CVE-2025-23386 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 8 months, 1 week ago gerbera: Privilege escalation from user gerbera to root because of insecure %post script A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows the service user gerbera to escalate to root.,This issue affects gerbera on openSUSE Tumbleweed before 2.5.0-1.1. Affected products gerbera <2.5.0-1.1 Matching in nixpkgs pkgs.gerbera UPnP Media Server for 2020 nixos-unstable 1.12.1 nixos-unstable-small 1.12.1 nixpkgs-unstable 1.12.1 Package maintainers: 1 @ardumont Antoine R. Dumont <eniotna.t@gmail.com>
pkgs.gerbera UPnP Media Server for 2020 nixos-unstable 1.12.1 nixos-unstable-small 1.12.1 nixpkgs-unstable 1.12.1
CVE-2025-31002 9.1 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 8 months, 1 week ago WordPress Squeeze plugin <= 1.6 - Arbitrary File Upload vulnerability Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows Using Malicious Files. This issue affects Squeeze: from n/a through 1.6. Affected products squeeze =<1.6 Matching in nixpkgs pkgs.squeezelite Lightweight headless squeezebox client emulator nixos-unstable 2.0.0.1504 nixos-unstable-small 2.0.0.1504 nixpkgs-unstable 2.0.0.1504 pkgs.squeezelite-pulse Lightweight headless squeezebox client emulator nixos-unstable 2.0.0.1504 nixos-unstable-small 2.0.0.1504 nixpkgs-unstable 2.0.0.1504 pkgs.postgresqlPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.python311Packages.pysqueezebox Asynchronous library to control Logitech Media Server nixos-unstable 10.0.0 nixos-unstable-small 10.0.0 nixpkgs-unstable 10.0.0 pkgs.python312Packages.pysqueezebox Asynchronous library to control Logitech Media Server nixos-unstable 10.0.0 nixos-unstable-small 10.0.0 nixpkgs-unstable 10.0.0 pkgs.postgresql13Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql14Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql15Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql16Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql17Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresqlJitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql13JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql14JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql15JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql16JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql17JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.home-assistant-component-tests.squeezebox Open source home automation that puts local control and privacy first nixos-unstable 2024.11.3 nixos-unstable-small 2024.11.3 nixpkgs-unstable 2024.11.3 Package maintainers: 5 @adamcstephens Adam C. Stephens <happy.plan4249@valkor.net> @nyanloutre Paul Trehiou <paul@nyanlout.re> @Mic92 Jörg Thalheim <joerg@thalheim.io> @fabaff Fabian Affolter <mail@fabian-affolter.ch> @mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
pkgs.squeezelite Lightweight headless squeezebox client emulator nixos-unstable 2.0.0.1504 nixos-unstable-small 2.0.0.1504 nixpkgs-unstable 2.0.0.1504
pkgs.squeezelite-pulse Lightweight headless squeezebox client emulator nixos-unstable 2.0.0.1504 nixos-unstable-small 2.0.0.1504 nixpkgs-unstable 2.0.0.1504
pkgs.postgresqlPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.python311Packages.pysqueezebox Asynchronous library to control Logitech Media Server nixos-unstable 10.0.0 nixos-unstable-small 10.0.0 nixpkgs-unstable 10.0.0
pkgs.python312Packages.pysqueezebox Asynchronous library to control Logitech Media Server nixos-unstable 10.0.0 nixos-unstable-small 10.0.0 nixpkgs-unstable 10.0.0
pkgs.postgresql13Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql14Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql15Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql16Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql17Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresqlJitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql13JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql14JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql15JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql16JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql17JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.home-assistant-component-tests.squeezebox Open source home automation that puts local control and privacy first nixos-unstable 2024.11.3 nixos-unstable-small 2024.11.3 nixpkgs-unstable 2024.11.3
