.4","go","2023A0000049292","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-49292","https://nvd.nist.gov/vuln/detail/CVE-2023-49292","go","4.8","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2023A0000049292","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-46361","https://nvd.nist.gov/vuln/detail/CVE-2023-46361","jbig2dec","6.5","0.20","0.20","0.20","jbig2dec","2023A0000046361","False","","fix_not_available",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-45853","https://nvd.nist.gov/vuln/detail/CVE-2023-45853","zlib","9.8","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000045853","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262722 
+https://github.com/NixOS/nixpkgs/pull/263083"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-45853","https://nvd.nist.gov/vuln/detail/CVE-2023-45853","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000045853","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262722 
 https://github.com/NixOS/nixpkgs/pull/263083"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-44487","https://nvd.nist.gov/vuln/detail/CVE-2023-44487","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2023A0000044487","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262738 
+https://github.com/NixOS/nixpkgs/pull/263279 
+https://github.com/NixOS/nixpkgs/pull/278073 
+https://github.com/NixOS/nixpkgs/pull/286248 
+https://github.com/NixOS/nixpkgs/pull/298640"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-41940","https://nvd.nist.gov/vuln/detail/CVE-2023-41940","tap","5.4","1.0.1","0.77","0.77","texlive:tap","2023A0000041940","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-41330","https://nvd.nist.gov/vuln/detail/CVE-2023-41330","snappy","9.8","1.2.1","","","","2023A0000041330","True","Incorrect package: Issue concerns snappy php library: https://github.com/KnpLabs/snappy, whereas, nixpkgs ""snappy"" refers snappy compression library: https://google.github.io/snappy/. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-40217","https://nvd.nist.gov/vuln/detail/CVE-2023-40217","python","5.3","2.7.18.8","3.13.1","3.13.1","python","2023A0000040217","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
 https://github.com/NixOS/nixpkgs/pull/363310"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-39325","https://nvd.nist.gov/vuln/detail/CVE-2023-39325","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2023A0000039325","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/262713 
+https://github.com/NixOS/nixpkgs/pull/300783"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-39323","https://nvd.nist.gov/vuln/detail/CVE-2023-39323","go","8.1","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2023A0000039323","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-39322","https://nvd.nist.gov/vuln/detail/CVE-2023-39322","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2023A0000039322","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-39321","https://nvd.nist.gov/vuln/detail/CVE-2023-39321","go","7.5","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2023A0000039321","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-39320","https://nvd.nist.gov/vuln/detail/CVE-2023-39320","go","9.8","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2023A0000039320","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-39319","https://nvd.nist.gov/vuln/detail/CVE-2023-39319","go","6.1","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2023A0000039319","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-39318","https://nvd.nist.gov/vuln/detail/CVE-2023-39318","go","6.1","1.21.0-linux-amd64-bootstrap","1.23.4","1.23.4","go","2023A0000039318","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-37769","https://nvd.nist.gov/vuln/detail/CVE-2023-37769","pixman","6.5","0.43.4","0.44.2","0.44.2","pixman","2023A0000037769","False","See: https://gitlab.freedesktop.org/pixman/pixman/-/issues/76: ""This somehow got assigned CVE-2023-37769, not sure why NVD keeps assigning CVEs like this. This is just a test executable"".","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-36632","https://nvd.nist.gov/vuln/detail/CVE-2023-36632","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2023A0000036632","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
 https://github.com/NixOS/nixpkgs/pull/363310"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-33955","https://nvd.nist.gov/vuln/detail/CVE-2023-33955","console","5.3","0.15.8","0.1.0-unstable-2024-05-07","","ocaml:console","2023A0000033955","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-32665","https://nvd.nist.gov/vuln/detail/CVE-2023-32665","glib","5.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032665","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-32643","https://nvd.nist.gov/vuln/detail/CVE-2023-32643","glib","7.8","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032643","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-32636","https://nvd.nist.gov/vuln/detail/CVE-2023-32636","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032636","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-32611","https://nvd.nist.gov/vuln/detail/CVE-2023-32611","glib","5.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000032611","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-31975","https://nvd.nist.gov/vuln/detail/CVE-2023-31975","yasm","3.3","1.3.0","","","","2023A0000031975","True","Memory leak in CLI tool, no security impact.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-31974","https://nvd.nist.gov/vuln/detail/CVE-2023-31974","yasm","5.5","1.3.0","","","","2023A0000031974","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-31973","https://nvd.nist.gov/vuln/detail/CVE-2023-31973","yasm","5.5","1.3.0","","","","2023A0000031973","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-31972","https://nvd.nist.gov/vuln/detail/CVE-2023-31972","yasm","5.5","1.3.0","","","","2023A0000031972","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-30402","https://nvd.nist.gov/vuln/detail/CVE-2023-30402","yasm","5.5","1.3.0","","","","2023A0000030402","True","Crash in CLI tool, no security impact.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-29499","https://nvd.nist.gov/vuln/detail/CVE-2023-29499","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2023A0000029499","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-28322","https://nvd.nist.gov/vuln/detail/CVE-2023-28322","curl","3.7","0.4.46","","","","2023A0000028322","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531 
+https://github.com/NixOS/nixpkgs/pull/232535"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-28321","https://nvd.nist.gov/vuln/detail/CVE-2023-28321","curl","5.9","0.4.46","","","","2023A0000028321","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531 
+https://github.com/NixOS/nixpkgs/pull/232535"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-28320","https://nvd.nist.gov/vuln/detail/CVE-2023-28320","curl","5.9","0.4.46","","","","2023A0000028320","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531 
+https://github.com/NixOS/nixpkgs/pull/232535"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-28319","https://nvd.nist.gov/vuln/detail/CVE-2023-28319","curl","7.5","0.4.46","","","","2023A0000028319","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/232531"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-28115","https://nvd.nist.gov/vuln/detail/CVE-2023-28115","snappy","9.8","1.2.1","","","","2023A0000028115","True","Incorrect package: Issue concerns snappy php library: https://github.com/KnpLabs/snappy, whereas, nixpkgs ""snappy"" refers snappy compression library: https://google.github.io/snappy/. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-27043","https://nvd.nist.gov/vuln/detail/CVE-2023-27043","python","5.3","2.7.18.8","3.13.1","3.13.1","python","2023A0000027043","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/243074 
 https://github.com/NixOS/nixpkgs/pull/349408"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-26044","https://nvd.nist.gov/vuln/detail/CVE-2023-26044","http","5.3","1.1.0","","","","2023A0000026044","False","","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-25000","https://nvd.nist.gov/vuln/detail/CVE-2023-25000","vault","4.7","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000025000","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-25000","https://nvd.nist.gov/vuln/detail/CVE-2023-25000","vault","4.7","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000025000","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-24999","https://nvd.nist.gov/vuln/detail/CVE-2023-24999","vault","8.1","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000024999","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/221835 
+https://github.com/NixOS/nixpkgs/pull/221841"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-24999","https://nvd.nist.gov/vuln/detail/CVE-2023-24999","vault","8.1","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000024999","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/221835 
+https://github.com/NixOS/nixpkgs/pull/221841"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-24329","https://nvd.nist.gov/vuln/detail/CVE-2023-24329","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2023A0000024329","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
 https://github.com/NixOS/nixpkgs/pull/236448 
 https://github.com/NixOS/nixpkgs/pull/363310"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-7216","https://nvd.nist.gov/vuln/detail/CVE-2023-7216","cpio","5.3","2.15","2.15","2.15","cpio","2023A0000007216","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","1.3.1","1.3.1","1.3.1","zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6992","https://nvd.nist.gov/vuln/detail/CVE-2023-6992","zlib","5.5","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2023A0000006992","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6597","https://nvd.nist.gov/vuln/detail/CVE-2023-6597","python","7.8","2.7.18.8","3.13.1","3.13.1","python","2023A0000006597","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/298006 
 https://github.com/NixOS/nixpkgs/pull/299123 
 https://github.com/NixOS/nixpkgs/pull/299125"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6337","https://nvd.nist.gov/vuln/detail/CVE-2023-6337","vault","7.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000006337","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/272492 
+https://github.com/NixOS/nixpkgs/pull/274068 
+https://github.com/NixOS/nixpkgs/pull/274071"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6337","https://nvd.nist.gov/vuln/detail/CVE-2023-6337","vault","7.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000006337","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/272492 
+https://github.com/NixOS/nixpkgs/pull/274068 
+https://github.com/NixOS/nixpkgs/pull/274071"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6277","https://nvd.nist.gov/vuln/detail/CVE-2023-6277","libtiff","6.5","4.7.0","4.7.0","4.7.0","tiff","2023A0000006277","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-6228","https://nvd.nist.gov/vuln/detail/CVE-2023-6228","libtiff","3.3","4.7.0","4.7.0","4.7.0","tiff","2023A0000006228","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-5841","https://nvd.nist.gov/vuln/detail/CVE-2023-5841","openexr","9.1","2.5.10","3.2.4","3.3.2","openexr","2023A0000005841","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/300526 
 https://github.com/NixOS/nixpkgs/pull/346060 
 https://github.com/NixOS/nixpkgs/pull/349220 
 https://github.com/NixOS/nixpkgs/pull/352826"
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-5341","https://nvd.nist.gov/vuln/detail/CVE-2023-5341","imagemagick","6.2","7.1.1-40","7.1.1-40","7.1.1.43","imagemagick","2023A0000005341","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-2754","https://nvd.nist.gov/vuln/detail/CVE-2023-2754","warp","7.4","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000002754","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-5752","https://nvd.nist.gov/vuln/detail/CVE-2023-5752","pip","3.3","20.3.4-source","24.0","24.3.1","pip","2023A0000005752","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/276928 
+https://github.com/NixOS/nixpkgs/pull/368263"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-5341","https://nvd.nist.gov/vuln/detail/CVE-2023-5341","imagemagick","5.5","7.1.1-40","7.1.1-40","7.1.1.43","imagemagick","2023A0000005341","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-4039","https://nvd.nist.gov/vuln/detail/CVE-2023-4039","gcc","4.8","13.3.0","","","","2023A0000004039","False","","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-3297","https://nvd.nist.gov/vuln/detail/CVE-2023-3297","accountsservice","7.8","23.13.9","23.13.9","23.13.9","accountsservice","2023A0000003297","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-2754","https://nvd.nist.gov/vuln/detail/CVE-2023-2754","warp","6.8","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000002754","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-2680","https://nvd.nist.gov/vuln/detail/CVE-2023-2680","qemu","7.5","9.1.1","9.2.0","9.2.0","qemu","2023A0000002680","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/305402"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-2121","https://nvd.nist.gov/vuln/detail/CVE-2023-2121","vault","5.4","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000002121","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/236911 
+https://github.com/NixOS/nixpkgs/pull/239559 
+https://github.com/NixOS/nixpkgs/pull/239571"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-2121","https://nvd.nist.gov/vuln/detail/CVE-2023-2121","vault","5.4","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000002121","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/236911 
+https://github.com/NixOS/nixpkgs/pull/239559 
+https://github.com/NixOS/nixpkgs/pull/239571"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-1862","https://nvd.nist.gov/vuln/detail/CVE-2023-1862","warp","7.3","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000001862","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-1412","https://nvd.nist.gov/vuln/detail/CVE-2023-1412","warp","7","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000001412","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-1412","https://nvd.nist.gov/vuln/detail/CVE-2023-1412","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000001412","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-1386","https://nvd.nist.gov/vuln/detail/CVE-2023-1386","qemu","3.3","9.1.1","9.2.0","9.2.0","qemu","2023A0000001386","False","Revisit when fixed upstream: https://github.com/v9fs/linux/issues/29.","fix_not_available",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1344","https://osv.dev/OSV-2023-1344","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001344","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-1329","https://osv.dev/OSV-2023-1329","jq","","1.7.1","1.7.1","1.7.1","jq","2023A0000001329","False","","err_not_vulnerable_based_on_repology",""
@@ -87,15 +194,19 @@ https://github.com/NixOS/nixpkgs/pull/352826"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-877","https://osv.dev/OSV-2023-877","libbpf","","1.4.7","1.4.7","1.5.0","libbpf","2023A0000000877","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-862","https://osv.dev/OSV-2023-862","gstreamer","","1.24.7","1.24.10","1.24.10","gstreamer","2023A0000000862","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-675","https://osv.dev/OSV-2023-675","flac","","1.4.3","1.4.3","1.4.3","flac","2023A0000000675","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0654","https://nvd.nist.gov/vuln/detail/CVE-2023-0654","warp","3.9","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000654","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0652","https://nvd.nist.gov/vuln/detail/CVE-2023-0652","warp","7","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000652","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0665","https://nvd.nist.gov/vuln/detail/CVE-2023-0665","vault","6.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000665","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0665","https://nvd.nist.gov/vuln/detail/CVE-2023-0665","vault","6.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000665","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0654","https://nvd.nist.gov/vuln/detail/CVE-2023-0654","warp","3.7","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000654","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0652","https://nvd.nist.gov/vuln/detail/CVE-2023-0652","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000652","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0620","https://nvd.nist.gov/vuln/detail/CVE-2023-0620","vault","6.7","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000620","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0620","https://nvd.nist.gov/vuln/detail/CVE-2023-0620","vault","6.7","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2023A0000000620","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/227692"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-505","https://osv.dev/OSV-2023-505","file","","5.45","5.46","5.46","file","2023A0000000505","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-395","https://osv.dev/OSV-2023-395","opensc","","0.26.0","0.26.0","0.26.0","opensc","2023A0000000395","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-390","https://osv.dev/OSV-2023-390","qemu","","9.1.1","9.2.0","9.2.0","qemu","2023A0000000390","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-364","https://osv.dev/OSV-2023-364","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000364","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-327","https://osv.dev/OSV-2023-327","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2023A0000000327","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-298","https://osv.dev/OSV-2023-298","cairo","","1.18.2","1.17.13","1.17.14","ruby:cairo","2023A0000000298","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0238","https://nvd.nist.gov/vuln/detail/CVE-2023-0238","warp","3.9","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000238","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2023-0238","https://nvd.nist.gov/vuln/detail/CVE-2023-0238","warp","5.5","3.3.31","3.4.3","3.4.7","haskell:warp","2023A0000000238","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-197","https://osv.dev/OSV-2023-197","p11-kit","","0.25.5","0.25.5","0.25.5","p11-kit","2023A0000000197","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-137","https://osv.dev/OSV-2023-137","harfbuzz","","10.0.1","","","","2023A0000000137","True","Based on https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56510#c2, the issue is fixed in range https://github.com/harfbuzz/harfbuzz/compare/67e01c1292821e7b6fc2ab13acddb84ab41b2187...60841e26187576bff477c1a09ee2ffe544844abc all of which have been merged in 7.1.0.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2023-34","https://osv.dev/OSV-2023-34","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2023A0000000034","False","","err_not_vulnerable_based_on_repology",""
@@ -108,36 +219,117 @@ https://github.com/NixOS/nixpkgs/pull/363310"
 https://github.com/NixOS/nixpkgs/pull/363310"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-48560","https://nvd.nist.gov/vuln/detail/CVE-2022-48560","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000048560","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
 https://github.com/NixOS/nixpkgs/pull/363310"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-47524","https://nvd.nist.gov/vuln/detail/CVE-2022-47524","safe","5.4","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000047524","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-47524","https://nvd.nist.gov/vuln/detail/CVE-2022-47524","safe","5.4","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000047524","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-45868","https://nvd.nist.gov/vuln/detail/CVE-2022-45868","h2","7.8","0.4.6","","","","2022A0000045868","False","","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-45061","https://nvd.nist.gov/vuln/detail/CVE-2022-45061","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000045061","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/201859 
 https://github.com/NixOS/nixpkgs/pull/204893 
 https://github.com/NixOS/nixpkgs/pull/204900 
 https://github.com/NixOS/nixpkgs/pull/204902 
 https://github.com/NixOS/nixpkgs/pull/363310"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-43552","https://nvd.nist.gov/vuln/detail/CVE-2022-43552","curl","5.9","0.4.46","","","","2022A0000043552","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/207158 
+https://github.com/NixOS/nixpkgs/pull/207162 
+https://github.com/NixOS/nixpkgs/pull/207165"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-43410","https://nvd.nist.gov/vuln/detail/CVE-2022-43410","mercurial","5.3","6.8.2","6.8.2","6.9","mercurial","2022A0000043410","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-43357","https://nvd.nist.gov/vuln/detail/CVE-2022-43357","sassc","7.5","3.6.2","3.6.2","3.6.2","sassc","2022A0000043357","False","","fix_not_available","https://github.com/NixOS/nixpkgs/pull/274726 
 https://github.com/NixOS/nixpkgs/pull/275599 
 https://github.com/NixOS/nixpkgs/pull/275878"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-42012","https://nvd.nist.gov/vuln/detail/CVE-2022-42012","dbus","6.5","1","1.14.10","1.16.0","dbus","2022A0000042012","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
+https://github.com/NixOS/nixpkgs/pull/253430"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-42012","https://nvd.nist.gov/vuln/detail/CVE-2022-42012","dbus","6.5","0.9.7","1.14.10","1.16.0","dbus","2022A0000042012","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
+https://github.com/NixOS/nixpkgs/pull/253430"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-42011","https://nvd.nist.gov/vuln/detail/CVE-2022-42011","dbus","6.5","1","1.14.10","1.16.0","dbus","2022A0000042011","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
+https://github.com/NixOS/nixpkgs/pull/253430"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-42011","https://nvd.nist.gov/vuln/detail/CVE-2022-42011","dbus","6.5","0.9.7","1.14.10","1.16.0","dbus","2022A0000042011","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
+https://github.com/NixOS/nixpkgs/pull/253430"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-42010","https://nvd.nist.gov/vuln/detail/CVE-2022-42010","dbus","6.5","1","1.14.10","1.16.0","dbus","2022A0000042010","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
+https://github.com/NixOS/nixpkgs/pull/253430"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-42010","https://nvd.nist.gov/vuln/detail/CVE-2022-42010","dbus","6.5","0.9.7","1.14.10","1.16.0","dbus","2022A0000042010","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195264 
+https://github.com/NixOS/nixpkgs/pull/253430"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-41316","https://nvd.nist.gov/vuln/detail/CVE-2022-41316","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2022A0000041316","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-41316","https://nvd.nist.gov/vuln/detail/CVE-2022-41316","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2022A0000041316","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-40898","https://nvd.nist.gov/vuln/detail/CVE-2022-40898","wheel","7.5","0.37.1-source","0.45.1","0.45.1","python:wheel","2022A0000040898","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/210565 
+https://github.com/NixOS/nixpkgs/pull/361930 
+https://github.com/NixOS/nixpkgs/pull/362304"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-40897","https://nvd.nist.gov/vuln/detail/CVE-2022-40897","setuptools","5.9","44.0.0-source","75.3.0","75.6.0","python:setuptools","2022A0000040897","False","","fix_update_to_version_nixpkgs",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38663","https://nvd.nist.gov/vuln/detail/CVE-2022-38663","git","6.5","2.47.0","","","","2022A0000038663","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38164","https://nvd.nist.gov/vuln/detail/CVE-2022-38164","safe","6.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000038164","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38164","https://nvd.nist.gov/vuln/detail/CVE-2022-38164","safe","6.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038164","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-38163","https://nvd.nist.gov/vuln/detail/CVE-2022-38163","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000038163","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-37434","https://nvd.nist.gov/vuln/detail/CVE-2022-37434","zlib","9.8","0.6.3.0-r5.cabal","0.7.1.0","0.7.1.0","haskell:zlib","2022A0000037434","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/185554 
+https://github.com/NixOS/nixpkgs/pull/185613 
+https://github.com/NixOS/nixpkgs/pull/185693 
+https://github.com/NixOS/nixpkgs/pull/185754 
+https://github.com/NixOS/nixpkgs/pull/186941"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-37434","https://nvd.nist.gov/vuln/detail/CVE-2022-37434","zlib","9.8","0.6.3.0","0.7.1.0","0.7.1.0","haskell:zlib","2022A0000037434","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/185554 
 https://github.com/NixOS/nixpkgs/pull/185613 
 https://github.com/NixOS/nixpkgs/pull/185693 
 https://github.com/NixOS/nixpkgs/pull/185754 
 https://github.com/NixOS/nixpkgs/pull/186941"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-37416","https://nvd.nist.gov/vuln/detail/CVE-2022-37416","libmpeg2","6.5","0.5.1","","","","2022A0000037416","True","NVD data issue: concerns Android only.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-36073","https://nvd.nist.gov/vuln/detail/CVE-2022-36073","rubygems","8.3","3.5.22","","","","2022A0000036073","True","Latest impacted version in 3.x is 3.0.4.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-36884","https://nvd.nist.gov/vuln/detail/CVE-2022-36884","git","5.3","2.47.0","","","","2022A0000036884","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-36883","https://nvd.nist.gov/vuln/detail/CVE-2022-36883","git","7.5","2.47.0","","","","2022A0000036883","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-36882","https://nvd.nist.gov/vuln/detail/CVE-2022-36882","git","8.8","2.47.0","","","","2022A0000036882","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-36073","https://nvd.nist.gov/vuln/detail/CVE-2022-36073","rubygems","8.8","3.5.22","","","","2022A0000036073","True","Latest impacted version in 3.x is 3.0.4.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-36032","https://nvd.nist.gov/vuln/detail/CVE-2022-36032","http","5.3","1.1.0","","","","2022A0000036032","False","","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-35252","https://nvd.nist.gov/vuln/detail/CVE-2022-35252","curl","3.7","0.4.46","","","","2022A0000035252","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/189083 
+https://github.com/NixOS/nixpkgs/pull/198730"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-32743","https://nvd.nist.gov/vuln/detail/CVE-2022-32743","samba","7.5","4.20.4","4.20.4","4.21.2","samba","2022A0000032743","False","","fix_not_available",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-26488","https://nvd.nist.gov/vuln/detail/CVE-2022-26488","python","7","2.7.18.8","3.13.1","3.13.1","python","2022A0000026488","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-32221","https://nvd.nist.gov/vuln/detail/CVE-2022-32221","curl","9.8","0.4.46","","","","2022A0000032221","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/198730"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-32206","https://nvd.nist.gov/vuln/detail/CVE-2022-32206","curl","6.5","0.4.46","","","","2022A0000032206","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/179314 
