nix-security-tracker icon indicating copy to clipboard operation
nix-security-tracker copied to clipboard

Published 20 hours ago verified publisher icon Nix-Security-WG

False positive: CVE-2015-1773 in flex

Open raboof opened this issue 1 year ago • 0 comments

The package is https://github.com/westes/flex , but the advisory is for https://flex.apache.org/ (cpe cpe:2.3:a:apache:flex:*:*:*:*:*:*:*:*)

Here, looking at the pname seems insufficient to reliably match the package.

Possible solution: #136

raboof avatar Dec 15 '23 11:12 raboof