Nixpkgs Security Tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Details of issue NIXPKGS-2025-0019

affected

created on 26 Sep 2025

NIXPKGS-2025-0019

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.

Vulnerabilities

CVE-2023-4727

Related packages

pkgs.keycloak

Identity and access management for modern applications and services

nixos-25.05 ???
- nixos-25.05-small 26.2.5
nixos-unstable 26.0.6
- nixos-unstable-small 26.1.4
- nixpkgs-unstable 26.3.1

pkgs.terraform-providers.keycloak

nixos-25.05 ???
- nixos-25.05-small 5.2.0
nixos-unstable 5.2.0
- nixos-unstable-small 5.3.0
- nixpkgs-unstable 4.4.0

pkgs.python311Packages.python-keycloak

Provides access to the Keycloak API

nixos-unstable 4.0.0
- nixos-unstable-small 4.0.0
- nixpkgs-unstable 4.0.0

pkgs.python312Packages.python-keycloak

Provides access to the Keycloak API

nixos-25.05 ???
- nixos-25.05-small 4.0.0
nixos-unstable 4.0.0
- nixos-unstable-small 4.0.0
- nixpkgs-unstable 4.0.0

pkgs.python313Packages.python-keycloak

Provides access to the Keycloak API

nixos-25.05 ???
- nixos-25.05-small 4.0.0
nixos-unstable 4.0.0
- nixos-unstable-small 4.0.0
- nixpkgs-unstable 4.0.0

pkgs.python312Packages.python-keycloak.x86_64-linux

Provides access to the Keycloak API

nixos-unstable 4.0.0

pkgs.python312Packages.python-keycloak.aarch64-linux

Provides access to the Keycloak API

nixos-unstable 4.0.0

pkgs.python312Packages.python-keycloak.x86_64-darwin

Provides access to the Keycloak API

nixos-unstable 4.0.0

pkgs.python312Packages.python-keycloak.aarch64-darwin

Provides access to the Keycloak API

nixos-unstable 4.0.0