+https://github.com/NixOS/nixpkgs/pull/180021"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-30947","https://nvd.nist.gov/vuln/detail/CVE-2022-30947","git","7.5","2.47.0","","","","2022A0000030947","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28873","https://nvd.nist.gov/vuln/detail/CVE-2022-28873","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028873","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28873","https://nvd.nist.gov/vuln/detail/CVE-2022-28873","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028873","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28872","https://nvd.nist.gov/vuln/detail/CVE-2022-28872","safe","8.8","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028872","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28872","https://nvd.nist.gov/vuln/detail/CVE-2022-28872","safe","8.8","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028872","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28870","https://nvd.nist.gov/vuln/detail/CVE-2022-28870","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028870","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28870","https://nvd.nist.gov/vuln/detail/CVE-2022-28870","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028870","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28869","https://nvd.nist.gov/vuln/detail/CVE-2022-28869","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028869","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28869","https://nvd.nist.gov/vuln/detail/CVE-2022-28869","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028869","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28868","https://nvd.nist.gov/vuln/detail/CVE-2022-28868","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2022A0000028868","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-28868","https://nvd.nist.gov/vuln/detail/CVE-2022-28868","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2022A0000028868","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-27782","https://nvd.nist.gov/vuln/detail/CVE-2022-27782","curl","7.5","0.4.46","","","","2022A0000027782","False","","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-27781","https://nvd.nist.gov/vuln/detail/CVE-2022-27781","curl","7.5","0.4.46","","","","2022A0000027781","False","","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-27776","https://nvd.nist.gov/vuln/detail/CVE-2022-27776","curl","6.5","0.4.46","","","","2022A0000027776","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/170654 
+https://github.com/NixOS/nixpkgs/pull/170659"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-27470","https://nvd.nist.gov/vuln/detail/CVE-2022-27470","SDL_ttf","7.8","2.0.11","","","","2022A0000027470","False","","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-26691","https://nvd.nist.gov/vuln/detail/CVE-2022-26691","cups","6.7","2.4.11","","","","2022A0000026691","True","Fixed in nixpkgs with PR: https://github.com/NixOS/nixpkgs/pull/174898.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-26488","https://nvd.nist.gov/vuln/detail/CVE-2022-26488","python","7.0","2.7.18.8","3.13.1","3.13.1","python","2022A0000026488","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-25883","https://nvd.nist.gov/vuln/detail/CVE-2022-25883","semver","7.5","1.0.23","1.0.0","7.6.3","semver","2022A0000025883","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-25883","https://nvd.nist.gov/vuln/detail/CVE-2022-25883","semver","7.5","1.0.22","1.0.0","7.6.3","semver","2022A0000025883","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24394","https://nvd.nist.gov/vuln/detail/CVE-2022-24394","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024394","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24394","https://nvd.nist.gov/vuln/detail/CVE-2022-24394","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024394","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24393","https://nvd.nist.gov/vuln/detail/CVE-2022-24393","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024393","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24393","https://nvd.nist.gov/vuln/detail/CVE-2022-24393","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024393","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24392","https://nvd.nist.gov/vuln/detail/CVE-2022-24392","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024392","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24392","https://nvd.nist.gov/vuln/detail/CVE-2022-24392","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024392","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24391","https://nvd.nist.gov/vuln/detail/CVE-2022-24391","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024391","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24391","https://nvd.nist.gov/vuln/detail/CVE-2022-24391","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024391","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24390","https://nvd.nist.gov/vuln/detail/CVE-2022-24390","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024390","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24390","https://nvd.nist.gov/vuln/detail/CVE-2022-24390","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024390","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24389","https://nvd.nist.gov/vuln/detail/CVE-2022-24389","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024389","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24389","https://nvd.nist.gov/vuln/detail/CVE-2022-24389","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024389","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24388","https://nvd.nist.gov/vuln/detail/CVE-2022-24388","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000024388","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-24388","https://nvd.nist.gov/vuln/detail/CVE-2022-24388","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000024388","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-4457","https://nvd.nist.gov/vuln/detail/CVE-2022-4457","warp","5.5","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000004457","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-4428","https://nvd.nist.gov/vuln/detail/CVE-2022-4428","warp","8.9","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000004428","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-4428","https://nvd.nist.gov/vuln/detail/CVE-2022-4428","warp","8.0","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000004428","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","MAL-2022-4301","https://osv.dev/MAL-2022-4301","libidn2","","2.3.7","","","","2022A0000004301","True","Incorrect package: Issue refers npm libidn2, whereas, nixpkgs refers libidn2 https://gitlab.com/libidn/libidn2.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-3512","https://nvd.nist.gov/vuln/detail/CVE-2022-3512","warp","6.7","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000003512","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-3320","https://nvd.nist.gov/vuln/detail/CVE-2022-3320","warp","6.7","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000003320","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-3512","https://nvd.nist.gov/vuln/detail/CVE-2022-3512","warp","8.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000003512","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-3320","https://nvd.nist.gov/vuln/detail/CVE-2022-3320","warp","9.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000003320","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-3219","https://nvd.nist.gov/vuln/detail/CVE-2022-3219","gnupg","3.3","2.4.5","","","","2022A0000003219","True","Fix patch is not accepted upstream: https://dev.gnupg.org/D556.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-2225","https://nvd.nist.gov/vuln/detail/CVE-2022-2225","warp","8.1","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000002225","False","","err_not_vulnerable_based_on_repology",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-2145","https://nvd.nist.gov/vuln/detail/CVE-2022-2145","warp","5.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000002145","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-3064","https://nvd.nist.gov/vuln/detail/CVE-2022-3064","yaml","7.5","0.11.11.2-r2.cabal","0.11.11.2","0.11.11.2","haskell:yaml","2022A0000003064","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-3064","https://nvd.nist.gov/vuln/detail/CVE-2022-3064","yaml","7.5","0.11.11.2","0.11.11.2","0.11.11.2","haskell:yaml","2022A0000003064","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-2225","https://nvd.nist.gov/vuln/detail/CVE-2022-2225","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000002225","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-2145","https://nvd.nist.gov/vuln/detail/CVE-2022-2145","warp","7.8","3.3.31","3.4.3","3.4.7","haskell:warp","2022A0000002145","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-1615","https://nvd.nist.gov/vuln/detail/CVE-2022-1615","samba","5.5","4.20.4","4.20.4","4.21.2","samba","2022A0000001615","False","","fix_not_available",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-1276","https://osv.dev/OSV-2022-1276","openvpn","","2.6.12","2.6.12","2.6.12","openvpn","2022A0000001276","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-1201","https://osv.dev/OSV-2022-1201","opensc","","0.26.0","0.26.0","0.26.0","opensc","2022A0000001201","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-1188","https://osv.dev/OSV-2022-1188","opensc","","0.26.0","0.26.0","0.26.0","opensc","2022A0000001188","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-1108","https://osv.dev/OSV-2022-1108","ruby","","3.3.5","3.4.1","3.4.1","ruby","2022A0000001108","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-0997","https://nvd.nist.gov/vuln/detail/CVE-2022-0997","network","7.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000000997","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-908","https://osv.dev/OSV-2022-908","bluez","","5.78","5.79","5.79","bluez","2022A0000000908","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-896","https://osv.dev/OSV-2022-896","libsass","","3.6.6","3.6.6","3.6.6","libsass","2022A0000000896","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-882","https://osv.dev/OSV-2022-882","hunspell","","1.7.2","1.7.2","1.7.2","hunspell","2022A0000000882","False","","err_not_vulnerable_based_on_repology",""
@@ -152,6 +344,8 @@ https://github.com/NixOS/nixpkgs/pull/186941"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-530","https://osv.dev/OSV-2022-530","espeak-ng","","1.51.1","","","","2022A0000000530","False","Unclear if this is still valid.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-524","https://osv.dev/OSV-2022-524","ghostscript","","10.04.0","10.04.0","10.04.0","ghostscript","2022A0000000524","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-519","https://osv.dev/OSV-2022-519","espeak-ng","","1.51.1","","","","2022A0000000519","False","Unclear if this is still valid.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-0486","https://nvd.nist.gov/vuln/detail/CVE-2022-0486","network","7.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2022A0000000486","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-0486","https://nvd.nist.gov/vuln/detail/CVE-2022-0486","network","7.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2022A0000000486","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2022-462","https://osv.dev/OSV-2022-462","espeak-ng","","1.51.1","","","","2022A0000000462","False","Unclear if this is still valid.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2022-0391","https://nvd.nist.gov/vuln/detail/CVE-2022-0391","python","7.5","2.7.18.8","3.13.1","3.13.1","python","2022A0000000391","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
 https://github.com/NixOS/nixpkgs/pull/203428 
@@ -162,16 +356,69 @@ https://github.com/NixOS/nixpkgs/pull/363310"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-rjvj-673q-4hfw","https://osv.dev/GHSA-rjvj-673q-4hfw","traceroute","","2.1.6","","","","2021A1633305600","False","","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-m75h-cghq-c8h5","https://osv.dev/GHSA-m75h-cghq-c8h5","libyaml","","0.1.4","0.1.4","0.1.4","haskell:libyaml","2021A1632355200","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","GHSA-pgcr-7wm4-mcv6","https://osv.dev/GHSA-pgcr-7wm4-mcv6","pem","","0.2.4","0.2.4","0.2.4","haskell:pem","2021A1628035200","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-46829","https://nvd.nist.gov/vuln/detail/CVE-2021-46829","gdk-pixbuf","7.8","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2021A0000046829","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/312036 
+https://github.com/NixOS/nixpkgs/pull/314686"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-46312","https://nvd.nist.gov/vuln/detail/CVE-2021-46312","djvulibre","6.5","3.5.28","3.5.28","3.5.28","djvulibre","2021A0000046312","False","","fix_not_available",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-46310","https://nvd.nist.gov/vuln/detail/CVE-2021-46310","djvulibre","6.5","3.5.28","3.5.28","3.5.28","djvulibre","2021A0000046310","False","","fix_not_available",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-45810","https://nvd.nist.gov/vuln/detail/CVE-2021-45810","globalprotect-openconnect","7.5","1.4.9","1.4.9","2.3.9","globalprotect-openconnect","2021A0000045810","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-45429","https://nvd.nist.gov/vuln/detail/CVE-2021-45429","yara","5.5","4.5.0","4.5.0","4.5.2","yara","2021A0000045429","False","","fix_not_available","https://github.com/NixOS/nixpkgs/pull/161127"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-44751","https://nvd.nist.gov/vuln/detail/CVE-2021-44751","safe","5.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000044751","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-44751","https://nvd.nist.gov/vuln/detail/CVE-2021-44751","safe","5.3","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000044751","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","BIT-lua-2021-43519","https://osv.dev/BIT-lua-2021-43519","lua","","5.2.4","5.4.7","5.4.7","lua","2021A0000043519","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-43519","https://nvd.nist.gov/vuln/detail/CVE-2021-43519","lua","5.5","5.2.4","5.4.7","5.4.7","lua","2021A0000043519","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/195329 
 https://github.com/NixOS/nixpkgs/pull/195788"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-43138","https://nvd.nist.gov/vuln/detail/CVE-2021-43138","async","7.8","2.2.5-r2.cabal","2.2.5","2.2.5","haskell:async","2021A0000043138","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-43138","https://nvd.nist.gov/vuln/detail/CVE-2021-43138","async","7.8","2.2.5","2.2.5","2.2.5","haskell:async","2021A0000043138","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-41802","https://nvd.nist.gov/vuln/detail/CVE-2021-41802","vault","5.4","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000041802","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-41802","https://nvd.nist.gov/vuln/detail/CVE-2021-41802","vault","5.4","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000041802","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-40835","https://nvd.nist.gov/vuln/detail/CVE-2021-40835","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000040835","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-40835","https://nvd.nist.gov/vuln/detail/CVE-2021-40835","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000040835","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-40834","https://nvd.nist.gov/vuln/detail/CVE-2021-40834","safe","4.3","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000040834","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-40834","https://nvd.nist.gov/vuln/detail/CVE-2021-40834","safe","4.3","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000040834","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-39205","https://nvd.nist.gov/vuln/detail/CVE-2021-39205","jitsi-meet","6.1","1.0.8043","","","","2021A0000039205","True","Does not impact the version in nixpkgs as mentioned in https://github.com/NixOS/nixpkgs/issues/142979#issuecomment-964291845.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-38554","https://nvd.nist.gov/vuln/detail/CVE-2021-38554","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000038554","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-38554","https://nvd.nist.gov/vuln/detail/CVE-2021-38554","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000038554","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-35050","https://nvd.nist.gov/vuln/detail/CVE-2021-35050","network","7.5","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035050","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-35050","https://nvd.nist.gov/vuln/detail/CVE-2021-35050","network","7.5","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035050","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-35049","https://nvd.nist.gov/vuln/detail/CVE-2021-35049","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035049","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-35049","https://nvd.nist.gov/vuln/detail/CVE-2021-35049","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035049","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-35048","https://nvd.nist.gov/vuln/detail/CVE-2021-35048","network","9.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035048","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-35048","https://nvd.nist.gov/vuln/detail/CVE-2021-35048","network","9.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035048","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-35047","https://nvd.nist.gov/vuln/detail/CVE-2021-35047","network","8.8","3.1.4.0-r1.cabal","3.2.4.0","3.2.7.0","haskell:network","2021A0000035047","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-35047","https://nvd.nist.gov/vuln/detail/CVE-2021-35047","network","8.8","3.1.4.0","3.2.4.0","3.2.7.0","haskell:network","2021A0000035047","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33596","https://nvd.nist.gov/vuln/detail/CVE-2021-33596","safe","4.1","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000033596","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33596","https://nvd.nist.gov/vuln/detail/CVE-2021-33596","safe","4.1","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000033596","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33595","https://nvd.nist.gov/vuln/detail/CVE-2021-33595","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000033595","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33595","https://nvd.nist.gov/vuln/detail/CVE-2021-33595","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000033595","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33594","https://nvd.nist.gov/vuln/detail/CVE-2021-33594","safe","3.5","0.3.21-r1.cabal","0.3.21","0.3.21","haskell:safe","2021A0000033594","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33594","https://nvd.nist.gov/vuln/detail/CVE-2021-33594","safe","3.5","0.3.21","0.3.21","0.3.21","haskell:safe","2021A0000033594","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33506","https://nvd.nist.gov/vuln/detail/CVE-2021-33506","jitsi-meet","7.5","1.0.8043","","","","2021A0000033506","True","Fixed in nixpkgs as mentioned in https://github.com/NixOS/nixpkgs/issues/132134#issuecomment-890319135.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33468","https://nvd.nist.gov/vuln/detail/CVE-2021-33468","yasm","5.5","1.3.0","","","","2021A0000033468","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33467","https://nvd.nist.gov/vuln/detail/CVE-2021-33467","yasm","5.5","1.3.0","","","","2021A0000033467","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33466","https://nvd.nist.gov/vuln/detail/CVE-2021-33466","yasm","5.5","1.3.0","","","","2021A0000033466","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33465","https://nvd.nist.gov/vuln/detail/CVE-2021-33465","yasm","5.5","1.3.0","","","","2021A0000033465","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33464","https://nvd.nist.gov/vuln/detail/CVE-2021-33464","yasm","5.5","1.3.0","","","","2021A0000033464","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33463","https://nvd.nist.gov/vuln/detail/CVE-2021-33463","yasm","5.5","1.3.0","","","","2021A0000033463","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33462","https://nvd.nist.gov/vuln/detail/CVE-2021-33462","yasm","5.5","1.3.0","","","","2021A0000033462","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33461","https://nvd.nist.gov/vuln/detail/CVE-2021-33461","yasm","5.5","1.3.0","","","","2021A0000033461","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33460","https://nvd.nist.gov/vuln/detail/CVE-2021-33460","yasm","5.5","1.3.0","","","","2021A0000033460","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33459","https://nvd.nist.gov/vuln/detail/CVE-2021-33459","yasm","5.5","1.3.0","","","","2021A0000033459","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33458","https://nvd.nist.gov/vuln/detail/CVE-2021-33458","yasm","5.5","1.3.0","","","","2021A0000033458","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33457","https://nvd.nist.gov/vuln/detail/CVE-2021-33457","yasm","5.5","1.3.0","","","","2021A0000033457","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33456","https://nvd.nist.gov/vuln/detail/CVE-2021-33456","yasm","5.5","1.3.0","","","","2021A0000033456","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33455","https://nvd.nist.gov/vuln/detail/CVE-2021-33455","yasm","5.5","1.3.0","","","","2021A0000033455","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-33454","https://nvd.nist.gov/vuln/detail/CVE-2021-33454","yasm","5.5","1.3.0","","","","2021A0000033454","True","Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-30499","https://nvd.nist.gov/vuln/detail/CVE-2021-30499","libcaca","7.8","0.99.beta20","","","","2021A0000030499","True","NVD data issue: CPE entry does not correctly state the version numbers. Issue is fixed in v0.99.beta20: https://github.com/cacalabs/libcaca/releases/tag/v0.99.beta20.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-28794","https://nvd.nist.gov/vuln/detail/CVE-2021-28794","ShellCheck","9.8","0.10.0","0.10.0","0.10.0","shellcheck","2021A0000028794","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-28153","https://nvd.nist.gov/vuln/detail/CVE-2021-28153","glib","5.3","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000028153","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-27400","https://nvd.nist.gov/vuln/detail/CVE-2021-27400","vault","7.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000027400","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/120155 
+https://github.com/NixOS/nixpkgs/pull/120157"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-27400","https://nvd.nist.gov/vuln/detail/CVE-2021-27400","vault","7.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000027400","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/120155 
+https://github.com/NixOS/nixpkgs/pull/120157"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-27219","https://nvd.nist.gov/vuln/detail/CVE-2021-27219","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000027219","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-27218","https://nvd.nist.gov/vuln/detail/CVE-2021-27218","glib","7.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000027218","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-26945","https://nvd.nist.gov/vuln/detail/CVE-2021-26945","openexr","5.5","2.5.10","","","","2021A0000026945","True","Fix patch https://github.com/AcademySoftwareFoundation/openexr/pull/930/commits/b73ec53bd24ba116d7bf48ebdc868301c596706e modifies a file that is not available in openexr 2. Thus, the fix doesn't apply to 2.5.8.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-26720","https://nvd.nist.gov/vuln/detail/CVE-2021-26720","avahi","7.8","0.8","","","","2021A0000026720","True","False positive: issue refers avahi-daemon-check-dns.sh in the Debian avahi package. As such, the issue is specific to Debian and its derivatives.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-26260","https://nvd.nist.gov/vuln/detail/CVE-2021-26260","openexr","5.5","2.5.10","","","","2021A0000026260","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d which went to 2.5.5.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-23336","https://nvd.nist.gov/vuln/detail/CVE-2021-23336","python","5.9","2.7.18.8","3.13.1","3.13.1","python","2021A0000023336","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/117037 
 https://github.com/NixOS/nixpkgs/pull/117082 
@@ -180,20 +427,35 @@ https://github.com/NixOS/nixpkgs/pull/173833
 https://github.com/NixOS/nixpkgs/pull/363310"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-23215","https://nvd.nist.gov/vuln/detail/CVE-2021-23215","openexr","5.5","2.5.10","","","","2021A0000023215","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d which went to 2.5.5.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-23169","https://nvd.nist.gov/vuln/detail/CVE-2021-23169","openexr","8.8","2.5.10","","","","2021A0000023169","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-21684","https://nvd.nist.gov/vuln/detail/CVE-2021-21684","git","6.1","2.47.0","","","","2021A0000021684","True","Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-20255","https://nvd.nist.gov/vuln/detail/CVE-2021-20255","qemu","5.5","9.1.1","","","","2021A0000020255","True","Upstream patch not merged: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html. No point fixing this in nixpkgs as long as it is not fixed upstream.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-4276","https://nvd.nist.gov/vuln/detail/CVE-2021-4276","hedgehog","4.1","1.4","1.5","1.5","haskell:hedgehog","2021A0000004276","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/192632"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-20240","https://nvd.nist.gov/vuln/detail/CVE-2021-20240","gdk-pixbuf","8.8","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2021A0000020240","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/312036 
+https://github.com/NixOS/nixpkgs/pull/314686"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-4336","https://nvd.nist.gov/vuln/detail/CVE-2021-4336","ninja","9.8","1.12.1","","","","2021A0000004336","True","Incorrect package: nixpkgs 'ninja' refers https://github.com/ninja-build/ninja, not https://github.com/ITRS-Group/monitor-ninja.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-4276","https://nvd.nist.gov/vuln/detail/CVE-2021-4276","hedgehog","8.8","1.4-r8.cabal","1.5","1.5","haskell:hedgehog","2021A0000004276","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/192632"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-4276","https://nvd.nist.gov/vuln/detail/CVE-2021-4276","hedgehog","8.8","1.4","1.5","1.5","haskell:hedgehog","2021A0000004276","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/192632"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-4235","https://nvd.nist.gov/vuln/detail/CVE-2021-4235","yaml","5.5","0.11.11.2-r2.cabal","0.11.11.2","0.11.11.2","haskell:yaml","2021A0000004235","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-4235","https://nvd.nist.gov/vuln/detail/CVE-2021-4235","yaml","5.5","0.11.11.2","0.11.11.2","0.11.11.2","haskell:yaml","2021A0000004235","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-4048","https://nvd.nist.gov/vuln/detail/CVE-2021-4048","lapack","9.1","3","3.12.0","3.12.0","lapack","2021A0000004048","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/150788 
 https://github.com/NixOS/nixpkgs/pull/150906 
 https://github.com/NixOS/nixpkgs/pull/152147 
 https://github.com/NixOS/nixpkgs/pull/152359 
 https://github.com/NixOS/nixpkgs/pull/168777"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-4034","https://nvd.nist.gov/vuln/detail/CVE-2021-4034","polkit","7.8","1.pam","124","125","polkit","2021A0000004034","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/155725 
+https://github.com/NixOS/nixpkgs/pull/156750 
+https://github.com/NixOS/nixpkgs/pull/156822 
