CVE-2025-58244 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 2 weeks, 2 days ago WordPress Constructo Theme <= 4.3.9 - Cross Site Request Forgery (CSRF) Vulnerability Cross-Site Request Forgery (CSRF) vulnerability in Anps Constructo allows Object Injection. This issue affects Constructo: from n/a through 4.3.9. Affected products constructo =<4.3.9 Matching in nixpkgs pkgs.akkuPackages.cyclone-iset-constructors nixos-25.05 ??? nixos-25.05-small 1.0.0 nixos-unstable 1.0.0 nixos-unstable-small 1.0.0 nixpkgs-unstable 1.0.0
pkgs.akkuPackages.cyclone-iset-constructors nixos-25.05 ??? nixos-25.05-small 1.0.0 nixos-unstable 1.0.0 nixos-unstable-small 1.0.0 nixpkgs-unstable 1.0.0
CVE-2025-9905 created 2 weeks, 2 days ago Arbitary Code execution in Keras load_model() The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special .h5 archive file that uses the Lambda layer feature of keras which allows arbitrary Python code in the form of pickled code. The vulnerability comes from the fact that the safe_mode=True option is not honored when reading .h5 archives. Note that the .h5/.hdf5 format is a legacy format supported by Keras 3 for backwards compatibility. Affected products keras =<3.11.2 Matching in nixpkgs pkgs.python311Packages.keras Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-unstable 3.7.0 nixos-unstable-small 3.7.0 nixpkgs-unstable 3.7.0 pkgs.python312Packages.keras Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-25.05 ??? nixos-25.05-small 3.9.2 nixos-unstable 3.10.0 nixos-unstable-small 3.11.1 nixpkgs-unstable 3.10.0 pkgs.python311Packages.tf-keras Deep learning for humans nixos-unstable 2.18.0 nixos-unstable-small 2.18.0 nixpkgs-unstable 2.18.0 pkgs.python312Packages.tf-keras Deep learning for humans nixos-25.05 ??? nixos-25.05-small 2.19.0 nixos-unstable 2.19.0 nixos-unstable-small 2.19.0 nixpkgs-unstable 2.19.0 pkgs.python311Packages.keras-applications Reference implementations of popular deep learning models nixos-unstable 1.0.8 nixos-unstable-small 1.0.8 nixpkgs-unstable 1.0.8 pkgs.python312Packages.keras-applications Reference implementations of popular deep learning models nixos-unstable 1.0.8 nixos-unstable-small 1.0.8 nixpkgs-unstable 1.0.8 pkgs.python312Packages.keras.x86_64-linux Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-unstable 3.7.0 pkgs.python311Packages.keras-preprocessing Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2 nixos-unstable-small 1.1.2 nixpkgs-unstable 1.1.2 pkgs.python312Packages.keras-preprocessing Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2 nixos-unstable-small 1.1.2 nixpkgs-unstable 1.1.2 pkgs.python312Packages.keras.aarch64-linux Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-unstable 3.7.0 pkgs.python312Packages.keras.aarch64-darwin Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-unstable 3.7.0 pkgs.python312Packages.tf-keras.x86_64-linux Deep learning for humans nixos-unstable 2.18.0 pkgs.python312Packages.tf-keras.aarch64-linux Deep learning for humans nixos-unstable 2.18.0 pkgs.python312Packages.tf-keras.aarch64-darwin Deep learning for humans nixos-unstable 2.18.0 pkgs.python312Packages.keras-applications.x86_64-linux Reference implementations of popular deep learning models nixos-unstable 1.0.8 pkgs.python312Packages.keras-applications.aarch64-linux Reference implementations of popular deep learning models nixos-unstable 1.0.8 pkgs.python312Packages.keras-applications.x86_64-darwin Reference implementations of popular deep learning models nixos-unstable 1.0.8 pkgs.python312Packages.keras-preprocessing.x86_64-linux Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2 pkgs.python312Packages.keras-applications.aarch64-darwin Reference implementations of popular deep learning models nixos-unstable 1.0.8 pkgs.python312Packages.keras-preprocessing.aarch64-linux Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2 pkgs.python312Packages.keras-preprocessing.x86_64-darwin Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2 pkgs.python312Packages.keras-preprocessing.aarch64-darwin Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2 Package maintainers: 1 @GaetanLepage Gaetan Lepage <gaetan@glepage.com>
