Nixpkgs Security Tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2025-49177
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 6 months ago
Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: data leak in xfixes extension's xfixessetclientdisconnectmode

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

Affected products

tigervnc
xwayland
  • <24.1.7
xorg-x11-server
  • *
xorg-x11-server-Xwayland
  • *

Matching in nixpkgs

CVE-2023-6004
4.8 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 6 months ago
Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.

Affected products

libssh
  • *

Matching in nixpkgs

pkgs.libssh.x86_64-linux

SSH client library

pkgs.libssh.aarch64-linux

SSH client library

pkgs.libssh.x86_64-darwin

SSH client library

pkgs.libssh2.x86_64-linux

Client-side C library implementing the SSH2 protocol

pkgs.libssh.aarch64-darwin

SSH client library

pkgs.libssh2.aarch64-linux

Client-side C library implementing the SSH2 protocol

pkgs.libssh2.x86_64-darwin

Client-side C library implementing the SSH2 protocol

pkgs.libssh2.aarch64-darwin

Client-side C library implementing the SSH2 protocol

pkgs.haskellPackages.libssh2

FFI bindings to libssh2 SSH2 client library (http://libssh2.org/)

pkgs.haskellPackages.libssh2-conduit

Conduit wrappers for libssh2 FFI bindings (see libssh2 package)

pkgs.python311Packages.ansible-pylibssh

Python bindings to client functionality of libssh specific to Ansible use case

pkgs.python312Packages.ansible-pylibssh

Python bindings to client functionality of libssh specific to Ansible use case

pkgs.python313Packages.ansible-pylibssh

Python bindings to client functionality of libssh specific to Ansible use case

pkgs.haskellPackages.libssh.x86_64-linux

libssh bindings

pkgs.haskellPackages.libssh.aarch64-linux

libssh bindings

pkgs.haskellPackages.libssh.x86_64-darwin

libssh bindings

pkgs.haskellPackages.libssh2.x86_64-linux

FFI bindings to libssh2 SSH2 client library (http://libssh2.org/)

pkgs.haskellPackages.libssh.aarch64-darwin

libssh bindings

pkgs.haskellPackages.libssh2.aarch64-linux

FFI bindings to libssh2 SSH2 client library (http://libssh2.org/)

pkgs.haskellPackages.libssh2.x86_64-darwin

FFI bindings to libssh2 SSH2 client library (http://libssh2.org/)

pkgs.haskellPackages.libssh2.aarch64-darwin

FFI bindings to libssh2 SSH2 client library (http://libssh2.org/)

pkgs.haskellPackages.libssh2-conduit.x86_64-linux

Conduit wrappers for libssh2 FFI bindings (see libssh2 package)

pkgs.haskellPackages.libssh2-conduit.aarch64-linux

Conduit wrappers for libssh2 FFI bindings (see libssh2 package)

pkgs.haskellPackages.libssh2-conduit.x86_64-darwin

Conduit wrappers for libssh2 FFI bindings (see libssh2 package)

pkgs.haskellPackages.libssh2-conduit.aarch64-darwin

Conduit wrappers for libssh2 FFI bindings (see libssh2 package)

pkgs.tests.pkg-config.defaultPkgConfigPackages.libssh2

Test whether libssh2-1.11.1 exposes pkg-config modules libssh2

Package maintainers: 3

CVE-2025-24761
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
WordPress DSK <= 2.2 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme DSK allows PHP Local File Inclusion. This issue affects DSK: from n/a through 2.2.

Affected products

dsk
  • =<2.2

Matching in nixpkgs

pkgs.idsk

Manipulating CPC dsk images and files

pkgs.robotfindskitten.x86_64-linux

Yet another zen simulation; A simple find-the-kitten game

pkgs.robotfindskitten.aarch64-linux

Yet another zen simulation; A simple find-the-kitten game

pkgs.robotfindskitten.x86_64-darwin

Yet another zen simulation; A simple find-the-kitten game

pkgs.robotfindskitten.aarch64-darwin

Yet another zen simulation; A simple find-the-kitten game

pkgs.python311Packages.pmdsky-debug-py

Autogenerated and statically check-able pmdsky-debug symbol definitions for Python

pkgs.python312Packages.pmdsky-debug-py

Autogenerated and statically check-able pmdsky-debug symbol definitions for Python

