Nixpkgs Security Tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Details of issue NIXPKGS-2025-0021

affected

created on 29 Oct 2025

NIXPKGS-2025-0021

Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.

Vulnerabilities

CVE-2023-46847

Related packages

pkgs.squid

Caching proxy for the Web supporting HTTP, HTTPS, FTP, and more

nixos-25.05 ???
- nixos-25.05-small 7.0.1
nixos-unstable 7.0.1
- nixos-unstable-small 7.0.1
- nixpkgs-unstable 7.0.1

pkgs.prometheus-squid-exporter

Squid Prometheus exporter

nixos-25.05 ???
- nixos-25.05-small 1.13.0
nixos-unstable 1.13.0
- nixos-unstable-small 1.13.0
- nixpkgs-unstable 1.13.0

pkgs.python311Packages.flyingsquid

More interactive weak supervision with FlyingSquid

nixos-unstable 0.0.0a0
- nixos-unstable-small 0.0.0a0
- nixpkgs-unstable 0.0.0a0

pkgs.python312Packages.flyingsquid

More interactive weak supervision with FlyingSquid

nixos-25.05 ???
- nixos-25.05-small 0.0.0a0
nixos-unstable 0.0.0a0
- nixos-unstable-small 0.0.0a0
- nixpkgs-unstable 0.0.0a0

pkgs.python313Packages.flyingsquid

More interactive weak supervision with FlyingSquid

nixos-25.05 ???
- nixos-25.05-small 0.0.0a0
nixos-unstable 0.0.0a0
- nixos-unstable-small 0.0.0a0
- nixpkgs-unstable 0.0.0a0

pkgs.python312Packages.flyingsquid.x86_64-linux

More interactive weak supervision with FlyingSquid

nixos-unstable 0.0.0a0

pkgs.python312Packages.flyingsquid.aarch64-linux

More interactive weak supervision with FlyingSquid

nixos-unstable 0.0.0a0

pkgs.python312Packages.flyingsquid.x86_64-darwin

More interactive weak supervision with FlyingSquid

nixos-unstable 0.0.0a0

pkgs.python312Packages.flyingsquid.aarch64-darwin

More interactive weak supervision with FlyingSquid

nixos-unstable 0.0.0a0