CVE-2025-31003 2.7 LOW CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): NONE created 8 months, 1 week ago WordPress Squeeze plugin <= 1.6 - Full Path Disclosure (FPD) vulnerability Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Bogdan Bendziukov Squeeze allows Retrieve Embedded Sensitive Data. This issue affects Squeeze: from n/a through 1.6. Affected products squeeze =<1.6 Matching in nixpkgs pkgs.squeezelite Lightweight headless squeezebox client emulator nixos-unstable 2.0.0.1504 nixos-unstable-small 2.0.0.1504 nixpkgs-unstable 2.0.0.1504 pkgs.squeezelite-pulse Lightweight headless squeezebox client emulator nixos-unstable 2.0.0.1504 nixos-unstable-small 2.0.0.1504 nixpkgs-unstable 2.0.0.1504 pkgs.postgresqlPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.python311Packages.pysqueezebox Asynchronous library to control Logitech Media Server nixos-unstable 10.0.0 nixos-unstable-small 10.0.0 nixpkgs-unstable 10.0.0 pkgs.python312Packages.pysqueezebox Asynchronous library to control Logitech Media Server nixos-unstable 10.0.0 nixos-unstable-small 10.0.0 nixpkgs-unstable 10.0.0 pkgs.postgresql13Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql14Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql15Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql16Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql17Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresqlJitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql13JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql14JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql15JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql16JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.postgresql17JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0 pkgs.home-assistant-component-tests.squeezebox Open source home automation that puts local control and privacy first nixos-unstable 2024.11.3 nixos-unstable-small 2024.11.3 nixpkgs-unstable 2024.11.3 Package maintainers: 5 @adamcstephens Adam C. Stephens <happy.plan4249@valkor.net> @nyanloutre Paul Trehiou <paul@nyanlout.re> @Mic92 Jörg Thalheim <joerg@thalheim.io> @fabaff Fabian Affolter <mail@fabian-affolter.ch> @mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
pkgs.squeezelite Lightweight headless squeezebox client emulator nixos-unstable 2.0.0.1504 nixos-unstable-small 2.0.0.1504 nixpkgs-unstable 2.0.0.1504
pkgs.squeezelite-pulse Lightweight headless squeezebox client emulator nixos-unstable 2.0.0.1504 nixos-unstable-small 2.0.0.1504 nixpkgs-unstable 2.0.0.1504
pkgs.postgresqlPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.python311Packages.pysqueezebox Asynchronous library to control Logitech Media Server nixos-unstable 10.0.0 nixos-unstable-small 10.0.0 nixpkgs-unstable 10.0.0
pkgs.python312Packages.pysqueezebox Asynchronous library to control Logitech Media Server nixos-unstable 10.0.0 nixos-unstable-small 10.0.0 nixpkgs-unstable 10.0.0
pkgs.postgresql13Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql14Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql15Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql16Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql17Packages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresqlJitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql13JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql14JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql15JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql16JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.postgresql17JitPackages.pg_squeeze PostgreSQL extension for automatic bloat cleanup nixos-unstable 1.7.0 nixos-unstable-small 1.7.0 nixpkgs-unstable 1.7.0
pkgs.home-assistant-component-tests.squeezebox Open source home automation that puts local control and privacy first nixos-unstable 2024.11.3 nixos-unstable-small 2024.11.3 nixpkgs-unstable 2024.11.3
CVE-2023-4320 7.6 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): HIGH Availability impact (A): LOW created 8 months, 1 week ago Satellite: arithmetic overflow in satellite An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity. Affected products foreman * Security Matching in nixpkgs pkgs.foreman Process manager for applications with multiple components nixos-unstable 0.87.2 nixos-unstable-small 0.87.2 nixpkgs-unstable 0.87.2 pkgs.emacsPackages.foreman-mode nixos-unstable 20170725.1422 nixos-unstable-small 20170725.1422 nixpkgs-unstable 20170725.1422 Package maintainers: 1 @zimbatm zimbatm <zimbatm@zimbatm.com>
pkgs.foreman Process manager for applications with multiple components nixos-unstable 0.87.2 nixos-unstable-small 0.87.2 nixpkgs-unstable 0.87.2