pkgs.python311Packages.keras Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-unstable 3.7.0 nixos-unstable-small 3.7.0 nixpkgs-unstable 3.7.0
pkgs.python312Packages.keras Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-25.05 ??? nixos-25.05-small 3.9.2 nixos-unstable 3.10.0 nixos-unstable-small 3.11.1 nixpkgs-unstable 3.10.0
pkgs.python311Packages.tf-keras Deep learning for humans nixos-unstable 2.18.0 nixos-unstable-small 2.18.0 nixpkgs-unstable 2.18.0
pkgs.python312Packages.tf-keras Deep learning for humans nixos-25.05 ??? nixos-25.05-small 2.19.0 nixos-unstable 2.19.0 nixos-unstable-small 2.19.0 nixpkgs-unstable 2.19.0
pkgs.python311Packages.keras-applications Reference implementations of popular deep learning models nixos-unstable 1.0.8 nixos-unstable-small 1.0.8 nixpkgs-unstable 1.0.8
pkgs.python312Packages.keras-applications Reference implementations of popular deep learning models nixos-unstable 1.0.8 nixos-unstable-small 1.0.8 nixpkgs-unstable 1.0.8
pkgs.python312Packages.keras.x86_64-linux Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-unstable 3.7.0
pkgs.python311Packages.keras-preprocessing Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2 nixos-unstable-small 1.1.2 nixpkgs-unstable 1.1.2
pkgs.python312Packages.keras-preprocessing Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2 nixos-unstable-small 1.1.2 nixpkgs-unstable 1.1.2
pkgs.python312Packages.keras.aarch64-linux Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-unstable 3.7.0
pkgs.python312Packages.keras.aarch64-darwin Multi-backend implementation of the Keras API, with support for TensorFlow, JAX, and PyTorch nixos-unstable 3.7.0
pkgs.python312Packages.keras-applications.x86_64-linux Reference implementations of popular deep learning models nixos-unstable 1.0.8
pkgs.python312Packages.keras-applications.aarch64-linux Reference implementations of popular deep learning models nixos-unstable 1.0.8
pkgs.python312Packages.keras-applications.x86_64-darwin Reference implementations of popular deep learning models nixos-unstable 1.0.8
pkgs.python312Packages.keras-preprocessing.x86_64-linux Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2
pkgs.python312Packages.keras-applications.aarch64-darwin Reference implementations of popular deep learning models nixos-unstable 1.0.8
pkgs.python312Packages.keras-preprocessing.aarch64-linux Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2
pkgs.python312Packages.keras-preprocessing.x86_64-darwin Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2
pkgs.python312Packages.keras-preprocessing.aarch64-darwin Easy data preprocessing and data augmentation for deep learning models nixos-unstable 1.1.2
CVE-2025-8067 8.5 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): HIGH created 2 weeks, 2 days ago Udisks: out-of-bounds read in udisks daemon A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users. Affected products udisks udisks2 * Matching in nixpkgs pkgs.udisks Daemon, tools and libraries to access and manipulate disks, storage devices and technologies nixos-unstable 2.10.1 nixos-unstable-small 2.10.1 nixpkgs-unstable 2.10.1 pkgs.udisks2 Daemon, tools and libraries to access and manipulate disks, storage devices and technologies nixos-25.05 ??? nixos-25.05-small 2.10.1 nixos-unstable 2.10.1 nixos-unstable-small 2.10.1 nixpkgs-unstable 2.10.1 pkgs.deepin.udisks2-qt5 UDisks2 D-Bus interfaces binding for Qt5 nixos-25.05 ??? nixos-25.05-small qt5-5.0.6 nixos-unstable qt5-5.0.6 nixos-unstable-small qt5-5.0.6 nixpkgs-unstable qt5-5.0.6 Package maintainers: 3 @wineee Lu Hongxu <lhongxu@outlook.com> @jtojnar Jan Tojnar <jtojnar@gmail.com> @JohnAZoidberg Daniel Schäfer <git@danielschaefer.me>
pkgs.udisks Daemon, tools and libraries to access and manipulate disks, storage devices and technologies nixos-unstable 2.10.1 nixos-unstable-small 2.10.1 nixpkgs-unstable 2.10.1
