Nixpkgs Security Tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2024-28835
5.0 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months, 3 weeks ago
Gnutls: potential crash during chain building/verification

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

Affected products

gnutls
  • ==3.8.3
  • *

Matching in nixpkgs

pkgs.python312Packages.python3-gnutls.x86_64-linux

Python wrapper for the GnuTLS library

pkgs.python312Packages.python3-gnutls.aarch64-linux

Python wrapper for the GnuTLS library

pkgs.python312Packages.python3-gnutls.x86_64-darwin

Python wrapper for the GnuTLS library

pkgs.python312Packages.python3-gnutls.aarch64-darwin

Python wrapper for the GnuTLS library

Package maintainers: 3

CVE-2025-30193
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months, 4 weeks ago
Denial of service via crafted TCP exchange

In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention.

Affected products

dnsdist
  • ==1.9.10

Matching in nixpkgs

Package maintainers: 1

CVE-2025-26867
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 6 months, 4 weeks ago
WordPress Bulk theme <= 1.0.11 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themes4WP Bulk allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bulk: from n/a through 1.0.11.

Affected products

bulk
  • =<1.0.11

Matching in nixpkgs

pkgs.bulky

Bulk rename app

pkgs.bulk_extractor

Digital forensics tool for extracting information from file systems

pkgs.python311Packages.rebulk

Advanced string matching from simple patterns

pkgs.python312Packages.rebulk

Advanced string matching from simple patterns

pkgs.python313Packages.rebulk

Advanced string matching from simple patterns

pkgs.python312Packages.rebulk.x86_64-linux

Advanced string matching from simple patterns

pkgs.python312Packages.rebulk.aarch64-linux

Advanced string matching from simple patterns

pkgs.python312Packages.rebulk.x86_64-darwin

Advanced string matching from simple patterns

pkgs.python312Packages.rebulk.aarch64-darwin

Advanced string matching from simple patterns

Package maintainers: 3

CVE-2025-31027
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 6 months, 4 weeks ago
WordPress Tiger theme <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jocoxdesign Tiger tiger allows Reflected XSS.This issue affects Tiger: from n/a through 2.0.

Affected products

tiger
  • =<2.0

Matching in nixpkgs

pkgs.libtiger

Rendering library for Kate streams using Pango and Cairo

pkgs.tigerjython

Simple development environment for programming in Python

pkgs.libtiger.x86_64-linux

Rendering library for Kate streams using Pango and Cairo

pkgs.libtiger.aarch64-linux

Rendering library for Kate streams using Pango and Cairo

pkgs.libtiger.x86_64-darwin

Rendering library for Kate streams using Pango and Cairo

pkgs.libtiger.aarch64-darwin

Rendering library for Kate streams using Pango and Cairo

pkgs.chickenPackages_5.chickenEggs.tiger-hash

Tiger/192 Message Digest

pkgs.vimPlugins.nvim-treesitter-parsers.tiger

  • nixos-25.05 ???
    • nixos-25.05-small
  • nixos-unstable ???
    • nixos-unstable-small
    • nixpkgs-unstable

pkgs.python312Packages.tree-sitter-grammars.tree-sitter-tiger

Python bindings for tree-sitter-tiger

pkgs.python313Packages.tree-sitter-grammars.tree-sitter-tiger

Python bindings for tree-sitter-tiger

Package maintainers: 8

CVE-2025-23988
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 6 months, 4 weeks ago
WordPress ghostwriter theme <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruno Cavalcante Ghostwriter allows Reflected XSS.This issue affects Ghostwriter: from n/a through 1.4.

Affected products

ghostwriter
  • =<1.4

Matching in nixpkgs

pkgs.libsForQt5.ghostwriter

Cross-platform, aesthetic, distraction-free Markdown editor

pkgs.plasma5Packages.ghostwriter

Cross-platform, aesthetic, distraction-free Markdown editor

pkgs.libsForQt5.ghostwriter.x86_64-linux

Cross-platform, aesthetic, distraction-free Markdown editor

pkgs.libsForQt5.ghostwriter.aarch64-linux

Cross-platform, aesthetic, distraction-free Markdown editor

pkgs.plasma5Packages.ghostwriter.x86_64-linux

Cross-platform, aesthetic, distraction-free Markdown editor

pkgs.plasma5Packages.ghostwriter.aarch64-linux

Cross-platform, aesthetic, distraction-free Markdown editor

CVE-2025-26735
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months, 4 weeks ago
WordPress Grip theme <= 1.0.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Candid themes Grip.This issue affects Grip: from n/a through 1.0.9.