+https://github.com/NixOS/nixpkgs/pull/295087"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-3800","https://nvd.nist.gov/vuln/detail/CVE-2021-3800","glib","5.5","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2021A0000003800","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-3733","https://nvd.nist.gov/vuln/detail/CVE-2021-3733","python","6.5","2.7.18.8","3.13.1","3.13.1","python","2021A0000003733","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/173833 
 https://github.com/NixOS/nixpkgs/pull/203428 
 https://github.com/NixOS/nixpkgs/pull/363310"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-3670","https://nvd.nist.gov/vuln/detail/CVE-2021-3670","samba","6.5","4.20.4","4.20.4","4.21.2","samba","2021A0000003670","False","","fix_not_available",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-3605","https://nvd.nist.gov/vuln/detail/CVE-2021-3605","openexr","5.5","2.5.10","","","","2021A0000003605","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-3598","https://nvd.nist.gov/vuln/detail/CVE-2021-3598","openexr","5.5","2.5.10","","","","2021A0000003598","True","False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR https://github.com/AcademySoftwareFoundation/openexr/pull/1040 which went to 2.5.7.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-3572","https://nvd.nist.gov/vuln/detail/CVE-2021-3572","pip","5.7","20.3.4-source","24.0","24.3.1","pip","2021A0000003572","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/368263"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-3177","https://nvd.nist.gov/vuln/detail/CVE-2021-3177","python","9.8","2.7.18.8","3.13.1","3.13.1","python","2021A0000003177","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/201859"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-3024","https://nvd.nist.gov/vuln/detail/CVE-2021-3024","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2021A0000003024","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2021-3024","https://nvd.nist.gov/vuln/detail/CVE-2021-3024","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2021A0000003024","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2021-1157","https://osv.dev/OSV-2021-1157","espeak-ng","","1.51.1","","","","2021A0000001157","False","Unclear if this is still valid.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2021-1141","https://osv.dev/OSV-2021-1141","espeak-ng","","1.51.1","","","","2021A0000001141","False","Unclear if this is still valid.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2021-1110","https://osv.dev/OSV-2021-1110","espeak-ng","","1.51.1","","","","2021A0000001110","False","Unclear if this is still valid.","err_missing_repology_version",""
@@ -205,19 +467,40 @@ https://github.com/NixOS/nixpkgs/pull/363310"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2021-777","https://osv.dev/OSV-2021-777","libxml2","","2.13.4","","","","2021A0000000777","True","Fixed by https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f5ccada05ddd4a1ff8e399ad39fc7cd4bd33325, which went to 2.9.13. Therefore, this issue is fixed in 2.10.4.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2021-765","https://osv.dev/OSV-2021-765","espeak-ng","","1.51.1","","","","2021A0000000765","False","Unclear if this is still valid.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2021-508","https://osv.dev/OSV-2021-508","libsass","","3.6.6","3.6.6","3.6.6","libsass","2021A0000000508","False","Unclear if this is still valid.","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-35669","https://nvd.nist.gov/vuln/detail/CVE-2020-35669","http","6.1","0.2.12","0.3-0","0.4","lua:http","2020A0000035669","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-35457","https://nvd.nist.gov/vuln/detail/CVE-2020-35457","glib","7.8","0.18.5","0.13.11.0","0.13.11.0","haskell:glib","2020A0000035457","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-29385","https://nvd.nist.gov/vuln/detail/CVE-2020-29385","gdk-pixbuf","5.5","0.18.5","2.42.12","2.42.12","gdk-pixbuf","2020A0000029385","False","","fix_update_to_version_nixpkgs","https://github.com/NixOS/nixpkgs/pull/106302 
+https://github.com/NixOS/nixpkgs/pull/111542 
+https://github.com/NixOS/nixpkgs/pull/312036 
+https://github.com/NixOS/nixpkgs/pull/314686"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-27748","https://nvd.nist.gov/vuln/detail/CVE-2020-27748","xdg-utils","6.5","1.2.1","1.2.1","1.2.1","xdg-utils","2020A0000027748","False","","fix_not_available",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-27569","https://nvd.nist.gov/vuln/detail/CVE-2020-27569","openvpn","7.5","2.6.12","2.6.12","2.6.12","openvpn","2020A0000027569","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-26304","https://nvd.nist.gov/vuln/detail/CVE-2020-26304","foundation","7.5","0.0.30","0.0.30","0.0.30","haskell:foundation","2020A0000026304","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-25594","https://nvd.nist.gov/vuln/detail/CVE-2020-25594","vault","5.3","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2020A0000025594","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-25594","https://nvd.nist.gov/vuln/detail/CVE-2020-25594","vault","5.3","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2020A0000025594","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/112146"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-24490","https://nvd.nist.gov/vuln/detail/CVE-2020-24490","bluez","6.5","5.78","","","","2020A0000024490","True","Fixed in linux kernel (5.8) with: https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=a2ec905d1e160a33b2e210e45ad30445ef26ce0e.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-18781","https://nvd.nist.gov/vuln/detail/CVE-2020-18781","audiofile","5.5","0.3.6","0.3.6","0.3.6","audiofile","2020A0000018781","False","","fix_not_available",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-16194","https://nvd.nist.gov/vuln/detail/CVE-2020-16194","quote","5.3","1.0.37","","","","2020A0000016194","True","Incorrect package: Issue concerns prestashop product: https://prestashop.com/, whereas, nixpkgs ""quote"" refers rust package 'quote': https://docs.rs/quote/latest/quote/.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-16194","https://nvd.nist.gov/vuln/detail/CVE-2020-16194","quote","5.3","1.0.36","","","","2020A0000016194","True","Incorrect package: Issue concerns prestashop product: https://prestashop.com/, whereas, nixpkgs ""quote"" refers rust package 'quote': https://docs.rs/quote/latest/quote/.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-16194","https://nvd.nist.gov/vuln/detail/CVE-2020-16194","quote","5.3","1.0.35","","","","2020A0000016194","True","Incorrect package: Issue concerns prestashop product: https://prestashop.com/, whereas, nixpkgs ""quote"" refers rust package 'quote': https://docs.rs/quote/latest/quote/.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-13223","https://nvd.nist.gov/vuln/detail/CVE-2020-13223","vault","7.5","0.3.1.5-r8.cabal","0.3.1.5","0.3.1.5","haskell:vault","2020A0000013223","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/91898 
+https://github.com/NixOS/nixpkgs/pull/92641"
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-13223","https://nvd.nist.gov/vuln/detail/CVE-2020-13223","vault","7.5","0.3.1.5","0.3.1.5","0.3.1.5","haskell:vault","2020A0000013223","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/91898 
+https://github.com/NixOS/nixpkgs/pull/92641"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-11105","https://nvd.nist.gov/vuln/detail/CVE-2020-11105","cereal","9.8","0.5.8.3","0.5.8.3","0.5.8.3","haskell:cereal","2020A0000011105","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/121574 
 https://github.com/NixOS/nixpkgs/pull/84664"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-11104","https://nvd.nist.gov/vuln/detail/CVE-2020-11104","cereal","5.3","0.5.8.3","0.5.8.3","0.5.8.3","haskell:cereal","2020A0000011104","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-11021","https://nvd.nist.gov/vuln/detail/CVE-2020-11021","http-client","7.5","0.7.17","0.7.17","0.7.18","haskell:http-client","2020A0000011021","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-8284","https://nvd.nist.gov/vuln/detail/CVE-2020-8284","curl","3.7","0.4.46","","","","2020A0000008284","False","","err_missing_repology_version","https://github.com/NixOS/nixpkgs/pull/106452"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2020-2308","https://osv.dev/OSV-2020-2308","libheif","","1.18.2","1.18.2","1.19.5","libheif","2020A0000002308","False","","err_not_vulnerable_based_on_repology",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2020-2136","https://nvd.nist.gov/vuln/detail/CVE-2020-2136","git","5.4","2.47.0","2.47.0","2.47.1","git","2020A0000002136","False","","err_not_vulnerable_based_on_repology","https://github.com/NixOS/nixpkgs/pull/82872 
+https://github.com/NixOS/nixpkgs/pull/84664"
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2020-1420","https://osv.dev/OSV-2020-1420","libsass","","3.6.6","3.6.6","3.6.6","libsass","2020A0000001420","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","OSV-2020-862","https://osv.dev/OSV-2020-862","libsass","","3.6.6","3.6.6","3.6.6","libsass","2020A0000000862","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2019-1010258","https://nvd.nist.gov/vuln/detail/CVE-2019-1010258","nanosvg","6.5","0-unstable-2023-12-30","0-unstable-2023-12-30","20231202","nanosvg","2019A0001010258","False","","err_not_vulnerable_based_on_repology",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2019-20633","https://nvd.nist.gov/vuln/detail/CVE-2019-20633","patch","5.5","2.7.6","","","","2019A0000020633","True","Upstream patch is not merged: https://savannah.gnu.org/bugs/index.php?56683. Not sure why this isn't fixed upstream. No point fixing this in nixpkgs as long as it is not fixed upstream.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2019-14587","https://nvd.nist.gov/vuln/detail/CVE-2019-14587","edk2","6.5","202408.01","","","","2019A0000014587","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
-"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2019-14586","https://nvd.nist.gov/vuln/detail/CVE-2019-14586","edk2","8","202408.01","","","","2019A0000014586","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
+"packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2019-14586","https://nvd.nist.gov/vuln/detail/CVE-2019-14586","edk2","8.0","202408.01","","","","2019A0000014586","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2019-14575","https://nvd.nist.gov/vuln/detail/CVE-2019-14575","edk2","7.8","202408.01","","","","2019A0000014575","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2019-14563","https://nvd.nist.gov/vuln/detail/CVE-2019-14563","edk2","7.8","202408.01","","","","2019A0000014563","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
 "packages.x86_64-linux.lenovo-x1-carbon-gen11-debug","github:tiiuae/ghaf?ref=main","current","CVE-2019-14562","https://nvd.nist.gov/vuln/detail/CVE-2019-14562","edk2","5.5","202408.01","","","","2019A0000014562","True","NVD data issue: CPE entry does not correctly state the version numbers.","err_missing_repology_version",""
diff --git a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md
index 93122a0..51844ed 100644
--- a/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md
+++ b/reports/main/packages.x86_64-linux.lenovo-x1-carbon-gen11-debug.md
@@ -49,9 +49,206 @@ Following table lists vulnerabilities currently impacting the Ghaf target that h
 Consider [whitelisting](../../manual_analysis.csv) possible false positives based on manual analysis, or - if determined valid - help nixpkgs community fix the following issues in nixpkgs:
 
 
-| vuln_id                                                           | package   |   severity | version_local   | nix_unstable   | upstream   | comment   |
-|-------------------------------------------------------------------|-----------|------------|-----------------|----------------|------------|-----------|
-| [CVE-2024-56732](https://nvd.nist.gov/vuln/detail/CVE-2024-56732) | harfbuzz  |        8.8 | 10.0.1          | 10.1.0         | 10.1.0     |           |
+| vuln_id                                                           | package         |   severity | version_local    | nix_unstable     | upstream   | comment                                                                                                                                                                                                                                                                |
+|-------------------------------------------------------------------|-----------------|------------|------------------|------------------|------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| [CVE-2024-47615](https://nvd.nist.gov/vuln/detail/CVE-2024-47615) | gstreamer       |        9.8 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47613](https://nvd.nist.gov/vuln/detail/CVE-2024-47613) | gstreamer       |        9.8 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47607](https://nvd.nist.gov/vuln/detail/CVE-2024-47607) | gstreamer       |        9.8 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47606](https://nvd.nist.gov/vuln/detail/CVE-2024-47606) | gstreamer       |        9.8 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47540](https://nvd.nist.gov/vuln/detail/CVE-2024-47540) | gstreamer       |        9.8 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47539](https://nvd.nist.gov/vuln/detail/CVE-2024-47539) | gstreamer       |        9.8 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47538](https://nvd.nist.gov/vuln/detail/CVE-2024-47538) | gstreamer       |        9.8 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47537](https://nvd.nist.gov/vuln/detail/CVE-2024-47537) | gstreamer       |        9.8 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-24790](https://nvd.nist.gov/vuln/detail/CVE-2024-24790) | go              |        9.8 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     | *[[PR](https://github.com/NixOS/nixpkgs/pull/319485), [PR](https://github.com/NixOS/nixpkgs/pull/331906), [PR](https://github.com/NixOS/nixpkgs/pull/361606)]*                                                                                                         |
+| [CVE-2024-23741](https://nvd.nist.gov/vuln/detail/CVE-2024-23741) | hyper           |        9.8 | 1.5.0            |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-23741](https://nvd.nist.gov/vuln/detail/CVE-2024-23741) | hyper           |        9.8 | 1.4.1            |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-45853](https://nvd.nist.gov/vuln/detail/CVE-2023-45853) | zlib            |        9.8 | 0.6.3.0-r5.cabal | 0.7.1.0          | 0.7.1.0    | *[[PR](https://github.com/NixOS/nixpkgs/pull/262722), [PR](https://github.com/NixOS/nixpkgs/pull/263083)]*                                                                                                                                                             |
+| [CVE-2023-45853](https://nvd.nist.gov/vuln/detail/CVE-2023-45853) | zlib            |        9.8 | 0.6.3.0          | 0.7.1.0          | 0.7.1.0    | *[[PR](https://github.com/NixOS/nixpkgs/pull/262722), [PR](https://github.com/NixOS/nixpkgs/pull/263083)]*                                                                                                                                                             |
+| [CVE-2023-39320](https://nvd.nist.gov/vuln/detail/CVE-2023-39320) | go              |        9.8 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-37434](https://nvd.nist.gov/vuln/detail/CVE-2022-37434) | zlib            |        9.8 | 0.6.3.0-r5.cabal | 0.7.1.0          | 0.7.1.0    | *[[PR](https://github.com/NixOS/nixpkgs/pull/185554), [PR](https://github.com/NixOS/nixpkgs/pull/185613), [PR](https://github.com/NixOS/nixpkgs/pull/185693), [PR](https://github.com/NixOS/nixpkgs/pull/185754), [PR](https://github.com/NixOS/nixpkgs/pull/186941)]* |
+| [CVE-2022-37434](https://nvd.nist.gov/vuln/detail/CVE-2022-37434) | zlib            |        9.8 | 0.6.3.0          | 0.7.1.0          | 0.7.1.0    | *[[PR](https://github.com/NixOS/nixpkgs/pull/185554), [PR](https://github.com/NixOS/nixpkgs/pull/185613), [PR](https://github.com/NixOS/nixpkgs/pull/185693), [PR](https://github.com/NixOS/nixpkgs/pull/185754), [PR](https://github.com/NixOS/nixpkgs/pull/186941)]* |
+| [CVE-2022-32221](https://nvd.nist.gov/vuln/detail/CVE-2022-32221) | curl            |        9.8 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/198730)]*                                                                                                                                                                                                                 |
+| [CVE-2021-35048](https://nvd.nist.gov/vuln/detail/CVE-2021-35048) | network         |        9.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35048](https://nvd.nist.gov/vuln/detail/CVE-2021-35048) | network         |        9.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-28794](https://nvd.nist.gov/vuln/detail/CVE-2021-28794) | ShellCheck      |        9.8 | 0.10.0           | 0.10.0           | 0.10.0     |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47834](https://nvd.nist.gov/vuln/detail/CVE-2024-47834) | gstreamer       |        9.1 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47777](https://nvd.nist.gov/vuln/detail/CVE-2024-47777) | gstreamer       |        9.1 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47776](https://nvd.nist.gov/vuln/detail/CVE-2024-47776) | gstreamer       |        9.1 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47775](https://nvd.nist.gov/vuln/detail/CVE-2024-47775) | gstreamer       |        9.1 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47774](https://nvd.nist.gov/vuln/detail/CVE-2024-47774) | gstreamer       |        9.1 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47600](https://nvd.nist.gov/vuln/detail/CVE-2024-47600) | gstreamer       |        9.1 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47598](https://nvd.nist.gov/vuln/detail/CVE-2024-47598) | gstreamer       |        9.1 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47597](https://nvd.nist.gov/vuln/detail/CVE-2024-47597) | gstreamer       |        9.1 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-21524](https://nvd.nist.gov/vuln/detail/CVE-2024-21524) | stringbuilder   |        9.1 | 0.5.1            | 0.5.1            | 0.5.1      |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28872](https://nvd.nist.gov/vuln/detail/CVE-2022-28872) | safe            |        8.8 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28872](https://nvd.nist.gov/vuln/detail/CVE-2022-28872) | safe            |        8.8 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24394](https://nvd.nist.gov/vuln/detail/CVE-2022-24394) | network         |        8.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24394](https://nvd.nist.gov/vuln/detail/CVE-2022-24394) | network         |        8.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24393](https://nvd.nist.gov/vuln/detail/CVE-2022-24393) | network         |        8.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24393](https://nvd.nist.gov/vuln/detail/CVE-2022-24393) | network         |        8.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24392](https://nvd.nist.gov/vuln/detail/CVE-2022-24392) | network         |        8.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24392](https://nvd.nist.gov/vuln/detail/CVE-2022-24392) | network         |        8.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24391](https://nvd.nist.gov/vuln/detail/CVE-2022-24391) | network         |        8.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24391](https://nvd.nist.gov/vuln/detail/CVE-2022-24391) | network         |        8.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24390](https://nvd.nist.gov/vuln/detail/CVE-2022-24390) | network         |        8.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24390](https://nvd.nist.gov/vuln/detail/CVE-2022-24390) | network         |        8.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24389](https://nvd.nist.gov/vuln/detail/CVE-2022-24389) | network         |        8.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24389](https://nvd.nist.gov/vuln/detail/CVE-2022-24389) | network         |        8.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24388](https://nvd.nist.gov/vuln/detail/CVE-2022-24388) | network         |        8.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24388](https://nvd.nist.gov/vuln/detail/CVE-2022-24388) | network         |        8.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35049](https://nvd.nist.gov/vuln/detail/CVE-2021-35049) | network         |        8.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35049](https://nvd.nist.gov/vuln/detail/CVE-2021-35049) | network         |        8.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35047](https://nvd.nist.gov/vuln/detail/CVE-2021-35047) | network         |        8.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35047](https://nvd.nist.gov/vuln/detail/CVE-2021-35047) | network         |        8.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-20240](https://nvd.nist.gov/vuln/detail/CVE-2021-20240) | gdk-pixbuf      |        8.8 | 0.18.5           | 2.42.12          | 2.42.12    | *[[PR](https://github.com/NixOS/nixpkgs/pull/312036), [PR](https://github.com/NixOS/nixpkgs/pull/314686)]*                                                                                                                                                             |
+| [CVE-2021-4276](https://nvd.nist.gov/vuln/detail/CVE-2021-4276)   | hedgehog        |        8.8 | 1.4-r8.cabal     | 1.5              | 1.5        | *[[PR](https://github.com/NixOS/nixpkgs/pull/192632)]*                                                                                                                                                                                                                 |
+| [CVE-2021-4276](https://nvd.nist.gov/vuln/detail/CVE-2021-4276)   | hedgehog        |        8.8 | 1.4              | 1.5              | 1.5        | *[[PR](https://github.com/NixOS/nixpkgs/pull/192632)]*                                                                                                                                                                                                                 |
+| [CVE-2023-39323](https://nvd.nist.gov/vuln/detail/CVE-2023-39323) | go              |        8.1 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-24999](https://nvd.nist.gov/vuln/detail/CVE-2023-24999) | vault           |        8.1 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/221835), [PR](https://github.com/NixOS/nixpkgs/pull/221841)]*                                                                                                                                                             |
+| [CVE-2023-24999](https://nvd.nist.gov/vuln/detail/CVE-2023-24999) | vault           |        8.1 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/221835), [PR](https://github.com/NixOS/nixpkgs/pull/221841)]*                                                                                                                                                             |
+| [CVE-2023-32643](https://nvd.nist.gov/vuln/detail/CVE-2023-32643) | glib            |        7.8 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-3297](https://nvd.nist.gov/vuln/detail/CVE-2023-3297)   | accountsservice |        7.8 | 23.13.9          | 23.13.9          | 23.13.9    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-45868](https://nvd.nist.gov/vuln/detail/CVE-2022-45868) | h2              |        7.8 | 0.4.6            |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-27470](https://nvd.nist.gov/vuln/detail/CVE-2022-27470) | SDL_ttf         |        7.8 | 2.0.11           |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-0997](https://nvd.nist.gov/vuln/detail/CVE-2022-0997)   | network         |        7.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-0997](https://nvd.nist.gov/vuln/detail/CVE-2022-0997)   | network         |        7.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-0486](https://nvd.nist.gov/vuln/detail/CVE-2022-0486)   | network         |        7.8 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-0486](https://nvd.nist.gov/vuln/detail/CVE-2022-0486)   | network         |        7.8 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-46829](https://nvd.nist.gov/vuln/detail/CVE-2021-46829) | gdk-pixbuf      |        7.8 | 0.18.5           | 2.42.12          | 2.42.12    | *[[PR](https://github.com/NixOS/nixpkgs/pull/312036), [PR](https://github.com/NixOS/nixpkgs/pull/314686)]*                                                                                                                                                             |
+| [CVE-2021-43138](https://nvd.nist.gov/vuln/detail/CVE-2021-43138) | async           |        7.8 | 2.2.5-r2.cabal   | 2.2.5            | 2.2.5      |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-43138](https://nvd.nist.gov/vuln/detail/CVE-2021-43138) | async           |        7.8 | 2.2.5            | 2.2.5            | 2.2.5      |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-4034](https://nvd.nist.gov/vuln/detail/CVE-2021-4034)   | polkit          |        7.8 | 1.pam            | 124              | 125        | *[[PR](https://github.com/NixOS/nixpkgs/pull/155725), [PR](https://github.com/NixOS/nixpkgs/pull/156750), [PR](https://github.com/NixOS/nixpkgs/pull/156822), [PR](https://github.com/NixOS/nixpkgs/pull/295087)]*                                                     |
+| [CVE-2020-35457](https://nvd.nist.gov/vuln/detail/CVE-2020-35457) | glib            |        7.8 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47835](https://nvd.nist.gov/vuln/detail/CVE-2024-47835) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47778](https://nvd.nist.gov/vuln/detail/CVE-2024-47778) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47603](https://nvd.nist.gov/vuln/detail/CVE-2024-47603) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47602](https://nvd.nist.gov/vuln/detail/CVE-2024-47602) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47601](https://nvd.nist.gov/vuln/detail/CVE-2024-47601) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47599](https://nvd.nist.gov/vuln/detail/CVE-2024-47599) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47596](https://nvd.nist.gov/vuln/detail/CVE-2024-47596) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47546](https://nvd.nist.gov/vuln/detail/CVE-2024-47546) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47545](https://nvd.nist.gov/vuln/detail/CVE-2024-47545) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47544](https://nvd.nist.gov/vuln/detail/CVE-2024-47544) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47543](https://nvd.nist.gov/vuln/detail/CVE-2024-47543) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47542](https://nvd.nist.gov/vuln/detail/CVE-2024-47542) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47541](https://nvd.nist.gov/vuln/detail/CVE-2024-47541) | gstreamer       |        7.5 | 1.24.7           | 1.24.10          | 1.24.10    |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487) | go              |        7.5 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     | *[[PR](https://github.com/NixOS/nixpkgs/pull/262738), [PR](https://github.com/NixOS/nixpkgs/pull/263279), [PR](https://github.com/NixOS/nixpkgs/pull/278073), [PR](https://github.com/NixOS/nixpkgs/pull/286248), [PR](https://github.com/NixOS/nixpkgs/pull/298640)]* |
+| [CVE-2023-39325](https://nvd.nist.gov/vuln/detail/CVE-2023-39325) | go              |        7.5 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     | *[[PR](https://github.com/NixOS/nixpkgs/pull/262713), [PR](https://github.com/NixOS/nixpkgs/pull/300783)]*                                                                                                                                                             |