pkgs.udisks2 Daemon, tools and libraries to access and manipulate disks, storage devices and technologies nixos-25.05 ??? nixos-25.05-small 2.10.1 nixos-unstable 2.10.1 nixos-unstable-small 2.10.1 nixpkgs-unstable 2.10.1
pkgs.deepin.udisks2-qt5 UDisks2 D-Bus interfaces binding for Qt5 nixos-25.05 ??? nixos-25.05-small qt5-5.0.6 nixos-unstable qt5-5.0.6 nixos-unstable-small qt5-5.0.6 nixpkgs-unstable qt5-5.0.6
CVE-2023-6484 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE created 4 months ago Keycloak: log injection during webauthn authentication or registration A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity. Affected products keycloak <22.0.9 <23.0.5 rh-sso7-keycloak * rhbk/keycloak-rhel9 * keycloak-rhel9-container rh-sso-7/sso7-rhel8-operator * rhbk/keycloak-rhel9-operator * rhbk/keycloak-operator-bundle * rh-sso-7/sso76-openshift-rhel8 * keycloak-rhel9-operator-container rh-sso-7/sso7-rhel8-init-container * rh-sso-7/sso7-rhel8-operator-bundle * keycloak-rhel9-operator-bundle-container Matching in nixpkgs pkgs.keycloak Identity and access management for modern applications and services nixos-25.05 ??? nixos-25.05-small 26.1.4 nixos-unstable 26.3.1 nixos-unstable-small 26.1.4 nixpkgs-unstable 26.1.4 pkgs.terraform-providers.keycloak nixos-25.05 ??? nixos-25.05-small 5.2.0 nixos-unstable 5.2.0 nixos-unstable-small 5.3.0 nixpkgs-unstable 5.4.0 pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python313Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak.x86_64-linux Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.aarch64-linux Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.x86_64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.aarch64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0 Package maintainers: 4 @leona-ya Leona Maroni <nix@leona.is> @NickCao Nick Cao <nickcao@nichi.co> @talyz Kim Lindberger <kim.lindberger@gmail.com> @ngerstle Nicholas Gerstle <ngerstle@gmail.com>
pkgs.keycloak Identity and access management for modern applications and services nixos-25.05 ??? nixos-25.05-small 26.1.4 nixos-unstable 26.3.1 nixos-unstable-small 26.1.4 nixpkgs-unstable 26.1.4
pkgs.terraform-providers.keycloak nixos-25.05 ??? nixos-25.05-small 5.2.0 nixos-unstable 5.2.0 nixos-unstable-small 5.3.0 nixpkgs-unstable 5.4.0
pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python313Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak.x86_64-linux Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.aarch64-linux Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.x86_64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.aarch64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0
CVE-2024-5967 2.7 LOW CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): NONE created 4 months ago Keycloak: leak of configured ldap bind credentials through the keycloak admin console A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection URL") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who has compromised the admin console or compromised a user with sufficient privileges can leak domain credentials and attack the domain. Affected products keycloak <25.0.1 <24.0.6 <22.0.12 keycloak-core rh-sso7-keycloak * rhbk/keycloak-rhel9 * rhbk/keycloak-rhel9-operator * rhbk/keycloak-operator-bundle * rh-sso-7/sso76-openshift-rhel8 * Matching in nixpkgs pkgs.keycloak Identity and access management for modern applications and services nixos-25.05 ??? nixos-25.05-small 26.1.4 nixos-unstable 26.3.1 nixos-unstable-small 26.1.4 nixpkgs-unstable 26.1.4 pkgs.terraform-providers.keycloak nixos-25.05 ??? nixos-25.05-small 5.2.0 nixos-unstable 5.2.0 nixos-unstable-small 5.3.0 nixpkgs-unstable 5.4.0 pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python313Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak.x86_64-linux Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.aarch64-linux Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.x86_64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.aarch64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0 Package maintainers: 4 @leona-ya Leona Maroni <nix@leona.is> @NickCao Nick Cao <nickcao@nichi.co> @talyz Kim Lindberger <kim.lindberger@gmail.com> @ngerstle Nicholas Gerstle <ngerstle@gmail.com>