Affected products

grip
  • =<1.0.9

Matching in nixpkgs

pkgs.go-grip

Preview Markdown files locally before committing them

pkgs.grip-grab

Fast, more lightweight ripgrep alternative for daily use cases

pkgs.grip-search

Fast, indexed regexp search over large file trees

pkgs.python311Packages.grip

Preview GitHub Markdown files like Readme locally before committing them

pkgs.python312Packages.grip

Preview GitHub Markdown files like Readme locally before committing them

pkgs.python313Packages.grip

Preview GitHub Markdown files like Readme locally before committing them

pkgs.regripper.x86_64-linux

Open source forensic software used as a Windows Registry data extraction command line

pkgs.regripper.aarch64-linux

Open source forensic software used as a Windows Registry data extraction command line

pkgs.regripper.x86_64-darwin

Open source forensic software used as a Windows Registry data extraction command line

pkgs.regripper.aarch64-darwin

Open source forensic software used as a Windows Registry data extraction command line

pkgs.python312Packages.grip.x86_64-linux

Preview GitHub Markdown files like Readme locally before committing them

pkgs.python312Packages.grip.aarch64-linux

Preview GitHub Markdown files like Readme locally before committing them

pkgs.python312Packages.grip.x86_64-darwin

Preview GitHub Markdown files like Readme locally before committing them

pkgs.python312Packages.grip.aarch64-darwin

Preview GitHub Markdown files like Readme locally before committing them

CVE-2025-4945
3.7 LOW
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 6 months, 4 weeks ago
Libsoup: integer overflow in cookie expiration date handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines.

Affected products

libsoup
  • *
  • =<3.6.5
libsoup3
  • *

Matching in nixpkgs

pkgs.libsoup_3.x86_64-linux

HTTP client/server library for GNOME

pkgs.libsoup_3.aarch64-linux

HTTP client/server library for GNOME

pkgs.libsoup_3.x86_64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_2_4.x86_64-linux

HTTP client/server library for GNOME

pkgs.libsoup_3.aarch64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_2_4.aarch64-linux

HTTP client/server library for GNOME

pkgs.libsoup_2_4.x86_64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_2_4.aarch64-darwin

HTTP client/server library for GNOME

pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4"

Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4

Package maintainers: 6

CVE-2025-4948
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months, 4 weeks ago
Libsoup: integer underflow in soup_multipart_new_from_message() leading to denial of service in libsoup

A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal calculation can go wrong, leading to an integer underflow. This can cause the program to access invalid memory and crash. As a result, any application or server using libsoup could be forced to exit unexpectedly, creating a denial-of-service (DoS) risk.

Affected products

libsoup
  • *
  • =<3.6.5
libsoup3
  • *

Matching in nixpkgs

pkgs.libsoup_3.x86_64-linux

HTTP client/server library for GNOME

pkgs.libsoup_3.aarch64-linux

HTTP client/server library for GNOME

pkgs.libsoup_3.x86_64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_2_4.x86_64-linux

HTTP client/server library for GNOME

pkgs.libsoup_3.aarch64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_2_4.aarch64-linux

HTTP client/server library for GNOME

pkgs.libsoup_2_4.x86_64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_2_4.aarch64-darwin

HTTP client/server library for GNOME

pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4"

Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4

Package maintainers: 6

CVE-2025-31063
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 7 months ago
WordPress Wishlist <= 2.1.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in redqteam Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist: from n/a through 2.1.0.

Affected products

wishlist
  • =<2.1.0

Matching in nixpkgs

pkgs.wishlist

Single entrypoint for multiple SSH endpoints

Package maintainers: 2

CVE-2025-31062
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 7 months ago
WordPress Wishlist <= 2.1.0 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in redqteam Wishlist allows Retrieve Embedded Sensitive Data. This issue affects Wishlist: from n/a through 2.1.0.

Affected products

wishlist
  • =<2.1.0

Matching in nixpkgs

pkgs.wishlist

Single entrypoint for multiple SSH endpoints

Package maintainers: 2