+| [CVE-2023-39322](https://nvd.nist.gov/vuln/detail/CVE-2023-39322) | go              |        7.5 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-39321](https://nvd.nist.gov/vuln/detail/CVE-2023-39321) | go              |        7.5 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-32636](https://nvd.nist.gov/vuln/detail/CVE-2023-32636) | glib            |        7.5 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-29499](https://nvd.nist.gov/vuln/detail/CVE-2023-29499) | glib            |        7.5 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-28319](https://nvd.nist.gov/vuln/detail/CVE-2023-28319) | curl            |        7.5 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/232531)]*                                                                                                                                                                                                                 |
+| [CVE-2023-6337](https://nvd.nist.gov/vuln/detail/CVE-2023-6337)   | vault           |        7.5 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/272492), [PR](https://github.com/NixOS/nixpkgs/pull/274068), [PR](https://github.com/NixOS/nixpkgs/pull/274071)]*                                                                                                         |
+| [CVE-2023-6337](https://nvd.nist.gov/vuln/detail/CVE-2023-6337)   | vault           |        7.5 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/272492), [PR](https://github.com/NixOS/nixpkgs/pull/274068), [PR](https://github.com/NixOS/nixpkgs/pull/274071)]*                                                                                                         |
+| [CVE-2022-40898](https://nvd.nist.gov/vuln/detail/CVE-2022-40898) | wheel           |        7.5 | 0.37.1-source    | 0.45.1           | 0.45.1     | *[[PR](https://github.com/NixOS/nixpkgs/pull/210565), [PR](https://github.com/NixOS/nixpkgs/pull/361930), [PR](https://github.com/NixOS/nixpkgs/pull/362304)]*                                                                                                         |
+| [CVE-2022-27782](https://nvd.nist.gov/vuln/detail/CVE-2022-27782) | curl            |        7.5 | 0.4.46           |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-27781](https://nvd.nist.gov/vuln/detail/CVE-2022-27781) | curl            |        7.5 | 0.4.46           |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-25883](https://nvd.nist.gov/vuln/detail/CVE-2022-25883) | semver          |        7.5 | 1.0.23           | 1.0.0            | 7.6.3      |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-25883](https://nvd.nist.gov/vuln/detail/CVE-2022-25883) | semver          |        7.5 | 1.0.22           | 1.0.0            | 7.6.3      |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-3064](https://nvd.nist.gov/vuln/detail/CVE-2022-3064)   | yaml            |        7.5 | 0.11.11.2-r2.cab | 0.11.11.2        | 0.11.11.2  |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-3064](https://nvd.nist.gov/vuln/detail/CVE-2022-3064)   | yaml            |        7.5 | 0.11.11.2        | 0.11.11.2        | 0.11.11.2  |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35050](https://nvd.nist.gov/vuln/detail/CVE-2021-35050) | network         |        7.5 | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35050](https://nvd.nist.gov/vuln/detail/CVE-2021-35050) | network         |        7.5 | 3.1.4.0          | 3.2.4.0          | 3.2.7.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-27400](https://nvd.nist.gov/vuln/detail/CVE-2021-27400) | vault           |        7.5 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/120155), [PR](https://github.com/NixOS/nixpkgs/pull/120157)]*                                                                                                                                                             |
+| [CVE-2021-27400](https://nvd.nist.gov/vuln/detail/CVE-2021-27400) | vault           |        7.5 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/120155), [PR](https://github.com/NixOS/nixpkgs/pull/120157)]*                                                                                                                                                             |
+| [CVE-2021-27219](https://nvd.nist.gov/vuln/detail/CVE-2021-27219) | glib            |        7.5 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-27218](https://nvd.nist.gov/vuln/detail/CVE-2021-27218) | glib            |        7.5 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-27569](https://nvd.nist.gov/vuln/detail/CVE-2020-27569) | openvpn         |        7.5 | 2.6.12           | 2.6.12           | 2.6.12     |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-13223](https://nvd.nist.gov/vuln/detail/CVE-2020-13223) | vault           |        7.5 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/91898), [PR](https://github.com/NixOS/nixpkgs/pull/92641)]*                                                                                                                                                               |
+| [CVE-2020-13223](https://nvd.nist.gov/vuln/detail/CVE-2020-13223) | vault           |        7.5 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/91898), [PR](https://github.com/NixOS/nixpkgs/pull/92641)]*                                                                                                                                                               |
+| [CVE-2020-11021](https://nvd.nist.gov/vuln/detail/CVE-2020-11021) | http-client     |        7.5 | 0.7.17           | 0.7.17           | 0.7.18     |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-0620](https://nvd.nist.gov/vuln/detail/CVE-2023-0620)   | vault           |        6.7 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2023-0620](https://nvd.nist.gov/vuln/detail/CVE-2023-0620)   | vault           |        6.7 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2024-50613](https://nvd.nist.gov/vuln/detail/CVE-2024-50613) | libsndfile      |        6.5 | 1.2.2            | 1.2.2            | 1.2.2      |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-8365](https://nvd.nist.gov/vuln/detail/CVE-2024-8365)   | vault           |        6.5 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-8365](https://nvd.nist.gov/vuln/detail/CVE-2024-8365)   | vault           |        6.5 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-0665](https://nvd.nist.gov/vuln/detail/CVE-2023-0665)   | vault           |        6.5 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2023-0665](https://nvd.nist.gov/vuln/detail/CVE-2023-0665)   | vault           |        6.5 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2022-42012](https://nvd.nist.gov/vuln/detail/CVE-2022-42012) | dbus            |        6.5 | 1                | 1.14.10          | 1.16.0     | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42012](https://nvd.nist.gov/vuln/detail/CVE-2022-42012) | dbus            |        6.5 | 0.9.7            | 1.14.10          | 1.16.0     | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42011](https://nvd.nist.gov/vuln/detail/CVE-2022-42011) | dbus            |        6.5 | 1                | 1.14.10          | 1.16.0     | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42011](https://nvd.nist.gov/vuln/detail/CVE-2022-42011) | dbus            |        6.5 | 0.9.7            | 1.14.10          | 1.16.0     | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42010](https://nvd.nist.gov/vuln/detail/CVE-2022-42010) | dbus            |        6.5 | 1                | 1.14.10          | 1.16.0     | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42010](https://nvd.nist.gov/vuln/detail/CVE-2022-42010) | dbus            |        6.5 | 0.9.7            | 1.14.10          | 1.16.0     | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-38164](https://nvd.nist.gov/vuln/detail/CVE-2022-38164) | safe            |        6.5 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-38164](https://nvd.nist.gov/vuln/detail/CVE-2022-38164) | safe            |        6.5 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-32206](https://nvd.nist.gov/vuln/detail/CVE-2022-32206) | curl            |        6.5 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/179314), [PR](https://github.com/NixOS/nixpkgs/pull/180021)]*                                                                                                                                                             |
+| [CVE-2022-27776](https://nvd.nist.gov/vuln/detail/CVE-2022-27776) | curl            |        6.5 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/170654), [PR](https://github.com/NixOS/nixpkgs/pull/170659)]*                                                                                                                                                             |
+| [CVE-2020-27748](https://nvd.nist.gov/vuln/detail/CVE-2020-27748) | xdg-utils       |        6.5 | 1.2.1            | 1.2.1            | 1.2.1      |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) | go              |        6.1 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) | go              |        6.1 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-35669](https://nvd.nist.gov/vuln/detail/CVE-2020-35669) | http            |        6.1 | 0.2.12           | 0.3-0            | 0.4        |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-28321](https://nvd.nist.gov/vuln/detail/CVE-2023-28321) | curl            |        5.9 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/232531), [PR](https://github.com/NixOS/nixpkgs/pull/232535)]*                                                                                                                                                             |
+| [CVE-2023-28320](https://nvd.nist.gov/vuln/detail/CVE-2023-28320) | curl            |        5.9 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/232531), [PR](https://github.com/NixOS/nixpkgs/pull/232535)]*                                                                                                                                                             |
+| [CVE-2022-43552](https://nvd.nist.gov/vuln/detail/CVE-2022-43552) | curl            |        5.9 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/207158), [PR](https://github.com/NixOS/nixpkgs/pull/207162), [PR](https://github.com/NixOS/nixpkgs/pull/207165)]*                                                                                                         |
+| [CVE-2022-40897](https://nvd.nist.gov/vuln/detail/CVE-2022-40897) | setuptools      |        5.9 | 44.0.0-source    | 75.3.0           | 75.6.0     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-3572](https://nvd.nist.gov/vuln/detail/CVE-2021-3572)   | pip             |        5.7 | 20.3.4-source    | 24.0             | 24.3.1     | *[[PR](https://github.com/NixOS/nixpkgs/pull/368263)]*                                                                                                                                                                                                                 |
+| [CVE-2024-50612](https://nvd.nist.gov/vuln/detail/CVE-2024-50612) | libsndfile      |        5.5 | 1.2.2            | 1.2.2            | 1.2.2      |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-24789](https://nvd.nist.gov/vuln/detail/CVE-2024-24789) | go              |        5.5 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     | *[[PR](https://github.com/NixOS/nixpkgs/pull/319485), [PR](https://github.com/NixOS/nixpkgs/pull/361606)]*                                                                                                                                                             |
+| [CVE-2023-51258](https://nvd.nist.gov/vuln/detail/CVE-2023-51258) | yasm            |        5.5 | 1.3.0            | 1.3.0            | 1.3.0      |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-32665](https://nvd.nist.gov/vuln/detail/CVE-2023-32665) | glib            |        5.5 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-32611](https://nvd.nist.gov/vuln/detail/CVE-2023-32611) | glib            |        5.5 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-6992](https://nvd.nist.gov/vuln/detail/CVE-2023-6992)   | zlib            |        5.5 | 1.3.1            | 1.3.1            | 1.3.1      |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-6992](https://nvd.nist.gov/vuln/detail/CVE-2023-6992)   | zlib            |        5.5 | 0.6.3.0-r5.cabal | 0.7.1.0          | 0.7.1.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-6992](https://nvd.nist.gov/vuln/detail/CVE-2023-6992)   | zlib            |        5.5 | 0.6.3.0          | 0.7.1.0          | 0.7.1.0    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-4235](https://nvd.nist.gov/vuln/detail/CVE-2021-4235)   | yaml            |        5.5 | 0.11.11.2-r2.cab | 0.11.11.2        | 0.11.11.2  |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-4235](https://nvd.nist.gov/vuln/detail/CVE-2021-4235)   | yaml            |        5.5 | 0.11.11.2        | 0.11.11.2        | 0.11.11.2  |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-3800](https://nvd.nist.gov/vuln/detail/CVE-2021-3800)   | glib            |        5.5 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-29385](https://nvd.nist.gov/vuln/detail/CVE-2020-29385) | gdk-pixbuf      |        5.5 | 0.18.5           | 2.42.12          | 2.42.12    | *[[PR](https://github.com/NixOS/nixpkgs/pull/106302), [PR](https://github.com/NixOS/nixpkgs/pull/111542), [PR](https://github.com/NixOS/nixpkgs/pull/312036), [PR](https://github.com/NixOS/nixpkgs/pull/314686)]*                                                     |
+| [CVE-2024-21485](https://nvd.nist.gov/vuln/detail/CVE-2024-21485) | dash            |        5.4 | 0.5.12           |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-41940](https://nvd.nist.gov/vuln/detail/CVE-2023-41940) | tap             |        5.4 | 1.0.1            | 0.77             | 0.77       |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-2121](https://nvd.nist.gov/vuln/detail/CVE-2023-2121)   | vault           |        5.4 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/236911), [PR](https://github.com/NixOS/nixpkgs/pull/239559), [PR](https://github.com/NixOS/nixpkgs/pull/239571)]*                                                                                                         |
+| [CVE-2023-2121](https://nvd.nist.gov/vuln/detail/CVE-2023-2121)   | vault           |        5.4 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/236911), [PR](https://github.com/NixOS/nixpkgs/pull/239559), [PR](https://github.com/NixOS/nixpkgs/pull/239571)]*                                                                                                         |
+| [CVE-2022-47524](https://nvd.nist.gov/vuln/detail/CVE-2022-47524) | safe            |        5.4 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-47524](https://nvd.nist.gov/vuln/detail/CVE-2022-47524) | safe            |        5.4 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-41802](https://nvd.nist.gov/vuln/detail/CVE-2021-41802) | vault           |        5.4 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-41802](https://nvd.nist.gov/vuln/detail/CVE-2021-41802) | vault           |        5.4 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-2136](https://nvd.nist.gov/vuln/detail/CVE-2020-2136)   | git             |        5.4 | 2.47.0           | 2.47.0           | 2.47.1     | *[[PR](https://github.com/NixOS/nixpkgs/pull/82872), [PR](https://github.com/NixOS/nixpkgs/pull/84664)]*                                                                                                                                                               |
+| [CVE-2023-33955](https://nvd.nist.gov/vuln/detail/CVE-2023-33955) | console         |        5.3 | 0.15.8           | 0.1.0-unstable-2 |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-26044](https://nvd.nist.gov/vuln/detail/CVE-2023-26044) | http            |        5.3 | 1.1.0            |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-43410](https://nvd.nist.gov/vuln/detail/CVE-2022-43410) | mercurial       |        5.3 | 6.8.2            | 6.8.2            | 6.9        |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-41316](https://nvd.nist.gov/vuln/detail/CVE-2022-41316) | vault           |        5.3 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-41316](https://nvd.nist.gov/vuln/detail/CVE-2022-41316) | vault           |        5.3 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-36032](https://nvd.nist.gov/vuln/detail/CVE-2022-36032) | http            |        5.3 | 1.1.0            |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-44751](https://nvd.nist.gov/vuln/detail/CVE-2021-44751) | safe            |        5.3 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-44751](https://nvd.nist.gov/vuln/detail/CVE-2021-44751) | safe            |        5.3 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-38554](https://nvd.nist.gov/vuln/detail/CVE-2021-38554) | vault           |        5.3 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-38554](https://nvd.nist.gov/vuln/detail/CVE-2021-38554) | vault           |        5.3 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-28153](https://nvd.nist.gov/vuln/detail/CVE-2021-28153) | glib            |        5.3 | 0.18.5           | 0.13.11.0        | 0.13.11.0  |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-3024](https://nvd.nist.gov/vuln/detail/CVE-2021-3024)   | vault           |        5.3 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/112146)]*                                                                                                                                                                                                                 |
+| [CVE-2021-3024](https://nvd.nist.gov/vuln/detail/CVE-2021-3024)   | vault           |        5.3 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/112146)]*                                                                                                                                                                                                                 |
+| [CVE-2020-25594](https://nvd.nist.gov/vuln/detail/CVE-2020-25594) | vault           |        5.3 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/112146)]*                                                                                                                                                                                                                 |
+| [CVE-2020-25594](https://nvd.nist.gov/vuln/detail/CVE-2020-25594) | vault           |        5.3 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/112146)]*                                                                                                                                                                                                                 |
+| [CVE-2023-49292](https://nvd.nist.gov/vuln/detail/CVE-2023-49292) | go              |        4.8 | 1.23.3           | 1.23.4           | 1.23.4     |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-49292](https://nvd.nist.gov/vuln/detail/CVE-2023-49292) | go              |        4.8 | 1.21.0-linux-amd | 1.23.4           | 1.23.4     |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-4039](https://nvd.nist.gov/vuln/detail/CVE-2023-4039)   | gcc             |        4.8 | 13.3.0           |                  |            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-25000](https://nvd.nist.gov/vuln/detail/CVE-2023-25000) | vault           |        4.7 | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2023-25000](https://nvd.nist.gov/vuln/detail/CVE-2023-25000) | vault           |        4.7 | 0.3.1.5          | 0.3.1.5          | 0.3.1.5    | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2022-28873](https://nvd.nist.gov/vuln/detail/CVE-2022-28873) | safe            |        4.3 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28873](https://nvd.nist.gov/vuln/detail/CVE-2022-28873) | safe            |        4.3 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28870](https://nvd.nist.gov/vuln/detail/CVE-2022-28870) | safe            |        4.3 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28870](https://nvd.nist.gov/vuln/detail/CVE-2022-28870) | safe            |        4.3 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28869](https://nvd.nist.gov/vuln/detail/CVE-2022-28869) | safe            |        4.3 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28869](https://nvd.nist.gov/vuln/detail/CVE-2022-28869) | safe            |        4.3 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28868](https://nvd.nist.gov/vuln/detail/CVE-2022-28868) | safe            |        4.3 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28868](https://nvd.nist.gov/vuln/detail/CVE-2022-28868) | safe            |        4.3 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-40835](https://nvd.nist.gov/vuln/detail/CVE-2021-40835) | safe            |        4.3 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-40835](https://nvd.nist.gov/vuln/detail/CVE-2021-40835) | safe            |        4.3 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-40834](https://nvd.nist.gov/vuln/detail/CVE-2021-40834) | safe            |        4.3 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-40834](https://nvd.nist.gov/vuln/detail/CVE-2021-40834) | safe            |        4.3 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33596](https://nvd.nist.gov/vuln/detail/CVE-2021-33596) | safe            |        4.1 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33596](https://nvd.nist.gov/vuln/detail/CVE-2021-33596) | safe            |        4.1 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-28322](https://nvd.nist.gov/vuln/detail/CVE-2023-28322) | curl            |        3.7 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/232531), [PR](https://github.com/NixOS/nixpkgs/pull/232535)]*                                                                                                                                                             |
+| [CVE-2022-35252](https://nvd.nist.gov/vuln/detail/CVE-2022-35252) | curl            |        3.7 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/189083), [PR](https://github.com/NixOS/nixpkgs/pull/198730)]*                                                                                                                                                             |
+| [CVE-2020-8284](https://nvd.nist.gov/vuln/detail/CVE-2020-8284)   | curl            |        3.7 | 0.4.46           |                  |            | *[[PR](https://github.com/NixOS/nixpkgs/pull/106452)]*                                                                                                                                                                                                                 |
+| [CVE-2022-38163](https://nvd.nist.gov/vuln/detail/CVE-2022-38163) | safe            |        3.5 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-38163](https://nvd.nist.gov/vuln/detail/CVE-2022-38163) | safe            |        3.5 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33595](https://nvd.nist.gov/vuln/detail/CVE-2021-33595) | safe            |        3.5 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33595](https://nvd.nist.gov/vuln/detail/CVE-2021-33595) | safe            |        3.5 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33594](https://nvd.nist.gov/vuln/detail/CVE-2021-33594) | safe            |        3.5 | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33594](https://nvd.nist.gov/vuln/detail/CVE-2021-33594) | safe            |        3.5 | 0.3.21           | 0.3.21           | 0.3.21     |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-5752](https://nvd.nist.gov/vuln/detail/CVE-2023-5752)   | pip             |        3.3 | 20.3.4-source    | 24.0             | 24.3.1     | *[[PR](https://github.com/NixOS/nixpkgs/pull/276928), [PR](https://github.com/NixOS/nixpkgs/pull/368263)]*                                                                                                                                                             |
 
 
 
@@ -64,92 +261,286 @@ Consider [whitelisting](../../manual_analysis.csv) possible false positives base
 
 | vuln_id                                                               | package                   | severity   | version_local    | nix_unstable     | upstream         | comment                                                                                                                                                                                                                                                                |
 |-----------------------------------------------------------------------|---------------------------|------------|------------------|------------------|------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| [CVE-2024-47615](https://nvd.nist.gov/vuln/detail/CVE-2024-47615)     | gstreamer                 | 9.8        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47613](https://nvd.nist.gov/vuln/detail/CVE-2024-47613)     | gstreamer                 | 9.8        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47607](https://nvd.nist.gov/vuln/detail/CVE-2024-47607)     | gstreamer                 | 9.8        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47606](https://nvd.nist.gov/vuln/detail/CVE-2024-47606)     | gstreamer                 | 9.8        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47540](https://nvd.nist.gov/vuln/detail/CVE-2024-47540)     | gstreamer                 | 9.8        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47539](https://nvd.nist.gov/vuln/detail/CVE-2024-47539)     | gstreamer                 | 9.8        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47538](https://nvd.nist.gov/vuln/detail/CVE-2024-47538)     | gstreamer                 | 9.8        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47537](https://nvd.nist.gov/vuln/detail/CVE-2024-47537)     | gstreamer                 | 9.8        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-24790](https://nvd.nist.gov/vuln/detail/CVE-2024-24790)     | go                        | 9.8        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           | *[[PR](https://github.com/NixOS/nixpkgs/pull/319485), [PR](https://github.com/NixOS/nixpkgs/pull/331906), [PR](https://github.com/NixOS/nixpkgs/pull/361606)]*                                                                                                         |
+| [CVE-2024-23741](https://nvd.nist.gov/vuln/detail/CVE-2024-23741)     | hyper                     | 9.8        | 1.5.0            |                  |                  |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-23741](https://nvd.nist.gov/vuln/detail/CVE-2024-23741)     | hyper                     | 9.8        | 1.4.1            |                  |                  |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-45853](https://nvd.nist.gov/vuln/detail/CVE-2023-45853)     | zlib                      | 9.8        | 0.6.3.0-r5.cabal | 0.7.1.0          | 0.7.1.0          | *[[PR](https://github.com/NixOS/nixpkgs/pull/262722), [PR](https://github.com/NixOS/nixpkgs/pull/263083)]*                                                                                                                                                             |
 | [CVE-2023-45853](https://nvd.nist.gov/vuln/detail/CVE-2023-45853)     | zlib                      | 9.8        | 0.6.3.0          | 0.7.1.0          | 0.7.1.0          | *[[PR](https://github.com/NixOS/nixpkgs/pull/262722), [PR](https://github.com/NixOS/nixpkgs/pull/263083)]*                                                                                                                                                             |