pkgs.keycloak Identity and access management for modern applications and services nixos-25.05 ??? nixos-25.05-small 26.1.4 nixos-unstable 26.3.1 nixos-unstable-small 26.1.4 nixpkgs-unstable 26.1.4
pkgs.terraform-providers.keycloak nixos-25.05 ??? nixos-25.05-small 5.2.0 nixos-unstable 5.2.0 nixos-unstable-small 5.3.0 nixpkgs-unstable 5.4.0
pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python313Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak.x86_64-linux Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.aarch64-linux Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.x86_64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.aarch64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0
CVE-2024-4540 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 4 months ago Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request, possibly leading to an information disclosure vulnerability. Affected products keycloak * keycloak-core rh-sso7-keycloak * rhbk/keycloak-rhel9 * rhbk/keycloak-rhel9-operator * rhbk/keycloak-operator-bundle * rh-sso-7/sso76-openshift-rhel8 * Matching in nixpkgs pkgs.keycloak Identity and access management for modern applications and services nixos-25.05 ??? nixos-25.05-small 26.1.4 nixos-unstable 26.3.1 nixos-unstable-small 26.1.4 nixpkgs-unstable 26.1.4 pkgs.terraform-providers.keycloak nixos-25.05 ??? nixos-25.05-small 5.2.0 nixos-unstable 5.2.0 nixos-unstable-small 5.3.0 nixpkgs-unstable 5.2.0 pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python313Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak.x86_64-linux Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.aarch64-linux Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.x86_64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.aarch64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0 Package maintainers: 4 @leona-ya Leona Maroni <nix@leona.is> @NickCao Nick Cao <nickcao@nichi.co> @talyz Kim Lindberger <kim.lindberger@gmail.com> @ngerstle Nicholas Gerstle <ngerstle@gmail.com>
pkgs.keycloak Identity and access management for modern applications and services nixos-25.05 ??? nixos-25.05-small 26.1.4 nixos-unstable 26.3.1 nixos-unstable-small 26.1.4 nixpkgs-unstable 26.1.4
pkgs.terraform-providers.keycloak nixos-25.05 ??? nixos-25.05-small 5.2.0 nixos-unstable 5.2.0 nixos-unstable-small 5.3.0 nixpkgs-unstable 5.2.0
pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python313Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak.x86_64-linux Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.aarch64-linux Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.x86_64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.aarch64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0
CVE-2023-46848 8.6 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Squid: denial of service in ftp Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. Affected products squid <6.4 * squid:4/squid Matching in nixpkgs pkgs.squid Caching proxy for the Web supporting HTTP, HTTPS, FTP, and more nixos-25.05 ??? nixos-25.05-small 7.0.1 nixos-unstable 7.0.1 nixos-unstable-small 7.0.1 nixpkgs-unstable 7.0.1 pkgs.prometheus-squid-exporter Squid Prometheus exporter nixos-25.05 ??? nixos-25.05-small 1.13.0 nixos-unstable 1.13.0 nixos-unstable-small 1.13.0 nixpkgs-unstable 1.13.0 pkgs.python311Packages.flyingsquid More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0 nixos-unstable-small 0.0.0a0 nixpkgs-unstable 0.0.0a0 pkgs.python312Packages.flyingsquid More interactive weak supervision with FlyingSquid nixos-25.05 ??? nixos-25.05-small 0.0.0a0 nixos-unstable 0.0.0a0 nixos-unstable-small 0.0.0a0 nixpkgs-unstable 0.0.0a0 pkgs.python313Packages.flyingsquid More interactive weak supervision with