pkgs.python313Packages.pmdsky-debug-py

Autogenerated and statically check-able pmdsky-debug symbol definitions for Python

pkgs.python312Packages.pmdsky-debug-py.x86_64-linux

Autogenerated and statically check-able pmdsky-debug symbol definitions for Python

pkgs.python312Packages.pmdsky-debug-py.aarch64-linux

Autogenerated and statically check-able pmdsky-debug symbol definitions for Python

pkgs.python312Packages.pmdsky-debug-py.x86_64-darwin

Autogenerated and statically check-able pmdsky-debug symbol definitions for Python

pkgs.python312Packages.pmdsky-debug-py.aarch64-darwin

Autogenerated and statically check-able pmdsky-debug symbol definitions for Python

Package maintainers: 3

CVE-2022-45083
6.6 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 6 months ago
WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress: from n/a through 4.3.2.

Affected products

wp-user-avatar
  • =<4.3.2

Matching in nixpkgs

CVE-2025-49254
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
WordPress Nika <= 1.2.8 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika allows PHP Local File Inclusion. This issue affects Nika: from n/a through 1.2.8.

Affected products

nika
  • =<1.2.8

Matching in nixpkgs

pkgs.python311Packages.minikanren

Relational programming in Python

pkgs.python312Packages.minikanren

Relational programming in Python

pkgs.python313Packages.minikanren

Relational programming in Python

pkgs.python312Packages.minikanren.x86_64-linux

Relational programming in Python

pkgs.python312Packages.minikanren.aarch64-linux

Relational programming in Python

pkgs.python312Packages.minikanren.x86_64-darwin

Relational programming in Python

pkgs.python312Packages.minikanren.aarch64-darwin

Relational programming in Python

Package maintainers: 1

CVE-2025-49180
6.1 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months ago
Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension

A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate.

Affected products

tigervnc
  • *
xwayland
  • <24.1.7
xorg-x11-server
  • *
xorg-x11-server-Xwayland
  • *

Matching in nixpkgs

CVE-2025-49253
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
WordPress Lasa <= 1.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Lasa allows PHP Local File Inclusion. This issue affects Lasa: from n/a through 1.1.

Affected products

lasa
  • =<1.1

Matching in nixpkgs

pkgs.gnomeExtensions.glasa

This extension puts adds an indicator to the top panel whose icon continuously renders two comic-like eyes that follow the mouse cursor.

  • nixos-unstable 14
    • nixos-unstable-small 14
    • nixpkgs-unstable 14

pkgs.typstPackages.lasagna_0_1_0

Add layers, toggle them using tags easily

pkgs.typstPackages.lasaveur_0_1_3

Porting vim-latex's math shorthands to Typst. An accommendating vim syntax file is provided in the repo

pkgs.typstPackages.lasaveur_0_1_4

Porting vim-latex's math shorthands to Typst. An accommendating vim syntax file is provided in the repo

Package maintainers: 2

CVE-2025-31919
9.8 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
WordPress Spare <= 1.7 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7.

Affected products

spare
  • =<1.7

Matching in nixpkgs

pkgs.asciiquarium-transparent

Aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.gnomeExtensions.transparent-top-bar

Bring back the transparent top bar when free-floating in GNOME Shell 3.32.

pkgs.vimPlugins.transparent-nvim.x86_64-linux

pkgs.gnomeExtensions.transparent-window-moving

Makes the window semi-transparent when moving or resizing

pkgs.vimPlugins.transparent-nvim.aarch64-linux

pkgs.vimPlugins.transparent-nvim.x86_64-darwin

pkgs.vimPlugins.transparent-nvim.aarch64-darwin

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency

Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar

Package maintainers: 4

CVE-2024-0408
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months ago
Xorg-x11-server: selinux unlabeled glx pbuffer

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.

Affected products

tigervnc
xorg-server
  • <21.1.11
xorg-x11-server
  • *
xorg-x11-server-Xwayland
  • *

Matching in nixpkgs

CVE-2025-49175
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months ago
Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.

Affected products

tigervnc
  • *
xwayland
  • <24.1.8
xorg-x11-server
  • *
xorg-x11-server-Xwayland
  • *

Matching in nixpkgs