+| [CVE-2023-39320](https://nvd.nist.gov/vuln/detail/CVE-2023-39320)     | go                        | 9.8        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           |                                                                                                                                                                                                                                                                        |
 | [CVE-2022-48565](https://nvd.nist.gov/vuln/detail/CVE-2022-48565)     | python                    | 9.8        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
+| [CVE-2022-37434](https://nvd.nist.gov/vuln/detail/CVE-2022-37434)     | zlib                      | 9.8        | 0.6.3.0-r5.cabal | 0.7.1.0          | 0.7.1.0          | *[[PR](https://github.com/NixOS/nixpkgs/pull/185554), [PR](https://github.com/NixOS/nixpkgs/pull/185613), [PR](https://github.com/NixOS/nixpkgs/pull/185693), [PR](https://github.com/NixOS/nixpkgs/pull/185754), [PR](https://github.com/NixOS/nixpkgs/pull/186941)]* |
 | [CVE-2022-37434](https://nvd.nist.gov/vuln/detail/CVE-2022-37434)     | zlib                      | 9.8        | 0.6.3.0          | 0.7.1.0          | 0.7.1.0          | *[[PR](https://github.com/NixOS/nixpkgs/pull/185554), [PR](https://github.com/NixOS/nixpkgs/pull/185613), [PR](https://github.com/NixOS/nixpkgs/pull/185693), [PR](https://github.com/NixOS/nixpkgs/pull/185754), [PR](https://github.com/NixOS/nixpkgs/pull/186941)]* |
+| [CVE-2022-32221](https://nvd.nist.gov/vuln/detail/CVE-2022-32221)     | curl                      | 9.8        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/198730)]*                                                                                                                                                                                                                 |
+| [CVE-2022-3320](https://nvd.nist.gov/vuln/detail/CVE-2022-3320)       | warp                      | 9.8        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35048](https://nvd.nist.gov/vuln/detail/CVE-2021-35048)     | network                   | 9.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35048](https://nvd.nist.gov/vuln/detail/CVE-2021-35048)     | network                   | 9.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-28794](https://nvd.nist.gov/vuln/detail/CVE-2021-28794)     | ShellCheck                | 9.8        | 0.10.0           | 0.10.0           | 0.10.0           |                                                                                                                                                                                                                                                                        |
 | [CVE-2021-3177](https://nvd.nist.gov/vuln/detail/CVE-2021-3177)       | python                    | 9.8        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/201859)]*                                                                                                                                                                                                                 |
 | [CVE-2020-11105](https://nvd.nist.gov/vuln/detail/CVE-2020-11105)     | cereal                    | 9.8        | 0.5.8.3          | 0.5.8.3          | 0.5.8.3          | *[[PR](https://github.com/NixOS/nixpkgs/pull/121574), [PR](https://github.com/NixOS/nixpkgs/pull/84664)]*                                                                                                                                                              |
 | [CVE-2017-12652](https://nvd.nist.gov/vuln/detail/CVE-2017-12652)     | libpng                    | 9.8        | 1.2.59           | 1.6.43           | 1.6.44           | *[[PR](https://github.com/NixOS/nixpkgs/pull/286253), [PR](https://github.com/NixOS/nixpkgs/pull/70286), [PR](https://github.com/NixOS/nixpkgs/pull/70423), [PR](https://github.com/NixOS/nixpkgs/pull/70425)]*                                                        |
 | [CVE-2014-9826](https://nvd.nist.gov/vuln/detail/CVE-2014-9826)       | imagemagick               | 9.8        | 7.1.1-40         | 7.1.1-40         | 7.1.1.43         |                                                                                                                                                                                                                                                                        |
 | [CVE-2002-0059](https://nvd.nist.gov/vuln/detail/CVE-2002-0059)       | zlib                      | 9.8        | 0.6.3.0          | 0.7.1.0          | 0.7.1.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47834](https://nvd.nist.gov/vuln/detail/CVE-2024-47834)     | gstreamer                 | 9.1        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47777](https://nvd.nist.gov/vuln/detail/CVE-2024-47777)     | gstreamer                 | 9.1        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47776](https://nvd.nist.gov/vuln/detail/CVE-2024-47776)     | gstreamer                 | 9.1        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47775](https://nvd.nist.gov/vuln/detail/CVE-2024-47775)     | gstreamer                 | 9.1        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47774](https://nvd.nist.gov/vuln/detail/CVE-2024-47774)     | gstreamer                 | 9.1        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47600](https://nvd.nist.gov/vuln/detail/CVE-2024-47600)     | gstreamer                 | 9.1        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47598](https://nvd.nist.gov/vuln/detail/CVE-2024-47598)     | gstreamer                 | 9.1        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47597](https://nvd.nist.gov/vuln/detail/CVE-2024-47597)     | gstreamer                 | 9.1        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-21524](https://nvd.nist.gov/vuln/detail/CVE-2024-21524)     | stringbuilder             | 9.1        | 0.5.1            | 0.5.1            | 0.5.1            |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-5841](https://nvd.nist.gov/vuln/detail/CVE-2023-5841)       | openexr                   | 9.1        | 2.5.10           | 3.2.4            | 3.3.2            | *[[PR](https://github.com/NixOS/nixpkgs/pull/300526), [PR](https://github.com/NixOS/nixpkgs/pull/346060), [PR](https://github.com/NixOS/nixpkgs/pull/349220), [PR](https://github.com/NixOS/nixpkgs/pull/352826)]*                                                     |
 | [CVE-2021-4048](https://nvd.nist.gov/vuln/detail/CVE-2021-4048)       | lapack                    | 9.1        | 3                | 3.12.0           | 3.12.0           | *[[PR](https://github.com/NixOS/nixpkgs/pull/150788), [PR](https://github.com/NixOS/nixpkgs/pull/150906), [PR](https://github.com/NixOS/nixpkgs/pull/152147), [PR](https://github.com/NixOS/nixpkgs/pull/152359), [PR](https://github.com/NixOS/nixpkgs/pull/168777)]* |
-| [CVE-2022-4428](https://nvd.nist.gov/vuln/detail/CVE-2022-4428)       | warp                      | 8.9        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-56732](https://nvd.nist.gov/vuln/detail/CVE-2024-56732)     | harfbuzz                  | 8.8        | 10.0.1           | 10.1.0           | 10.1.0           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28872](https://nvd.nist.gov/vuln/detail/CVE-2022-28872)     | safe                      | 8.8        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28872](https://nvd.nist.gov/vuln/detail/CVE-2022-28872)     | safe                      | 8.8        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24394](https://nvd.nist.gov/vuln/detail/CVE-2022-24394)     | network                   | 8.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24394](https://nvd.nist.gov/vuln/detail/CVE-2022-24394)     | network                   | 8.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24393](https://nvd.nist.gov/vuln/detail/CVE-2022-24393)     | network                   | 8.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24393](https://nvd.nist.gov/vuln/detail/CVE-2022-24393)     | network                   | 8.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24392](https://nvd.nist.gov/vuln/detail/CVE-2022-24392)     | network                   | 8.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24392](https://nvd.nist.gov/vuln/detail/CVE-2022-24392)     | network                   | 8.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24391](https://nvd.nist.gov/vuln/detail/CVE-2022-24391)     | network                   | 8.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24391](https://nvd.nist.gov/vuln/detail/CVE-2022-24391)     | network                   | 8.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24390](https://nvd.nist.gov/vuln/detail/CVE-2022-24390)     | network                   | 8.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24390](https://nvd.nist.gov/vuln/detail/CVE-2022-24390)     | network                   | 8.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24389](https://nvd.nist.gov/vuln/detail/CVE-2022-24389)     | network                   | 8.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24389](https://nvd.nist.gov/vuln/detail/CVE-2022-24389)     | network                   | 8.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24388](https://nvd.nist.gov/vuln/detail/CVE-2022-24388)     | network                   | 8.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-24388](https://nvd.nist.gov/vuln/detail/CVE-2022-24388)     | network                   | 8.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-3512](https://nvd.nist.gov/vuln/detail/CVE-2022-3512)       | warp                      | 8.8        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35049](https://nvd.nist.gov/vuln/detail/CVE-2021-35049)     | network                   | 8.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35049](https://nvd.nist.gov/vuln/detail/CVE-2021-35049)     | network                   | 8.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35047](https://nvd.nist.gov/vuln/detail/CVE-2021-35047)     | network                   | 8.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35047](https://nvd.nist.gov/vuln/detail/CVE-2021-35047)     | network                   | 8.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-20240](https://nvd.nist.gov/vuln/detail/CVE-2021-20240)     | gdk-pixbuf                | 8.8        | 0.18.5           | 2.42.12          | 2.42.12          | *[[PR](https://github.com/NixOS/nixpkgs/pull/312036), [PR](https://github.com/NixOS/nixpkgs/pull/314686)]*                                                                                                                                                             |
+| [CVE-2021-4276](https://nvd.nist.gov/vuln/detail/CVE-2021-4276)       | hedgehog                  | 8.8        | 1.4-r8.cabal     | 1.5              | 1.5              | *[[PR](https://github.com/NixOS/nixpkgs/pull/192632)]*                                                                                                                                                                                                                 |
+| [CVE-2021-4276](https://nvd.nist.gov/vuln/detail/CVE-2021-4276)       | hedgehog                  | 8.8        | 1.4              | 1.5              | 1.5              | *[[PR](https://github.com/NixOS/nixpkgs/pull/192632)]*                                                                                                                                                                                                                 |
 | [CVE-2017-17522](https://nvd.nist.gov/vuln/detail/CVE-2017-17522)     | python                    | 8.8        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
-| [CVE-2022-2225](https://nvd.nist.gov/vuln/detail/CVE-2022-2225)       | warp                      | 8.1        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-39323](https://nvd.nist.gov/vuln/detail/CVE-2023-39323)     | go                        | 8.1        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-24999](https://nvd.nist.gov/vuln/detail/CVE-2023-24999)     | vault                     | 8.1        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/221835), [PR](https://github.com/NixOS/nixpkgs/pull/221841)]*                                                                                                                                                             |
+| [CVE-2023-24999](https://nvd.nist.gov/vuln/detail/CVE-2023-24999)     | vault                     | 8.1        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/221835), [PR](https://github.com/NixOS/nixpkgs/pull/221841)]*                                                                                                                                                             |
+| [CVE-2022-4428](https://nvd.nist.gov/vuln/detail/CVE-2022-4428)       | warp                      | 8.0        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-32643](https://nvd.nist.gov/vuln/detail/CVE-2023-32643)     | glib                      | 7.8        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-6597](https://nvd.nist.gov/vuln/detail/CVE-2023-6597)       | python                    | 7.8        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/298006), [PR](https://github.com/NixOS/nixpkgs/pull/299123), [PR](https://github.com/NixOS/nixpkgs/pull/299125)]*                                                                                                         |
+| [CVE-2023-3297](https://nvd.nist.gov/vuln/detail/CVE-2023-3297)       | accountsservice           | 7.8        | 23.13.9          | 23.13.9          | 23.13.9          |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-1412](https://nvd.nist.gov/vuln/detail/CVE-2023-1412)       | warp                      | 7.8        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-0652](https://nvd.nist.gov/vuln/detail/CVE-2023-0652)       | warp                      | 7.8        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-45868](https://nvd.nist.gov/vuln/detail/CVE-2022-45868)     | h2                        | 7.8        | 0.4.6            |                  |                  |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-27470](https://nvd.nist.gov/vuln/detail/CVE-2022-27470)     | SDL_ttf                   | 7.8        | 2.0.11           |                  |                  |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-2225](https://nvd.nist.gov/vuln/detail/CVE-2022-2225)       | warp                      | 7.8        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-2145](https://nvd.nist.gov/vuln/detail/CVE-2022-2145)       | warp                      | 7.8        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-0997](https://nvd.nist.gov/vuln/detail/CVE-2022-0997)       | network                   | 7.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-0997](https://nvd.nist.gov/vuln/detail/CVE-2022-0997)       | network                   | 7.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-0486](https://nvd.nist.gov/vuln/detail/CVE-2022-0486)       | network                   | 7.8        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-0486](https://nvd.nist.gov/vuln/detail/CVE-2022-0486)       | network                   | 7.8        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-46829](https://nvd.nist.gov/vuln/detail/CVE-2021-46829)     | gdk-pixbuf                | 7.8        | 0.18.5           | 2.42.12          | 2.42.12          | *[[PR](https://github.com/NixOS/nixpkgs/pull/312036), [PR](https://github.com/NixOS/nixpkgs/pull/314686)]*                                                                                                                                                             |
+| [CVE-2021-43138](https://nvd.nist.gov/vuln/detail/CVE-2021-43138)     | async                     | 7.8        | 2.2.5-r2.cabal   | 2.2.5            | 2.2.5            |                                                                                                                                                                                                                                                                        |
 | [CVE-2021-43138](https://nvd.nist.gov/vuln/detail/CVE-2021-43138)     | async                     | 7.8        | 2.2.5            | 2.2.5            | 2.2.5            |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-4034](https://nvd.nist.gov/vuln/detail/CVE-2021-4034)       | polkit                    | 7.8        | 1.pam            | 124              | 125              | *[[PR](https://github.com/NixOS/nixpkgs/pull/155725), [PR](https://github.com/NixOS/nixpkgs/pull/156750), [PR](https://github.com/NixOS/nixpkgs/pull/156822), [PR](https://github.com/NixOS/nixpkgs/pull/295087)]*                                                     |
+| [CVE-2020-35457](https://nvd.nist.gov/vuln/detail/CVE-2020-35457)     | glib                      | 7.8        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
 | [CVE-2018-5996](https://nvd.nist.gov/vuln/detail/CVE-2018-5996)       | p7zip                     | 7.8        | 17.05            | 17.05            | 17.05            |                                                                                                                                                                                                                                                                        |
 | [CVE-2017-17969](https://nvd.nist.gov/vuln/detail/CVE-2017-17969)     | p7zip                     | 7.8        | 17.05            | 17.05            | 17.05            |                                                                                                                                                                                                                                                                        |
 | [CVE-2017-5506](https://nvd.nist.gov/vuln/detail/CVE-2017-5506)       | imagemagick               | 7.8        | 7.1.1-40         | 7.1.1-40         | 7.1.1.43         |                                                                                                                                                                                                                                                                        |
 | [CVE-2016-3751](https://nvd.nist.gov/vuln/detail/CVE-2016-3751)       | libpng                    | 7.8        | 1.2.59           | 1.6.43           | 1.6.44           | *[[PR](https://github.com/NixOS/nixpkgs/pull/286253)]*                                                                                                                                                                                                                 |
+| [CVE-2024-47835](https://nvd.nist.gov/vuln/detail/CVE-2024-47835)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47778](https://nvd.nist.gov/vuln/detail/CVE-2024-47778)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47603](https://nvd.nist.gov/vuln/detail/CVE-2024-47603)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47602](https://nvd.nist.gov/vuln/detail/CVE-2024-47602)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47601](https://nvd.nist.gov/vuln/detail/CVE-2024-47601)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47599](https://nvd.nist.gov/vuln/detail/CVE-2024-47599)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47596](https://nvd.nist.gov/vuln/detail/CVE-2024-47596)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47546](https://nvd.nist.gov/vuln/detail/CVE-2024-47546)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47545](https://nvd.nist.gov/vuln/detail/CVE-2024-47545)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47544](https://nvd.nist.gov/vuln/detail/CVE-2024-47544)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47543](https://nvd.nist.gov/vuln/detail/CVE-2024-47543)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47542](https://nvd.nist.gov/vuln/detail/CVE-2024-47542)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-47541](https://nvd.nist.gov/vuln/detail/CVE-2024-47541)     | gstreamer                 | 7.5        | 1.24.7           | 1.24.10          | 1.24.10          |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-7592](https://nvd.nist.gov/vuln/detail/CVE-2024-7592)       | python                    | 7.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
 | [CVE-2024-6232](https://nvd.nist.gov/vuln/detail/CVE-2024-6232)       | python                    | 7.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
 | [CVE-2024-4032](https://nvd.nist.gov/vuln/detail/CVE-2024-4032)       | python                    | 7.5        | 2.7.18.8         | 3.13.1           | 3.13.1           |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-52356](https://nvd.nist.gov/vuln/detail/CVE-2023-52356)     | libtiff                   | 7.5        | 4.7.0            | 4.7.0            | 4.7.0            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487)     | go                        | 7.5        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           | *[[PR](https://github.com/NixOS/nixpkgs/pull/262738), [PR](https://github.com/NixOS/nixpkgs/pull/263279), [PR](https://github.com/NixOS/nixpkgs/pull/278073), [PR](https://github.com/NixOS/nixpkgs/pull/286248), [PR](https://github.com/NixOS/nixpkgs/pull/298640)]* |
+| [CVE-2023-39325](https://nvd.nist.gov/vuln/detail/CVE-2023-39325)     | go                        | 7.5        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           | *[[PR](https://github.com/NixOS/nixpkgs/pull/262713), [PR](https://github.com/NixOS/nixpkgs/pull/300783)]*                                                                                                                                                             |
+| [CVE-2023-39322](https://nvd.nist.gov/vuln/detail/CVE-2023-39322)     | go                        | 7.5        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-39321](https://nvd.nist.gov/vuln/detail/CVE-2023-39321)     | go                        | 7.5        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-36632](https://nvd.nist.gov/vuln/detail/CVE-2023-36632)     | python                    | 7.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
+| [CVE-2023-32636](https://nvd.nist.gov/vuln/detail/CVE-2023-32636)     | glib                      | 7.5        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-29499](https://nvd.nist.gov/vuln/detail/CVE-2023-29499)     | glib                      | 7.5        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-28319](https://nvd.nist.gov/vuln/detail/CVE-2023-28319)     | curl                      | 7.5        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/232531)]*                                                                                                                                                                                                                 |
 | [CVE-2023-24329](https://nvd.nist.gov/vuln/detail/CVE-2023-24329)     | python                    | 7.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/236448), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                         |
+| [CVE-2023-6337](https://nvd.nist.gov/vuln/detail/CVE-2023-6337)       | vault                     | 7.5        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/272492), [PR](https://github.com/NixOS/nixpkgs/pull/274068), [PR](https://github.com/NixOS/nixpkgs/pull/274071)]*                                                                                                         |
+| [CVE-2023-6337](https://nvd.nist.gov/vuln/detail/CVE-2023-6337)       | vault                     | 7.5        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/272492), [PR](https://github.com/NixOS/nixpkgs/pull/274068), [PR](https://github.com/NixOS/nixpkgs/pull/274071)]*                                                                                                         |
 | [CVE-2023-2680](https://nvd.nist.gov/vuln/detail/CVE-2023-2680)       | qemu                      | 7.5        | 9.1.1            | 9.2.0            | 9.2.0            | *[[PR](https://github.com/NixOS/nixpkgs/pull/305402)]*                                                                                                                                                                                                                 |
 | [CVE-2022-48560](https://nvd.nist.gov/vuln/detail/CVE-2022-48560)     | python                    | 7.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
 | [CVE-2022-45061](https://nvd.nist.gov/vuln/detail/CVE-2022-45061)     | python                    | 7.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/201859), [PR](https://github.com/NixOS/nixpkgs/pull/204893), [PR](https://github.com/NixOS/nixpkgs/pull/204900), [PR](https://github.com/NixOS/nixpkgs/pull/204902), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]* |
 | [CVE-2022-43357](https://nvd.nist.gov/vuln/detail/CVE-2022-43357)     | sassc                     | 7.5        | 3.6.2            | 3.6.2            | 3.6.2            | *[[PR](https://github.com/NixOS/nixpkgs/pull/274726), [PR](https://github.com/NixOS/nixpkgs/pull/275599), [PR](https://github.com/NixOS/nixpkgs/pull/275878)]*                                                                                                         |
+| [CVE-2022-40898](https://nvd.nist.gov/vuln/detail/CVE-2022-40898)     | wheel                     | 7.5        | 0.37.1-source    | 0.45.1           | 0.45.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/210565), [PR](https://github.com/NixOS/nixpkgs/pull/361930), [PR](https://github.com/NixOS/nixpkgs/pull/362304)]*                                                                                                         |
 | [CVE-2022-32743](https://nvd.nist.gov/vuln/detail/CVE-2022-32743)     | samba                     | 7.5        | 4.20.4           | 4.20.4           | 4.21.2           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-27782](https://nvd.nist.gov/vuln/detail/CVE-2022-27782)     | curl                      | 7.5        | 0.4.46           |                  |                  |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-27781](https://nvd.nist.gov/vuln/detail/CVE-2022-27781)     | curl                      | 7.5        | 0.4.46           |                  |                  |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-25883](https://nvd.nist.gov/vuln/detail/CVE-2022-25883)     | semver                    | 7.5        | 1.0.23           | 1.0.0            | 7.6.3            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-25883](https://nvd.nist.gov/vuln/detail/CVE-2022-25883)     | semver                    | 7.5        | 1.0.22           | 1.0.0            | 7.6.3            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-3064](https://nvd.nist.gov/vuln/detail/CVE-2022-3064)       | yaml                      | 7.5        | 0.11.11.2-r2.cab | 0.11.11.2        | 0.11.11.2        |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-3064](https://nvd.nist.gov/vuln/detail/CVE-2022-3064)       | yaml                      | 7.5        | 0.11.11.2        | 0.11.11.2        | 0.11.11.2        |                                                                                                                                                                                                                                                                        |
 | [CVE-2022-0391](https://nvd.nist.gov/vuln/detail/CVE-2022-0391)       | python                    | 7.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/203428), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                         |