FlyingSquid nixos-25.05 ??? nixos-25.05-small 0.0.0a0 nixos-unstable 0.0.0a0 nixos-unstable-small 0.0.0a0 nixpkgs-unstable 0.0.0a0 pkgs.python312Packages.flyingsquid.x86_64-linux More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0 pkgs.python312Packages.flyingsquid.aarch64-linux More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0 pkgs.python312Packages.flyingsquid.x86_64-darwin More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0 pkgs.python312Packages.flyingsquid.aarch64-darwin More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0 Package maintainers: 3 @happysalada Raphael Megzari <raphael@megzari.com> @srhb Sarah Brofeldt <sbrofeldt@gmail.com> @7c6f434c Michael Raskin <7c6f434c@mail.ru>
pkgs.squid Caching proxy for the Web supporting HTTP, HTTPS, FTP, and more nixos-25.05 ??? nixos-25.05-small 7.0.1 nixos-unstable 7.0.1 nixos-unstable-small 7.0.1 nixpkgs-unstable 7.0.1
pkgs.prometheus-squid-exporter Squid Prometheus exporter nixos-25.05 ??? nixos-25.05-small 1.13.0 nixos-unstable 1.13.0 nixos-unstable-small 1.13.0 nixpkgs-unstable 1.13.0
pkgs.python311Packages.flyingsquid More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0 nixos-unstable-small 0.0.0a0 nixpkgs-unstable 0.0.0a0
pkgs.python312Packages.flyingsquid More interactive weak supervision with FlyingSquid nixos-25.05 ??? nixos-25.05-small 0.0.0a0 nixos-unstable 0.0.0a0 nixos-unstable-small 0.0.0a0 nixpkgs-unstable 0.0.0a0
pkgs.python313Packages.flyingsquid More interactive weak supervision with FlyingSquid nixos-25.05 ??? nixos-25.05-small 0.0.0a0 nixos-unstable 0.0.0a0 nixos-unstable-small 0.0.0a0 nixpkgs-unstable 0.0.0a0
pkgs.python312Packages.flyingsquid.x86_64-linux More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0
pkgs.python312Packages.flyingsquid.aarch64-linux More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0
pkgs.python312Packages.flyingsquid.x86_64-darwin More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0
pkgs.python312Packages.flyingsquid.aarch64-darwin More interactive weak supervision with FlyingSquid nixos-unstable 0.0.0a0
CVE-2025-8283 3.7 LOW CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): NONE updated 4 months, 2 weeks ago by @fricklerhandwerk Activity log Created automatic suggestion 4 months, 2 weeks ago @fricklerhandwerk removed maintainer @vdemeester 4 months, 2 weeks ago Netavark: podman: netavark may resolve hostnames to unexpected hosts A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers. Affected products rhcos netavark <1.15.1 container-tools:rhel8/netavark container-tools:rhel8/containers-common Matching in nixpkgs pkgs.netavark Rust based network stack for containers nixos-25.05 ??? nixos-25.05-small 1.14.1 nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.15.0 Package maintainers: 1 @saschagrunert Sascha Grunert <mail@saschagrunert.de>
pkgs.netavark Rust based network stack for containers nixos-25.05 ??? nixos-25.05-small 1.14.1 nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.15.0
CVE-2025-3910 5.4 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE created 4 months, 2 weeks ago Org.keycloak.authentication: two factor authentication bypass A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication. Affected products keycloak <25.* <26.2.2 <26.0.11 <26.1.* rhbk/keycloak-rhel9 * keycloak-rhel9-container * org.keycloak.authentication rhbk/keycloak-rhel9-operator * rhbk/keycloak-operator-bundle * keycloak-rhel9-operator-container * keycloak-rhel9-operator-bundle-container * Matching in nixpkgs pkgs.keycloak Identity and access management for modern applications and services nixos-25.05 ??? nixos-25.05-small 26.2.5 nixos-unstable 26.0.6 nixos-unstable-small 26.1.4 nixpkgs-unstable 26.1.4 pkgs.terraform-providers.keycloak nixos-25.05 ??? nixos-25.05-small 5.2.0 nixos-unstable 5.2.0 nixos-unstable-small 5.2.0 nixpkgs-unstable 4.4.0 pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python313Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak.x86_64-linux Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.aarch64-linux Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.x86_64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0 pkgs.python312Packages.python-keycloak.aarch64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0 Package maintainers: 3 @talyz Kim Lindberger <kim.lindberger@gmail.com> @NickCao Nick Cao <nickcao@nichi.co> @ngerstle Nicholas Gerstle <ngerstle@gmail.com>