 | [CVE-2021-45810](https://nvd.nist.gov/vuln/detail/CVE-2021-45810)     | globalprotect-openconnect | 7.5        | 1.4.9            | 1.4.9            | 2.3.9            |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35050](https://nvd.nist.gov/vuln/detail/CVE-2021-35050)     | network                   | 7.5        | 3.1.4.0-r1.cabal | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-35050](https://nvd.nist.gov/vuln/detail/CVE-2021-35050)     | network                   | 7.5        | 3.1.4.0          | 3.2.4.0          | 3.2.7.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-27400](https://nvd.nist.gov/vuln/detail/CVE-2021-27400)     | vault                     | 7.5        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/120155), [PR](https://github.com/NixOS/nixpkgs/pull/120157)]*                                                                                                                                                             |
+| [CVE-2021-27400](https://nvd.nist.gov/vuln/detail/CVE-2021-27400)     | vault                     | 7.5        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/120155), [PR](https://github.com/NixOS/nixpkgs/pull/120157)]*                                                                                                                                                             |
+| [CVE-2021-27219](https://nvd.nist.gov/vuln/detail/CVE-2021-27219)     | glib                      | 7.5        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-27218](https://nvd.nist.gov/vuln/detail/CVE-2021-27218)     | glib                      | 7.5        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-27569](https://nvd.nist.gov/vuln/detail/CVE-2020-27569)     | openvpn                   | 7.5        | 2.6.12           | 2.6.12           | 2.6.12           |                                                                                                                                                                                                                                                                        |
 | [CVE-2020-26304](https://nvd.nist.gov/vuln/detail/CVE-2020-26304)     | foundation                | 7.5        | 0.0.30           | 0.0.30           | 0.0.30           |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-13223](https://nvd.nist.gov/vuln/detail/CVE-2020-13223)     | vault                     | 7.5        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/91898), [PR](https://github.com/NixOS/nixpkgs/pull/92641)]*                                                                                                                                                               |
+| [CVE-2020-13223](https://nvd.nist.gov/vuln/detail/CVE-2020-13223)     | vault                     | 7.5        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/91898), [PR](https://github.com/NixOS/nixpkgs/pull/92641)]*                                                                                                                                                               |
+| [CVE-2020-11021](https://nvd.nist.gov/vuln/detail/CVE-2020-11021)     | http-client               | 7.5        | 0.7.17           | 0.7.17           | 0.7.18           |                                                                                                                                                                                                                                                                        |
 | [CVE-2019-9674](https://nvd.nist.gov/vuln/detail/CVE-2019-9674)       | python                    | 7.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
 | [CVE-2018-25032](https://nvd.nist.gov/vuln/detail/CVE-2018-25032)     | zlib                      | 7.5        | 0.6.3.0          | 0.7.1.0          | 0.7.1.0          | *[[PR](https://github.com/NixOS/nixpkgs/pull/165642), [PR](https://github.com/NixOS/nixpkgs/pull/166451), [PR](https://github.com/NixOS/nixpkgs/pull/167084), [PR](https://github.com/NixOS/nixpkgs/pull/205374)]*                                                     |
 | [CVE-2018-13162](https://nvd.nist.gov/vuln/detail/CVE-2018-13162)     | alex                      | 7.5        | 3.4.0.1          | 3.4.0.1          | 3.5.1.0          |                                                                                                                                                                                                                                                                        |
 | [CVE-2017-18589](https://nvd.nist.gov/vuln/detail/CVE-2017-18589)     | cookie                    | 7.5        | 0.4.6            | 0.5.0            | 0.5.0            |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-0397](https://nvd.nist.gov/vuln/detail/CVE-2024-0397)       | python                    | 7.4        | 2.7.18.8         | 3.13.1           | 3.13.1           |                                                                                                                                                                                                                                                                        |
-| [CVE-2023-2754](https://nvd.nist.gov/vuln/detail/CVE-2023-2754)       | warp                      | 7.4        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-1862](https://nvd.nist.gov/vuln/detail/CVE-2023-1862)       | warp                      | 7.3        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-4030](https://nvd.nist.gov/vuln/detail/CVE-2024-4030)       | python                    | 7.1        | 2.7.18.8         | 3.13.1           | 3.13.1           |                                                                                                                                                                                                                                                                        |
-| [CVE-2023-1412](https://nvd.nist.gov/vuln/detail/CVE-2023-1412)       | warp                      | 7          | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
-| [CVE-2023-0652](https://nvd.nist.gov/vuln/detail/CVE-2023-0652)       | warp                      | 7          | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
-| [CVE-2022-26488](https://nvd.nist.gov/vuln/detail/CVE-2022-26488)     | python                    | 7          | 2.7.18.8         | 3.13.1           | 3.13.1           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-26488](https://nvd.nist.gov/vuln/detail/CVE-2022-26488)     | python                    | 7.0        | 2.7.18.8         | 3.13.1           | 3.13.1           |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-6505](https://nvd.nist.gov/vuln/detail/CVE-2024-6505)       | qemu                      | 6.8        | 9.1.1            | 9.2.0            | 9.2.0            | *[[PR](https://github.com/NixOS/nixpkgs/pull/351100)]*                                                                                                                                                                                                                 |
-| [CVE-2022-3512](https://nvd.nist.gov/vuln/detail/CVE-2022-3512)       | warp                      | 6.7        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
-| [CVE-2022-3320](https://nvd.nist.gov/vuln/detail/CVE-2022-3320)       | warp                      | 6.7        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-2754](https://nvd.nist.gov/vuln/detail/CVE-2023-2754)       | warp                      | 6.8        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-0620](https://nvd.nist.gov/vuln/detail/CVE-2023-0620)       | vault                     | 6.7        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2023-0620](https://nvd.nist.gov/vuln/detail/CVE-2023-0620)       | vault                     | 6.7        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2024-50613](https://nvd.nist.gov/vuln/detail/CVE-2024-50613)     | libsndfile                | 6.5        | 1.2.2            | 1.2.2            | 1.2.2            |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-8365](https://nvd.nist.gov/vuln/detail/CVE-2024-8365)       | vault                     | 6.5        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-8365](https://nvd.nist.gov/vuln/detail/CVE-2024-8365)       | vault                     | 6.5        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-5642](https://nvd.nist.gov/vuln/detail/CVE-2024-5642)       | python                    | 6.5        | 2.7.18.8         | 3.13.1           | 3.13.1           |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-46361](https://nvd.nist.gov/vuln/detail/CVE-2023-46361)     | jbig2dec                  | 6.5        | 0.20             | 0.20             | 0.20             |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-37769](https://nvd.nist.gov/vuln/detail/CVE-2023-37769)     | pixman                    | 6.5        | 0.43.4           | 0.44.2           | 0.44.2           | See: [link](https://gitlab.freedesktop.org/pixman/pixman/-/issues/76): "This somehow got assigned CVE-2023-37769, not sure why NVD keeps assigning CVEs like this. This is just a test executable".                                                                    |
 | [CVE-2023-6277](https://nvd.nist.gov/vuln/detail/CVE-2023-6277)       | libtiff                   | 6.5        | 4.7.0            | 4.7.0            | 4.7.0            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-0665](https://nvd.nist.gov/vuln/detail/CVE-2023-0665)       | vault                     | 6.5        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2023-0665](https://nvd.nist.gov/vuln/detail/CVE-2023-0665)       | vault                     | 6.5        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
 | [CVE-2022-48564](https://nvd.nist.gov/vuln/detail/CVE-2022-48564)     | python                    | 6.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
+| [CVE-2022-42012](https://nvd.nist.gov/vuln/detail/CVE-2022-42012)     | dbus                      | 6.5        | 1                | 1.14.10          | 1.16.0           | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42012](https://nvd.nist.gov/vuln/detail/CVE-2022-42012)     | dbus                      | 6.5        | 0.9.7            | 1.14.10          | 1.16.0           | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42011](https://nvd.nist.gov/vuln/detail/CVE-2022-42011)     | dbus                      | 6.5        | 1                | 1.14.10          | 1.16.0           | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42011](https://nvd.nist.gov/vuln/detail/CVE-2022-42011)     | dbus                      | 6.5        | 0.9.7            | 1.14.10          | 1.16.0           | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42010](https://nvd.nist.gov/vuln/detail/CVE-2022-42010)     | dbus                      | 6.5        | 1                | 1.14.10          | 1.16.0           | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-42010](https://nvd.nist.gov/vuln/detail/CVE-2022-42010)     | dbus                      | 6.5        | 0.9.7            | 1.14.10          | 1.16.0           | *[[PR](https://github.com/NixOS/nixpkgs/pull/195264), [PR](https://github.com/NixOS/nixpkgs/pull/253430)]*                                                                                                                                                             |
+| [CVE-2022-38164](https://nvd.nist.gov/vuln/detail/CVE-2022-38164)     | safe                      | 6.5        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-38164](https://nvd.nist.gov/vuln/detail/CVE-2022-38164)     | safe                      | 6.5        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-32206](https://nvd.nist.gov/vuln/detail/CVE-2022-32206)     | curl                      | 6.5        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/179314), [PR](https://github.com/NixOS/nixpkgs/pull/180021)]*                                                                                                                                                             |
+| [CVE-2022-27776](https://nvd.nist.gov/vuln/detail/CVE-2022-27776)     | curl                      | 6.5        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/170654), [PR](https://github.com/NixOS/nixpkgs/pull/170659)]*                                                                                                                                                             |
 | [CVE-2021-46312](https://nvd.nist.gov/vuln/detail/CVE-2021-46312)     | djvulibre                 | 6.5        | 3.5.28           | 3.5.28           | 3.5.28           |                                                                                                                                                                                                                                                                        |
 | [CVE-2021-46310](https://nvd.nist.gov/vuln/detail/CVE-2021-46310)     | djvulibre                 | 6.5        | 3.5.28           | 3.5.28           | 3.5.28           |                                                                                                                                                                                                                                                                        |
 | [CVE-2021-3733](https://nvd.nist.gov/vuln/detail/CVE-2021-3733)       | python                    | 6.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/203428), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                         |
 | [CVE-2021-3670](https://nvd.nist.gov/vuln/detail/CVE-2021-3670)       | samba                     | 6.5        | 4.20.4           | 4.20.4           | 4.21.2           |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-27748](https://nvd.nist.gov/vuln/detail/CVE-2020-27748)     | xdg-utils                 | 6.5        | 1.2.1            | 1.2.1            | 1.2.1            |                                                                                                                                                                                                                                                                        |
 | [CVE-2019-1010258](https://nvd.nist.gov/vuln/detail/CVE-2019-1010258) | nanosvg                   | 6.5        | 0-unstable-2023- | 0-unstable-2023- | 20231202         |                                                                                                                                                                                                                                                                        |
 | [CVE-2017-18207](https://nvd.nist.gov/vuln/detail/CVE-2017-18207)     | python                    | 6.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
 | [CVE-2016-7538](https://nvd.nist.gov/vuln/detail/CVE-2016-7538)       | imagemagick               | 6.5        | 7.1.1-40         | 7.1.1-40         | 7.1.1.43         |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-0450](https://nvd.nist.gov/vuln/detail/CVE-2024-0450)       | python                    | 6.2        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/298006), [PR](https://github.com/NixOS/nixpkgs/pull/299123), [PR](https://github.com/NixOS/nixpkgs/pull/299125)]*                                                                                                         |
-| [CVE-2023-5341](https://nvd.nist.gov/vuln/detail/CVE-2023-5341)       | imagemagick               | 6.2        | 7.1.1-40         | 7.1.1-40         | 7.1.1.43         |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319)     | go                        | 6.1        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318)     | go                        | 6.1        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-35669](https://nvd.nist.gov/vuln/detail/CVE-2020-35669)     | http                      | 6.1        | 0.2.12           | 0.3-0            | 0.4              |                                                                                                                                                                                                                                                                        |
 | [CVE-2019-10010](https://nvd.nist.gov/vuln/detail/CVE-2019-10010)     | commonmark                | 6.1        | 0.2.6.1          | 0.2.6.1          | 0.2.6.1          |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-50602](https://nvd.nist.gov/vuln/detail/CVE-2024-50602)     | python                    | 5.9        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/354155)]*                                                                                                                                                                                                                 |
+| [CVE-2023-28321](https://nvd.nist.gov/vuln/detail/CVE-2023-28321)     | curl                      | 5.9        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/232531), [PR](https://github.com/NixOS/nixpkgs/pull/232535)]*                                                                                                                                                             |
+| [CVE-2023-28320](https://nvd.nist.gov/vuln/detail/CVE-2023-28320)     | curl                      | 5.9        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/232531), [PR](https://github.com/NixOS/nixpkgs/pull/232535)]*                                                                                                                                                             |
 | [CVE-2022-48566](https://nvd.nist.gov/vuln/detail/CVE-2022-48566)     | python                    | 5.9        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
+| [CVE-2022-43552](https://nvd.nist.gov/vuln/detail/CVE-2022-43552)     | curl                      | 5.9        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/207158), [PR](https://github.com/NixOS/nixpkgs/pull/207162), [PR](https://github.com/NixOS/nixpkgs/pull/207165)]*                                                                                                         |
+| [CVE-2022-40897](https://nvd.nist.gov/vuln/detail/CVE-2022-40897)     | setuptools                | 5.9        | 44.0.0-source    | 75.3.0           | 75.6.0           |                                                                                                                                                                                                                                                                        |
 | [CVE-2021-23336](https://nvd.nist.gov/vuln/detail/CVE-2021-23336)     | python                    | 5.9        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/117037), [PR](https://github.com/NixOS/nixpkgs/pull/117082), [PR](https://github.com/NixOS/nixpkgs/pull/118403), [PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]* |
-| [CVE-2022-2145](https://nvd.nist.gov/vuln/detail/CVE-2022-2145)       | warp                      | 5.8        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-3572](https://nvd.nist.gov/vuln/detail/CVE-2021-3572)       | pip                       | 5.7        | 20.3.4-source    | 24.0             | 24.3.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/368263)]*                                                                                                                                                                                                                 |
+| [CVE-2024-50612](https://nvd.nist.gov/vuln/detail/CVE-2024-50612)     | libsndfile                | 5.5        | 1.2.2            | 1.2.2            | 1.2.2            |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-24789](https://nvd.nist.gov/vuln/detail/CVE-2024-24789)     | go                        | 5.5        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           | *[[PR](https://github.com/NixOS/nixpkgs/pull/319485), [PR](https://github.com/NixOS/nixpkgs/pull/361606)]*                                                                                                                                                             |
 | [CVE-2024-8354](https://nvd.nist.gov/vuln/detail/CVE-2024-8354)       | qemu                      | 5.5        | 9.1.1            | 9.2.0            | 9.2.0            |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-6923](https://nvd.nist.gov/vuln/detail/CVE-2024-6923)       | python                    | 5.5        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/335172)]*                                                                                                                                                                                                                 |
+| [CVE-2023-51258](https://nvd.nist.gov/vuln/detail/CVE-2023-51258)     | yasm                      | 5.5        | 1.3.0            | 1.3.0            | 1.3.0            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-32665](https://nvd.nist.gov/vuln/detail/CVE-2023-32665)     | glib                      | 5.5        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-32611](https://nvd.nist.gov/vuln/detail/CVE-2023-32611)     | glib                      | 5.5        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-6992](https://nvd.nist.gov/vuln/detail/CVE-2023-6992)       | zlib                      | 5.5        | 1.3.1            | 1.3.1            | 1.3.1            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-6992](https://nvd.nist.gov/vuln/detail/CVE-2023-6992)       | zlib                      | 5.5        | 0.6.3.0-r5.cabal | 0.7.1.0          | 0.7.1.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-6992](https://nvd.nist.gov/vuln/detail/CVE-2023-6992)       | zlib                      | 5.5        | 0.6.3.0          | 0.7.1.0          | 0.7.1.0          |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-5341](https://nvd.nist.gov/vuln/detail/CVE-2023-5341)       | imagemagick               | 5.5        | 7.1.1-40         | 7.1.1-40         | 7.1.1.43         |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-0238](https://nvd.nist.gov/vuln/detail/CVE-2023-0238)       | warp                      | 5.5        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
 | [CVE-2022-4457](https://nvd.nist.gov/vuln/detail/CVE-2022-4457)       | warp                      | 5.5        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
 | [CVE-2022-1615](https://nvd.nist.gov/vuln/detail/CVE-2022-1615)       | samba                     | 5.5        | 4.20.4           | 4.20.4           | 4.21.2           |                                                                                                                                                                                                                                                                        |
 | [CVE-2021-45429](https://nvd.nist.gov/vuln/detail/CVE-2021-45429)     | yara                      | 5.5        | 4.5.0            | 4.5.0            | 4.5.2            | *[[PR](https://github.com/NixOS/nixpkgs/pull/161127)]*                                                                                                                                                                                                                 |
 | [CVE-2021-43519](https://nvd.nist.gov/vuln/detail/CVE-2021-43519)     | lua                       | 5.5        | 5.2.4            | 5.4.7            | 5.4.7            | *[[PR](https://github.com/NixOS/nixpkgs/pull/195329), [PR](https://github.com/NixOS/nixpkgs/pull/195788)]*                                                                                                                                                             |
+| [CVE-2021-4235](https://nvd.nist.gov/vuln/detail/CVE-2021-4235)       | yaml                      | 5.5        | 0.11.11.2-r2.cab | 0.11.11.2        | 0.11.11.2        |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-4235](https://nvd.nist.gov/vuln/detail/CVE-2021-4235)       | yaml                      | 5.5        | 0.11.11.2        | 0.11.11.2        | 0.11.11.2        |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-3800](https://nvd.nist.gov/vuln/detail/CVE-2021-3800)       | glib                      | 5.5        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-29385](https://nvd.nist.gov/vuln/detail/CVE-2020-29385)     | gdk-pixbuf                | 5.5        | 0.18.5           | 2.42.12          | 2.42.12          | *[[PR](https://github.com/NixOS/nixpkgs/pull/106302), [PR](https://github.com/NixOS/nixpkgs/pull/111542), [PR](https://github.com/NixOS/nixpkgs/pull/312036), [PR](https://github.com/NixOS/nixpkgs/pull/314686)]*                                                     |
 | [CVE-2020-18781](https://nvd.nist.gov/vuln/detail/CVE-2020-18781)     | audiofile                 | 5.5        | 0.3.6            | 0.3.6            | 0.3.6            |                                                                                                                                                                                                                                                                        |
 | [CVE-2016-10062](https://nvd.nist.gov/vuln/detail/CVE-2016-10062)     | imagemagick               | 5.5        | 7.1.1-40         | 7.1.1-40         | 7.1.1.43         |                                                                                                                                                                                                                                                                        |
+| [CVE-2024-21485](https://nvd.nist.gov/vuln/detail/CVE-2024-21485)     | dash                      | 5.4        | 0.5.12           |                  |                  |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-41940](https://nvd.nist.gov/vuln/detail/CVE-2023-41940)     | tap                       | 5.4        | 1.0.1            | 0.77             | 0.77             |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-2121](https://nvd.nist.gov/vuln/detail/CVE-2023-2121)       | vault                     | 5.4        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/236911), [PR](https://github.com/NixOS/nixpkgs/pull/239559), [PR](https://github.com/NixOS/nixpkgs/pull/239571)]*                                                                                                         |
+| [CVE-2023-2121](https://nvd.nist.gov/vuln/detail/CVE-2023-2121)       | vault                     | 5.4        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/236911), [PR](https://github.com/NixOS/nixpkgs/pull/239559), [PR](https://github.com/NixOS/nixpkgs/pull/239571)]*                                                                                                         |
+| [CVE-2022-47524](https://nvd.nist.gov/vuln/detail/CVE-2022-47524)     | safe                      | 5.4        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-47524](https://nvd.nist.gov/vuln/detail/CVE-2022-47524)     | safe                      | 5.4        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-41802](https://nvd.nist.gov/vuln/detail/CVE-2021-41802)     | vault                     | 5.4        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-41802](https://nvd.nist.gov/vuln/detail/CVE-2021-41802)     | vault                     | 5.4        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          |                                                                                                                                                                                                                                                                        |
+| [CVE-2020-2136](https://nvd.nist.gov/vuln/detail/CVE-2020-2136)       | git                       | 5.4        | 2.47.0           | 2.47.0           | 2.47.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/82872), [PR](https://github.com/NixOS/nixpkgs/pull/84664)]*                                                                                                                                                               |