pkgs.keycloak Identity and access management for modern applications and services nixos-25.05 ??? nixos-25.05-small 26.2.5 nixos-unstable 26.0.6 nixos-unstable-small 26.1.4 nixpkgs-unstable 26.1.4
pkgs.terraform-providers.keycloak nixos-25.05 ??? nixos-25.05-small 5.2.0 nixos-unstable 5.2.0 nixos-unstable-small 5.2.0 nixpkgs-unstable 4.4.0
pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python313Packages.python-keycloak Provides access to the Keycloak API nixos-25.05 ??? nixos-25.05-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak.x86_64-linux Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.aarch64-linux Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.x86_64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0
pkgs.python312Packages.python-keycloak.aarch64-darwin Provides access to the Keycloak API nixos-unstable 4.0.0
CVE-2023-5871 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): LOW created 4 months, 2 weeks ago Libnbd: malicious nbd server may crash libnbd A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service. Affected products libnbd * virt:rhel/libnbd Matching in nixpkgs pkgs.libnbd Network Block Device client library in userspace nixos-25.05 ??? nixos-25.05-small 1.22.1 nixos-unstable 1.20.2 nixos-unstable-small 1.22.1 nixpkgs-unstable 1.20.2 pkgs.libnbd.x86_64-linux Network Block Device client library in userspace nixos-unstable ??? nixos-unstable-small 1.20.2 pkgs.libnbd.aarch64-linux Network Block Device client library in userspace nixos-unstable ??? nixos-unstable-small 1.20.2 pkgs.python311Packages.libnbd Network Block Device client library in userspace nixos-unstable 1.20.2 nixos-unstable-small 1.20.2 nixpkgs-unstable 1.20.2 pkgs.python312Packages.libnbd Network Block Device client library in userspace nixos-25.05 ??? nixos-25.05-small 1.22.1 nixos-unstable 1.22.1 nixos-unstable-small 1.22.1 nixpkgs-unstable 1.22.1 pkgs.python313Packages.libnbd Network Block Device client library in userspace nixos-25.05 ??? nixos-25.05-small 1.22.1 nixos-unstable 1.22.1 nixos-unstable-small 1.22.1 nixpkgs-unstable 1.22.1 pkgs.python312Packages.libnbd.x86_64-linux Network Block Device client library in userspace nixos-unstable 1.20.2 pkgs.python312Packages.libnbd.aarch64-linux Network Block Device client library in userspace nixos-unstable 1.20.2 Package maintainers: 1 @akshatagarwl Akshat Agarwal <humancalico@disroot.org>
pkgs.libnbd Network Block Device client library in userspace nixos-25.05 ??? nixos-25.05-small 1.22.1 nixos-unstable 1.20.2 nixos-unstable-small 1.22.1 nixpkgs-unstable 1.20.2
pkgs.libnbd.x86_64-linux Network Block Device client library in userspace nixos-unstable ??? nixos-unstable-small 1.20.2
pkgs.libnbd.aarch64-linux Network Block Device client library in userspace nixos-unstable ??? nixos-unstable-small 1.20.2
pkgs.python311Packages.libnbd Network Block Device client library in userspace nixos-unstable 1.20.2 nixos-unstable-small 1.20.2 nixpkgs-unstable 1.20.2
pkgs.python312Packages.libnbd Network Block Device client library in userspace nixos-25.05 ??? nixos-25.05-small 1.22.1 nixos-unstable 1.22.1 nixos-unstable-small 1.22.1 nixpkgs-unstable 1.22.1
pkgs.python313Packages.libnbd Network Block Device client library in userspace nixos-25.05 ??? nixos-25.05-small 1.22.1 nixos-unstable 1.22.1 nixos-unstable-small 1.22.1 nixpkgs-unstable 1.22.1
pkgs.python312Packages.libnbd.x86_64-linux Network Block Device client library in userspace nixos-unstable 1.20.2
pkgs.python312Packages.libnbd.aarch64-linux Network Block Device client library in userspace nixos-unstable 1.20.2