 | [CVE-2023-40217](https://nvd.nist.gov/vuln/detail/CVE-2023-40217)     | python                    | 5.3        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/173833), [PR](https://github.com/NixOS/nixpkgs/pull/363310)]*                                                                                                                                                             |
+| [CVE-2023-33955](https://nvd.nist.gov/vuln/detail/CVE-2023-33955)     | console                   | 5.3        | 0.15.8           | 0.1.0-unstable-2 |                  |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-27043](https://nvd.nist.gov/vuln/detail/CVE-2023-27043)     | python                    | 5.3        | 2.7.18.8         | 3.13.1           | 3.13.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/243074), [PR](https://github.com/NixOS/nixpkgs/pull/349408)]*                                                                                                                                                             |
+| [CVE-2023-26044](https://nvd.nist.gov/vuln/detail/CVE-2023-26044)     | http                      | 5.3        | 1.1.0            |                  |                  |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-7216](https://nvd.nist.gov/vuln/detail/CVE-2023-7216)       | cpio                      | 5.3        | 2.15             | 2.15             | 2.15             |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-43410](https://nvd.nist.gov/vuln/detail/CVE-2022-43410)     | mercurial                 | 5.3        | 6.8.2            | 6.8.2            | 6.9              |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-41316](https://nvd.nist.gov/vuln/detail/CVE-2022-41316)     | vault                     | 5.3        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-41316](https://nvd.nist.gov/vuln/detail/CVE-2022-41316)     | vault                     | 5.3        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-36032](https://nvd.nist.gov/vuln/detail/CVE-2022-36032)     | http                      | 5.3        | 1.1.0            |                  |                  |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-44751](https://nvd.nist.gov/vuln/detail/CVE-2021-44751)     | safe                      | 5.3        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-44751](https://nvd.nist.gov/vuln/detail/CVE-2021-44751)     | safe                      | 5.3        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-38554](https://nvd.nist.gov/vuln/detail/CVE-2021-38554)     | vault                     | 5.3        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-38554](https://nvd.nist.gov/vuln/detail/CVE-2021-38554)     | vault                     | 5.3        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-28153](https://nvd.nist.gov/vuln/detail/CVE-2021-28153)     | glib                      | 5.3        | 0.18.5           | 0.13.11.0        | 0.13.11.0        |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-3024](https://nvd.nist.gov/vuln/detail/CVE-2021-3024)       | vault                     | 5.3        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/112146)]*                                                                                                                                                                                                                 |
+| [CVE-2021-3024](https://nvd.nist.gov/vuln/detail/CVE-2021-3024)       | vault                     | 5.3        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/112146)]*                                                                                                                                                                                                                 |
+| [CVE-2020-25594](https://nvd.nist.gov/vuln/detail/CVE-2020-25594)     | vault                     | 5.3        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/112146)]*                                                                                                                                                                                                                 |
+| [CVE-2020-25594](https://nvd.nist.gov/vuln/detail/CVE-2020-25594)     | vault                     | 5.3        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/112146)]*                                                                                                                                                                                                                 |
 | [CVE-2020-11104](https://nvd.nist.gov/vuln/detail/CVE-2020-11104)     | cereal                    | 5.3        | 0.5.8.3          | 0.5.8.3          | 0.5.8.3          |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-49292](https://nvd.nist.gov/vuln/detail/CVE-2023-49292)     | go                        | 4.8        | 1.23.3           | 1.23.4           | 1.23.4           |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-49292](https://nvd.nist.gov/vuln/detail/CVE-2023-49292)     | go                        | 4.8        | 1.21.0-linux-amd | 1.23.4           | 1.23.4           |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-4039](https://nvd.nist.gov/vuln/detail/CVE-2023-4039)       | gcc                       | 4.8        | 13.3.0           |                  |                  |                                                                                                                                                                                                                                                                        |
 | [CVE-2024-10041](https://nvd.nist.gov/vuln/detail/CVE-2024-10041)     | linux-pam                 | 4.7        | 1.6.1            |                  |                  |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-25000](https://nvd.nist.gov/vuln/detail/CVE-2023-25000)     | vault                     | 4.7        | 0.3.1.5-r8.cabal | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
+| [CVE-2023-25000](https://nvd.nist.gov/vuln/detail/CVE-2023-25000)     | vault                     | 4.7        | 0.3.1.5          | 0.3.1.5          | 0.3.1.5          | *[[PR](https://github.com/NixOS/nixpkgs/pull/227692)]*                                                                                                                                                                                                                 |
 | [CVE-2024-9143](https://nvd.nist.gov/vuln/detail/CVE-2024-9143)       | openssl                   | 4.3        | 3.3.2            | 3.3.2            | 3.4.0            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28873](https://nvd.nist.gov/vuln/detail/CVE-2022-28873)     | safe                      | 4.3        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28873](https://nvd.nist.gov/vuln/detail/CVE-2022-28873)     | safe                      | 4.3        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28870](https://nvd.nist.gov/vuln/detail/CVE-2022-28870)     | safe                      | 4.3        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28870](https://nvd.nist.gov/vuln/detail/CVE-2022-28870)     | safe                      | 4.3        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28869](https://nvd.nist.gov/vuln/detail/CVE-2022-28869)     | safe                      | 4.3        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28869](https://nvd.nist.gov/vuln/detail/CVE-2022-28869)     | safe                      | 4.3        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28868](https://nvd.nist.gov/vuln/detail/CVE-2022-28868)     | safe                      | 4.3        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-28868](https://nvd.nist.gov/vuln/detail/CVE-2022-28868)     | safe                      | 4.3        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-40835](https://nvd.nist.gov/vuln/detail/CVE-2021-40835)     | safe                      | 4.3        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-40835](https://nvd.nist.gov/vuln/detail/CVE-2021-40835)     | safe                      | 4.3        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-40834](https://nvd.nist.gov/vuln/detail/CVE-2021-40834)     | safe                      | 4.3        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-40834](https://nvd.nist.gov/vuln/detail/CVE-2021-40834)     | safe                      | 4.3        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
 | [CVE-2018-14628](https://nvd.nist.gov/vuln/detail/CVE-2018-14628)     | samba                     | 4.3        | 4.20.4           | 4.20.4           | 4.21.2           | *[[PR](https://github.com/NixOS/nixpkgs/pull/270419)]*                                                                                                                                                                                                                 |
-| [CVE-2021-4276](https://nvd.nist.gov/vuln/detail/CVE-2021-4276)       | hedgehog                  | 4.1        | 1.4              | 1.5              | 1.5              | *[[PR](https://github.com/NixOS/nixpkgs/pull/192632)]*                                                                                                                                                                                                                 |
-| [CVE-2023-0654](https://nvd.nist.gov/vuln/detail/CVE-2023-0654)       | warp                      | 3.9        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
-| [CVE-2023-0238](https://nvd.nist.gov/vuln/detail/CVE-2023-0238)       | warp                      | 3.9        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33596](https://nvd.nist.gov/vuln/detail/CVE-2021-33596)     | safe                      | 4.1        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33596](https://nvd.nist.gov/vuln/detail/CVE-2021-33596)     | safe                      | 4.1        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-28322](https://nvd.nist.gov/vuln/detail/CVE-2023-28322)     | curl                      | 3.7        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/232531), [PR](https://github.com/NixOS/nixpkgs/pull/232535)]*                                                                                                                                                             |
+| [CVE-2023-0654](https://nvd.nist.gov/vuln/detail/CVE-2023-0654)       | warp                      | 3.7        | 3.3.31           | 3.4.3            | 3.4.7            |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-35252](https://nvd.nist.gov/vuln/detail/CVE-2022-35252)     | curl                      | 3.7        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/189083), [PR](https://github.com/NixOS/nixpkgs/pull/198730)]*                                                                                                                                                             |
+| [CVE-2020-8284](https://nvd.nist.gov/vuln/detail/CVE-2020-8284)       | curl                      | 3.7        | 0.4.46           |                  |                  | *[[PR](https://github.com/NixOS/nixpkgs/pull/106452)]*                                                                                                                                                                                                                 |
+| [CVE-2022-38163](https://nvd.nist.gov/vuln/detail/CVE-2022-38163)     | safe                      | 3.5        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2022-38163](https://nvd.nist.gov/vuln/detail/CVE-2022-38163)     | safe                      | 3.5        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33595](https://nvd.nist.gov/vuln/detail/CVE-2021-33595)     | safe                      | 3.5        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33595](https://nvd.nist.gov/vuln/detail/CVE-2021-33595)     | safe                      | 3.5        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33594](https://nvd.nist.gov/vuln/detail/CVE-2021-33594)     | safe                      | 3.5        | 0.3.21-r1.cabal  | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
+| [CVE-2021-33594](https://nvd.nist.gov/vuln/detail/CVE-2021-33594)     | safe                      | 3.5        | 0.3.21           | 0.3.21           | 0.3.21           |                                                                                                                                                                                                                                                                        |
 | [CVE-2023-6228](https://nvd.nist.gov/vuln/detail/CVE-2023-6228)       | libtiff                   | 3.3        | 4.7.0            | 4.7.0            | 4.7.0            |                                                                                                                                                                                                                                                                        |
+| [CVE-2023-5752](https://nvd.nist.gov/vuln/detail/CVE-2023-5752)       | pip                       | 3.3        | 20.3.4-source    | 24.0             | 24.3.1           | *[[PR](https://github.com/NixOS/nixpkgs/pull/276928), [PR](https://github.com/NixOS/nixpkgs/pull/368263)]*                                                                                                                                                             |
 | [CVE-2023-1386](https://nvd.nist.gov/vuln/detail/CVE-2023-1386)       | qemu                      | 3.3        | 9.1.1            | 9.2.0            | 9.2.0            | Revisit when fixed upstream: [link](https://github.com/v9fs/linux/issues/29).                                                                                                                                                                                          |
 | [GHSA-pxg6-pf52-xh8x](https://osv.dev/GHSA-pxg6-pf52-xh8x)            | cookie                    |            | 0.4.6            | 0.5.0            | 0.5.0            |                                                                                                                                                                                                                                                                        |
 | [GHSA-fwr7-v2mv-hh25](https://osv.dev/GHSA-fwr7-v2mv-hh25)            | async                     |            | 2.2.5            | 2.2.5            | 2.2.5            |                                                                                                                                                                                                                                                                        |
@@ -263,68 +654,104 @@ Following table lists vulnerabilities that would otherwise have been included to
 <summary>Whitelisted vulnerabilities</summary>
 <br>
 
-| vuln_id                                                           | package   | severity   | version_local   | comment                                                                                                                                                                                                                                                                                       |
-|-------------------------------------------------------------------|-----------|------------|-----------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| [CVE-2018-7263](https://nvd.nist.gov/vuln/detail/CVE-2018-7263)   | libmad    | 9.8        | 0.15.1b         | Based on [link](https://github.com/NixOS/nixpkgs/issues/57154), issue is fixed by [link](https://github.com/NixOS/nixpkgs/commit/92edb0610923fab5a9dcc59b94652f1e8a5ea1ed).                                                                                                                   |
-| [CVE-2016-10141](https://nvd.nist.gov/vuln/detail/CVE-2016-10141) | mujs      | 9.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-10133](https://nvd.nist.gov/vuln/detail/CVE-2016-10133) | mujs      | 9.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-7504](https://nvd.nist.gov/vuln/detail/CVE-2016-7504)   | mujs      | 9.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2021-23169](https://nvd.nist.gov/vuln/detail/CVE-2021-23169) | openexr   | 8.8        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7.                                                                                                                     |
-| [CVE-2018-6553](https://nvd.nist.gov/vuln/detail/CVE-2018-6553)   | cups      | 8.8        | 2.4.11          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2017-5436](https://nvd.nist.gov/vuln/detail/CVE-2017-5436)   | graphite2 | 8.8        | 1.3.14          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2022-36073](https://nvd.nist.gov/vuln/detail/CVE-2022-36073) | rubygems  | 8.3        | 3.5.22          | Latest impacted version in 3.x is 3.0.4.                                                                                                                                                                                                                                                      |
-| [CVE-2019-14586](https://nvd.nist.gov/vuln/detail/CVE-2019-14586) | edk2      | 8          | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2021-30499](https://nvd.nist.gov/vuln/detail/CVE-2021-30499) | libcaca   | 7.8        | 0.99.beta20     | NVD data issue: CPE entry does not correctly state the version numbers. Issue is fixed in v0.99.beta20: [link](https://github.com/cacalabs/libcaca/releases/tag/v0.99.beta20).                                                                                                                |
-| [CVE-2019-14575](https://nvd.nist.gov/vuln/detail/CVE-2019-14575) | edk2      | 7.8        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2019-14563](https://nvd.nist.gov/vuln/detail/CVE-2019-14563) | edk2      | 7.8        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2017-5628](https://nvd.nist.gov/vuln/detail/CVE-2017-5628)   | mujs      | 7.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2017-5627](https://nvd.nist.gov/vuln/detail/CVE-2017-5627)   | mujs      | 7.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-2226](https://nvd.nist.gov/vuln/detail/CVE-2016-2226)   | libiberty | 7.8        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2019-14559](https://nvd.nist.gov/vuln/detail/CVE-2019-14559) | edk2      | 7.5        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-10132](https://nvd.nist.gov/vuln/detail/CVE-2016-10132) | mujs      | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-9294](https://nvd.nist.gov/vuln/detail/CVE-2016-9294)   | mujs      | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-9136](https://nvd.nist.gov/vuln/detail/CVE-2016-9136)   | mujs      | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-9109](https://nvd.nist.gov/vuln/detail/CVE-2016-9109)   | mujs      | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-9108](https://nvd.nist.gov/vuln/detail/CVE-2016-9108)   | mujs      | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-9017](https://nvd.nist.gov/vuln/detail/CVE-2016-9017)   | mujs      | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-7564](https://nvd.nist.gov/vuln/detail/CVE-2016-7564)   | mujs      | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-7563](https://nvd.nist.gov/vuln/detail/CVE-2016-7563)   | mujs      | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-7506](https://nvd.nist.gov/vuln/detail/CVE-2016-7506)   | mujs      | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-6131](https://nvd.nist.gov/vuln/detail/CVE-2016-6131)   | libiberty | 7.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2014-4860](https://nvd.nist.gov/vuln/detail/CVE-2014-4860)   | edk2      | 6.8        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2014-4859](https://nvd.nist.gov/vuln/detail/CVE-2014-4859)   | edk2      | 6.8        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2022-37416](https://nvd.nist.gov/vuln/detail/CVE-2022-37416) | libmpeg2  | 6.5        | 0.5.1           | NVD data issue: concerns Android only.                                                                                                                                                                                                                                                        |
-| [CVE-2022-0856](https://nvd.nist.gov/vuln/detail/CVE-2022-0856)   | libcaca   | 6.5        | 0.99.beta20     | Crash in CLI tool, no security impact.                                                                                                                                                                                                                                                        |
-| [CVE-2020-24490](https://nvd.nist.gov/vuln/detail/CVE-2020-24490) | bluez     | 6.5        | 5.78            | Fixed in linux kernel (5.8) with: [link](https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=a2ec905d1e160a33b2e210e45ad30445ef26ce0e).                                                                                                                   |
-| [CVE-2019-14587](https://nvd.nist.gov/vuln/detail/CVE-2019-14587) | edk2      | 6.5        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2019-12067](https://nvd.nist.gov/vuln/detail/CVE-2019-12067) | qemu      | 6.5        | 9.1.1           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2019-6470](https://nvd.nist.gov/vuln/detail/CVE-2019-6470)   | bind      | 6.5        | 9.18.28         | Not valid: [link](https://github.com/NixOS/nixpkgs/issues/73617#issuecomment-569491606).                                                                                                                                                                                                      |
-| [CVE-2016-2781](https://nvd.nist.gov/vuln/detail/CVE-2016-2781)   | coreutils | 6.5        | 9.5             | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2021-26945](https://nvd.nist.gov/vuln/detail/CVE-2021-26945) | openexr   | 5.5        | 2.5.10          | Fix patch [link](https://github.com/AcademySoftwareFoundation/openexr/pull/930/commits/b73ec53bd24ba116d7bf48ebdc868301c596706e) modifies a file that is not available in openexr 2. Thus, the fix doesn't apply to 2.5.8.                                                                    |
-| [CVE-2021-26260](https://nvd.nist.gov/vuln/detail/CVE-2021-26260) | openexr   | 5.5        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d) which went to 2.5.5.                                                                               |
-| [CVE-2021-23215](https://nvd.nist.gov/vuln/detail/CVE-2021-23215) | openexr   | 5.5        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d) which went to 2.5.5.                                                                               |
-| [CVE-2021-20255](https://nvd.nist.gov/vuln/detail/CVE-2021-20255) | qemu      | 5.5        | 9.1.1           | Upstream patch not merged: [link](https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html). No point fixing this in nixpkgs as long as it is not fixed upstream.                                                                                                                  |
-| [CVE-2021-3605](https://nvd.nist.gov/vuln/detail/CVE-2021-3605)   | openexr   | 5.5        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7.                                                                                                                     |
-| [CVE-2021-3598](https://nvd.nist.gov/vuln/detail/CVE-2021-3598)   | openexr   | 5.5        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7.                                                                                                                     |
-| [CVE-2019-20633](https://nvd.nist.gov/vuln/detail/CVE-2019-20633) | patch     | 5.5        | 2.7.6           | Upstream patch is not merged: [link](https://savannah.gnu.org/bugs/index.php?56683). Not sure why this isn't fixed upstream. No point fixing this in nixpkgs as long as it is not fixed upstream.                                                                                             |
-| [CVE-2019-14562](https://nvd.nist.gov/vuln/detail/CVE-2019-14562) | edk2      | 5.5        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2018-18438](https://nvd.nist.gov/vuln/detail/CVE-2018-18438) | qemu      | 5.5        | 9.1.1           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-4493](https://nvd.nist.gov/vuln/detail/CVE-2016-4493)   | libiberty | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-4491](https://nvd.nist.gov/vuln/detail/CVE-2016-4491)   | libiberty | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-4490](https://nvd.nist.gov/vuln/detail/CVE-2016-4490)   | libiberty | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-4489](https://nvd.nist.gov/vuln/detail/CVE-2016-4489)   | libiberty | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-4488](https://nvd.nist.gov/vuln/detail/CVE-2016-4488)   | libiberty | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-4487](https://nvd.nist.gov/vuln/detail/CVE-2016-4487)   | libiberty | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2015-7313](https://nvd.nist.gov/vuln/detail/CVE-2015-7313)   | libtiff   | 5.5        | 4.7.0           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2019-14553](https://nvd.nist.gov/vuln/detail/CVE-2019-14553) | edk2      | 4.9        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2016-4492](https://nvd.nist.gov/vuln/detail/CVE-2016-4492)   | libiberty | 4.4        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2022-3219](https://nvd.nist.gov/vuln/detail/CVE-2022-3219)   | gnupg     | 3.3        | 2.4.5           | Fix patch is not accepted upstream: [link](https://dev.gnupg.org/D556).                                                                                                                                                                                                                       |
-| [GHSA-6898-wx94-8jq8](https://osv.dev/GHSA-6898-wx94-8jq8)        | libnotify |            | 0.8.3           | Incorrect package: Issue refers node-libnotify [link](https://github.com/mytrile/node-libnotify), whereas nixpkgs refers gnome-libnotify [link](https://gitlab.gnome.org/GNOME/libnotify).                                                                                                    |
-| [OSV-2023-137](https://osv.dev/OSV-2023-137)                      | harfbuzz  |            | 10.0.1          | Based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56510#c2), the issue is fixed in range [link](https://github.com/harfbuzz/harfbuzz/compare/67e01c1292821e7b6fc2ab13acddb84ab41b2187...60841e26187576bff477c1a09ee2ffe544844abc) all of which have been merged in 7.1.0. |
-| [MAL-2022-4301](https://osv.dev/MAL-2022-4301)                    | libidn2   |            | 2.3.7           | Incorrect package: Issue refers npm libidn2, whereas, nixpkgs refers libidn2 [link](https://gitlab.com/libidn/libidn2).                                                                                                                                                                       |
-| [OSV-2021-820](https://osv.dev/OSV-2021-820)                      | qemu      |            | 9.1.1           | Fixed based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2).                                                                                                                                                                                                        |
-| [OSV-2021-777](https://osv.dev/OSV-2021-777)                      | libxml2   |            | 2.13.4          | Fixed by [link](https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f5ccada05ddd4a1ff8e399ad39fc7cd4bd33325), which went to 2.9.13. Therefore, this issue is fixed in 2.10.4.                                                                                                                    |
-| [CVE-2012-3509](https://nvd.nist.gov/vuln/detail/CVE-2012-3509)   | libiberty |            | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                       |
-| [CVE-2010-4226](https://nvd.nist.gov/vuln/detail/CVE-2010-4226)   | cpio      |            | 2.15            | NVD data issue: concerns OpenSuSE, not cpio.                                                                                                                                                                                                                                                  |
+| vuln_id                                                           | package    | severity   | version_local   | comment                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
+|-------------------------------------------------------------------|------------|------------|-----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| [CVE-2023-41330](https://nvd.nist.gov/vuln/detail/CVE-2023-41330) | snappy     | 9.8        | 1.2.1           | Incorrect package: Issue concerns snappy php library: [link](https://github.com/KnpLabs/snappy), whereas, nixpkgs "snappy" refers snappy compression library: [link](https://google.github.io/snappy/). Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96). |
+| [CVE-2023-28115](https://nvd.nist.gov/vuln/detail/CVE-2023-28115) | snappy     | 9.8        | 1.2.1           | Incorrect package: Issue concerns snappy php library: [link](https://github.com/KnpLabs/snappy), whereas, nixpkgs "snappy" refers snappy compression library: [link](https://google.github.io/snappy/). Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96). |
+| [CVE-2021-4336](https://nvd.nist.gov/vuln/detail/CVE-2021-4336)   | ninja      | 9.8        | 1.12.1          | Incorrect package: nixpkgs 'ninja' refers [link](https://github.com/ninja-build/ninja), not [link](https://github.com/ITRS-Group/monitor-ninja).                                                                                                                                                                                                                                                                                                                        |
+| [CVE-2018-7263](https://nvd.nist.gov/vuln/detail/CVE-2018-7263)   | libmad     | 9.8        | 0.15.1b         | Based on [link](https://github.com/NixOS/nixpkgs/issues/57154), issue is fixed by [link](https://github.com/NixOS/nixpkgs/commit/92edb0610923fab5a9dcc59b94652f1e8a5ea1ed).                                                                                                                                                                                                                                                                                             |
+| [CVE-2016-10141](https://nvd.nist.gov/vuln/detail/CVE-2016-10141) | mujs       | 9.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-10133](https://nvd.nist.gov/vuln/detail/CVE-2016-10133) | mujs       | 9.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-7504](https://nvd.nist.gov/vuln/detail/CVE-2016-7504)   | mujs       | 9.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2022-36882](https://nvd.nist.gov/vuln/detail/CVE-2022-36882) | git        | 8.8        | 2.47.0          | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
+| [CVE-2022-36073](https://nvd.nist.gov/vuln/detail/CVE-2022-36073) | rubygems   | 8.8        | 3.5.22          | Latest impacted version in 3.x is 3.0.4.                                                                                                                                                                                                                                                                                                                                                                                                                                |
+| [CVE-2021-23169](https://nvd.nist.gov/vuln/detail/CVE-2021-23169) | openexr    | 8.8        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7.                                                                                                                                                                                                                                                                                               |
+| [CVE-2018-6553](https://nvd.nist.gov/vuln/detail/CVE-2018-6553)   | cups       | 8.8        | 2.4.11          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2017-5436](https://nvd.nist.gov/vuln/detail/CVE-2017-5436)   | graphite2  | 8.8        | 1.3.14          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2019-14586](https://nvd.nist.gov/vuln/detail/CVE-2019-14586) | edk2       | 8.0        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2021-30499](https://nvd.nist.gov/vuln/detail/CVE-2021-30499) | libcaca    | 7.8        | 0.99.beta20     | NVD data issue: CPE entry does not correctly state the version numbers. Issue is fixed in v0.99.beta20: [link](https://github.com/cacalabs/libcaca/releases/tag/v0.99.beta20).                                                                                                                                                                                                                                                                                          |
+| [CVE-2021-26720](https://nvd.nist.gov/vuln/detail/CVE-2021-26720) | avahi      | 7.8        | 0.8             | False positive: issue refers avahi-daemon-check-dns.sh in the Debian avahi package. As such, the issue is specific to Debian and its derivatives.                                                                                                                                                                                                                                                                                                                       |
+| [CVE-2019-14575](https://nvd.nist.gov/vuln/detail/CVE-2019-14575) | edk2       | 7.8        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2019-14563](https://nvd.nist.gov/vuln/detail/CVE-2019-14563) | edk2       | 7.8        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2017-5628](https://nvd.nist.gov/vuln/detail/CVE-2017-5628)   | mujs       | 7.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2017-5627](https://nvd.nist.gov/vuln/detail/CVE-2017-5627)   | mujs       | 7.8        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-2226](https://nvd.nist.gov/vuln/detail/CVE-2016-2226)   | libiberty  | 7.8        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2022-36883](https://nvd.nist.gov/vuln/detail/CVE-2022-36883) | git        | 7.5        | 2.47.0          | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
+| [CVE-2022-30947](https://nvd.nist.gov/vuln/detail/CVE-2022-30947) | git        | 7.5        | 2.47.0          | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
+| [CVE-2021-33506](https://nvd.nist.gov/vuln/detail/CVE-2021-33506) | jitsi-meet | 7.5        | 1.0.8043        | Fixed in nixpkgs as mentioned in [link](https://github.com/NixOS/nixpkgs/issues/132134#issuecomment-890319135).                                                                                                                                                                                                                                                                                                                                                         |
+| [CVE-2019-14559](https://nvd.nist.gov/vuln/detail/CVE-2019-14559) | edk2       | 7.5        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-10132](https://nvd.nist.gov/vuln/detail/CVE-2016-10132) | mujs       | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-9294](https://nvd.nist.gov/vuln/detail/CVE-2016-9294)   | mujs       | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-9136](https://nvd.nist.gov/vuln/detail/CVE-2016-9136)   | mujs       | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-9109](https://nvd.nist.gov/vuln/detail/CVE-2016-9109)   | mujs       | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-9108](https://nvd.nist.gov/vuln/detail/CVE-2016-9108)   | mujs       | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-9017](https://nvd.nist.gov/vuln/detail/CVE-2016-9017)   | mujs       | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-7564](https://nvd.nist.gov/vuln/detail/CVE-2016-7564)   | mujs       | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-7563](https://nvd.nist.gov/vuln/detail/CVE-2016-7563)   | mujs       | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-7506](https://nvd.nist.gov/vuln/detail/CVE-2016-7506)   | mujs       | 7.5        | 1.3.5           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-6131](https://nvd.nist.gov/vuln/detail/CVE-2016-6131)   | libiberty  | 7.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2014-4860](https://nvd.nist.gov/vuln/detail/CVE-2014-4860)   | edk2       | 6.8        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2014-4859](https://nvd.nist.gov/vuln/detail/CVE-2014-4859)   | edk2       | 6.8        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2022-26691](https://nvd.nist.gov/vuln/detail/CVE-2022-26691) | cups       | 6.7        | 2.4.11          | Fixed in nixpkgs with PR: [link](https://github.com/NixOS/nixpkgs/pull/174898).                                                                                                                                                                                                                                                                                                                                                                                         |
+| [CVE-2022-38663](https://nvd.nist.gov/vuln/detail/CVE-2022-38663) | git        | 6.5        | 2.47.0          | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
+| [CVE-2022-37416](https://nvd.nist.gov/vuln/detail/CVE-2022-37416) | libmpeg2   | 6.5        | 0.5.1           | NVD data issue: concerns Android only.                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| [CVE-2022-0856](https://nvd.nist.gov/vuln/detail/CVE-2022-0856)   | libcaca    | 6.5        | 0.99.beta20     | Crash in CLI tool, no security impact.                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| [CVE-2020-24490](https://nvd.nist.gov/vuln/detail/CVE-2020-24490) | bluez      | 6.5        | 5.78            | Fixed in linux kernel (5.8) with: [link](https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=a2ec905d1e160a33b2e210e45ad30445ef26ce0e).                                                                                                                                                                                                                                                                                             |
+| [CVE-2019-14587](https://nvd.nist.gov/vuln/detail/CVE-2019-14587) | edk2       | 6.5        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2019-12067](https://nvd.nist.gov/vuln/detail/CVE-2019-12067) | qemu       | 6.5        | 9.1.1           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2019-6470](https://nvd.nist.gov/vuln/detail/CVE-2019-6470)   | bind       | 6.5        | 9.18.28         | Not valid: [link](https://github.com/NixOS/nixpkgs/issues/73617#issuecomment-569491606).                                                                                                                                                                                                                                                                                                                                                                                |
+| [CVE-2016-2781](https://nvd.nist.gov/vuln/detail/CVE-2016-2781)   | coreutils  | 6.5        | 9.5             | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2021-39205](https://nvd.nist.gov/vuln/detail/CVE-2021-39205) | jitsi-meet | 6.1        | 1.0.8043        | Does not impact the version in nixpkgs as mentioned in [link](https://github.com/NixOS/nixpkgs/issues/142979#issuecomment-964291845).                                                                                                                                                                                                                                                                                                                                   |
+| [CVE-2021-21684](https://nvd.nist.gov/vuln/detail/CVE-2021-21684) | git        | 6.1        | 2.47.0          | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
+| [CVE-2023-31974](https://nvd.nist.gov/vuln/detail/CVE-2023-31974) | yasm       | 5.5        | 1.3.0           | Crash in CLI tool, no security impact.                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| [CVE-2023-31973](https://nvd.nist.gov/vuln/detail/CVE-2023-31973) | yasm       | 5.5        | 1.3.0           | Crash in CLI tool, no security impact.                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| [CVE-2023-31972](https://nvd.nist.gov/vuln/detail/CVE-2023-31972) | yasm       | 5.5        | 1.3.0           | Crash in CLI tool, no security impact.                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| [CVE-2023-30402](https://nvd.nist.gov/vuln/detail/CVE-2023-30402) | yasm       | 5.5        | 1.3.0           | Crash in CLI tool, no security impact.                                                                                                                                                                                                                                                                                                                                                                                                                                  |
+| [CVE-2021-33468](https://nvd.nist.gov/vuln/detail/CVE-2021-33468) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33467](https://nvd.nist.gov/vuln/detail/CVE-2021-33467) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33466](https://nvd.nist.gov/vuln/detail/CVE-2021-33466) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33465](https://nvd.nist.gov/vuln/detail/CVE-2021-33465) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33464](https://nvd.nist.gov/vuln/detail/CVE-2021-33464) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33463](https://nvd.nist.gov/vuln/detail/CVE-2021-33463) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33462](https://nvd.nist.gov/vuln/detail/CVE-2021-33462) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33461](https://nvd.nist.gov/vuln/detail/CVE-2021-33461) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33460](https://nvd.nist.gov/vuln/detail/CVE-2021-33460) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33459](https://nvd.nist.gov/vuln/detail/CVE-2021-33459) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33458](https://nvd.nist.gov/vuln/detail/CVE-2021-33458) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33457](https://nvd.nist.gov/vuln/detail/CVE-2021-33457) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33456](https://nvd.nist.gov/vuln/detail/CVE-2021-33456) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33455](https://nvd.nist.gov/vuln/detail/CVE-2021-33455) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-33454](https://nvd.nist.gov/vuln/detail/CVE-2021-33454) | yasm       | 5.5        | 1.3.0           | Issue is not fixed upstream. Other distributions have triaged the issue as minor or 'no security impact'.                                                                                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-26945](https://nvd.nist.gov/vuln/detail/CVE-2021-26945) | openexr    | 5.5        | 2.5.10          | Fix patch [link](https://github.com/AcademySoftwareFoundation/openexr/pull/930/commits/b73ec53bd24ba116d7bf48ebdc868301c596706e) modifies a file that is not available in openexr 2. Thus, the fix doesn't apply to 2.5.8.                                                                                                                                                                                                                                              |
+| [CVE-2021-26260](https://nvd.nist.gov/vuln/detail/CVE-2021-26260) | openexr    | 5.5        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d) which went to 2.5.5.                                                                                                                                                                                                                                                         |
+| [CVE-2021-23215](https://nvd.nist.gov/vuln/detail/CVE-2021-23215) | openexr    | 5.5        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d) which went to 2.5.5.                                                                                                                                                                                                                                                         |
+| [CVE-2021-20255](https://nvd.nist.gov/vuln/detail/CVE-2021-20255) | qemu       | 5.5        | 9.1.1           | Upstream patch not merged: [link](https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html). No point fixing this in nixpkgs as long as it is not fixed upstream.                                                                                                                                                                                                                                                                                            |
+| [CVE-2021-3605](https://nvd.nist.gov/vuln/detail/CVE-2021-3605)   | openexr    | 5.5        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7.                                                                                                                                                                                                                                                                                               |
+| [CVE-2021-3598](https://nvd.nist.gov/vuln/detail/CVE-2021-3598)   | openexr    | 5.5        | 2.5.10          | False positive to the NVD data issue. Fixed in openexr 2.5.8. Upstream fix PR [link](https://github.com/AcademySoftwareFoundation/openexr/pull/1040) which went to 2.5.7.                                                                                                                                                                                                                                                                                               |
+| [CVE-2019-20633](https://nvd.nist.gov/vuln/detail/CVE-2019-20633) | patch      | 5.5        | 2.7.6           | Upstream patch is not merged: [link](https://savannah.gnu.org/bugs/index.php?56683). Not sure why this isn't fixed upstream. No point fixing this in nixpkgs as long as it is not fixed upstream.                                                                                                                                                                                                                                                                       |
+| [CVE-2019-14562](https://nvd.nist.gov/vuln/detail/CVE-2019-14562) | edk2       | 5.5        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2018-18438](https://nvd.nist.gov/vuln/detail/CVE-2018-18438) | qemu       | 5.5        | 9.1.1           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-4493](https://nvd.nist.gov/vuln/detail/CVE-2016-4493)   | libiberty  | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-4491](https://nvd.nist.gov/vuln/detail/CVE-2016-4491)   | libiberty  | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-4490](https://nvd.nist.gov/vuln/detail/CVE-2016-4490)   | libiberty  | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-4489](https://nvd.nist.gov/vuln/detail/CVE-2016-4489)   | libiberty  | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-4488](https://nvd.nist.gov/vuln/detail/CVE-2016-4488)   | libiberty  | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-4487](https://nvd.nist.gov/vuln/detail/CVE-2016-4487)   | libiberty  | 5.5        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2015-7313](https://nvd.nist.gov/vuln/detail/CVE-2015-7313)   | libtiff    | 5.5        | 4.7.0           | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2022-36884](https://nvd.nist.gov/vuln/detail/CVE-2022-36884) | git        | 5.3        | 2.47.0          | Incorrect package: Impacts Jenkins git plugin, not git. Issue gets included to the report due to vulnix's design decision to avoid false negatives with the cost of false positives: [link](https://github.com/nix-community/vulnix/blob/f56f3ac857626171b95e51d98cb6874278f789d3/src/vulnix/vulnerability.py#L90-L96).                                                                                                                                                 |
+| [CVE-2020-16194](https://nvd.nist.gov/vuln/detail/CVE-2020-16194) | quote      | 5.3        | 1.0.37          | Incorrect package: Issue concerns prestashop product: [link](https://prestashop.com/), whereas, nixpkgs "quote" refers rust package 'quote': [link](https://docs.rs/quote/latest/quote/).                                                                                                                                                                                                                                                                               |
+| [CVE-2020-16194](https://nvd.nist.gov/vuln/detail/CVE-2020-16194) | quote      | 5.3        | 1.0.36          | Incorrect package: Issue concerns prestashop product: [link](https://prestashop.com/), whereas, nixpkgs "quote" refers rust package 'quote': [link](https://docs.rs/quote/latest/quote/).                                                                                                                                                                                                                                                                               |
+| [CVE-2020-16194](https://nvd.nist.gov/vuln/detail/CVE-2020-16194) | quote      | 5.3        | 1.0.35          | Incorrect package: Issue concerns prestashop product: [link](https://prestashop.com/), whereas, nixpkgs "quote" refers rust package 'quote': [link](https://docs.rs/quote/latest/quote/).                                                                                                                                                                                                                                                                               |
+| [CVE-2019-14553](https://nvd.nist.gov/vuln/detail/CVE-2019-14553) | edk2       | 4.9        | 202408.01       | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2016-4492](https://nvd.nist.gov/vuln/detail/CVE-2016-4492)   | libiberty  | 4.4        | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2023-31975](https://nvd.nist.gov/vuln/detail/CVE-2023-31975) | yasm       | 3.3        | 1.3.0           | Memory leak in CLI tool, no security impact.                                                                                                                                                                                                                                                                                                                                                                                                                            |
+| [CVE-2022-3219](https://nvd.nist.gov/vuln/detail/CVE-2022-3219)   | gnupg      | 3.3        | 2.4.5           | Fix patch is not accepted upstream: [link](https://dev.gnupg.org/D556).                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [GHSA-6898-wx94-8jq8](https://osv.dev/GHSA-6898-wx94-8jq8)        | libnotify  |            | 0.8.3           | Incorrect package: Issue refers node-libnotify [link](https://github.com/mytrile/node-libnotify), whereas nixpkgs refers gnome-libnotify [link](https://gitlab.gnome.org/GNOME/libnotify).                                                                                                                                                                                                                                                                              |
+| [OSV-2023-137](https://osv.dev/OSV-2023-137)                      | harfbuzz   |            | 10.0.1          | Based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56510#c2), the issue is fixed in range [link](https://github.com/harfbuzz/harfbuzz/compare/67e01c1292821e7b6fc2ab13acddb84ab41b2187...60841e26187576bff477c1a09ee2ffe544844abc) all of which have been merged in 7.1.0.                                                                                                                                                                           |
+| [MAL-2022-4301](https://osv.dev/MAL-2022-4301)                    | libidn2    |            | 2.3.7           | Incorrect package: Issue refers npm libidn2, whereas, nixpkgs refers libidn2 [link](https://gitlab.com/libidn/libidn2).                                                                                                                                                                                                                                                                                                                                                 |
+| [OSV-2021-820](https://osv.dev/OSV-2021-820)                      | qemu       |            | 9.1.1           | Fixed based on [link](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34831#c2).                                                                                                                                                                                                                                                                                                                                                                                  |
+| [OSV-2021-777](https://osv.dev/OSV-2021-777)                      | libxml2    |            | 2.13.4          | Fixed by [link](https://gitlab.gnome.org/GNOME/libxml2/-/commit/8f5ccada05ddd4a1ff8e399ad39fc7cd4bd33325), which went to 2.9.13. Therefore, this issue is fixed in 2.10.4.                                                                                                                                                                                                                                                                                              |
+| [CVE-2012-3509](https://nvd.nist.gov/vuln/detail/CVE-2012-3509)   | libiberty  |            | 13.3.0          | NVD data issue: CPE entry does not correctly state the version numbers.                                                                                                                                                                                                                                                                                                                                                                                                 |
+| [CVE-2010-4226](https://nvd.nist.gov/vuln/detail/CVE-2010-4226)   | cpio       |            | 2.15            | NVD data issue: concerns OpenSuSE, not cpio.                                                                                                                                                                                                                                                                                                                                                                                                                            |
 
 </details>