pkgs.emacsPackages.foreman-mode nixos-unstable 20170725.1422 nixos-unstable-small 20170725.1422 nixpkgs-unstable 20170725.1422
CVE-2025-32584 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 8 months, 1 week ago WordPress Chat2 plugin <= 3.6.3 - CSRF to Stored XSS vulnerability Cross-Site Request Forgery (CSRF) vulnerability in Chat2 Chat2 allows Cross Site Request Forgery. This issue affects Chat2: from n/a through 3.6.3. Affected products chat2 =<3.6.3 Matching in nixpkgs pkgs.python311Packages.deltachat2 Client library for Delta Chat core JSON-RPC interface nixos-unstable deltachat2-0.6.2 nixos-unstable-small deltachat2-0.6.2 nixpkgs-unstable deltachat2-0.6.2 pkgs.python312Packages.deltachat2 Client library for Delta Chat core JSON-RPC interface nixos-unstable deltachat2-0.6.2 nixos-unstable-small deltachat2-0.6.2 nixpkgs-unstable deltachat2-0.6.2 Package maintainers: 1 @dotlambda Robert Schütz <rschuetz17@gmail.com>
pkgs.python311Packages.deltachat2 Client library for Delta Chat core JSON-RPC interface nixos-unstable deltachat2-0.6.2 nixos-unstable-small deltachat2-0.6.2 nixpkgs-unstable deltachat2-0.6.2
pkgs.python312Packages.deltachat2 Client library for Delta Chat core JSON-RPC interface nixos-unstable deltachat2-0.6.2 nixos-unstable-small deltachat2-0.6.2 nixpkgs-unstable deltachat2-0.6.2
CVE-2023-4886 6.7 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 8 months, 1 week ago Foreman: world readable file containing secrets A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable. Affected products foreman * foreman-installer * Matching in nixpkgs pkgs.foreman Process manager for applications with multiple components nixos-unstable 0.87.2 nixos-unstable-small 0.87.2 nixpkgs-unstable 0.87.2 pkgs.emacsPackages.foreman-mode nixos-unstable 20170725.1422 nixos-unstable-small 20170725.1422 nixpkgs-unstable 20170725.1422 Package maintainers: 1 @zimbatm zimbatm <zimbatm@zimbatm.com>
pkgs.foreman Process manager for applications with multiple components nixos-unstable 0.87.2 nixos-unstable-small 0.87.2 nixpkgs-unstable 0.87.2
pkgs.emacsPackages.foreman-mode nixos-unstable 20170725.1422 nixos-unstable-small 20170725.1422 nixpkgs-unstable 20170725.1422
CVE-2024-2496 5.0 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 8 months, 1 week ago Libvirt: null pointer dereference in udevconnectlistallinterfaces() A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash. Affected products libvirt <9.7.0 * virt:av/libvirt virt:rhel/libvirt Matching in nixpkgs pkgs.libvirt Toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes nixos-unstable 10.10.0 nixos-unstable-small 10.10.0 nixpkgs-unstable 10.10.0 pkgs.libvirt-glib Library for working with virtual machines nixos-unstable 5.0.0 nixos-unstable-small 5.0.0 nixpkgs-unstable 5.0.0 pkgs.python311Packages.libvirt libvirt Python bindings nixos-unstable 10.10.0 nixos-unstable-small 10.10.0 nixpkgs-unstable 10.10.0 pkgs.python312Packages.libvirt libvirt Python bindings nixos-unstable 10.10.0 nixos-unstable-small 10.10.0 nixpkgs-unstable 10.10.0 pkgs.rubyPackages.ruby-libvirt nixos-unstable ??? nixos-unstable-small 0.8.2 pkgs.prometheus-libvirt-exporter Prometheus metrics exporter for libvirt nixos-unstable 2.3.3 nixos-unstable-small 2.3.3 nixpkgs-unstable 2.3.3 pkgs.terraform-providers.libvirt nixos-unstable 0.8.1 nixos-unstable-small 0.8.1 nixpkgs-unstable 0.8.1 pkgs.rubyPackages_3_1.ruby-libvirt nixos-unstable 0.8.2 nixos-unstable-small 0.8.2 nixpkgs-unstable 0.8.2 pkgs.rubyPackages_3_2.ruby-libvirt nixos-unstable 0.8.2 nixos-unstable-small 0.8.2 nixpkgs-unstable 0.8.2 pkgs.rubyPackages_3_3.ruby-libvirt nixos-unstable 0.8.2 nixos-unstable-small 0.8.2 nixpkgs-unstable 0.8.2 pkgs.rubyPackages_3_4.ruby-libvirt nixos-unstable 0.8.2 nixos-unstable-small 0.8.2 nixpkgs-unstable 0.8.2 Package maintainers: 4 @farcaller Vladimir Pouzanov <farcaller@gmail.com> @fpletz Franz Pletz <fpletz@fnordicwalking.de> @lovesegfault Bernardo Meurer <meurerbernardo@gmail.com> @globin Robin Gloster <mail@glob.in>
pkgs.libvirt Toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes nixos-unstable 10.10.0 nixos-unstable-small 10.10.0 nixpkgs-unstable 10.10.0
pkgs.libvirt-glib Library for working with virtual machines nixos-unstable 5.0.0 nixos-unstable-small 5.0.0 nixpkgs-unstable 5.0.0
pkgs.python311Packages.libvirt libvirt Python bindings nixos-unstable 10.10.0 nixos-unstable-small 10.10.0 nixpkgs-unstable 10.10.0
pkgs.python312Packages.libvirt libvirt Python bindings nixos-unstable 10.10.0 nixos-unstable-small 10.10.0 nixpkgs-unstable 10.10.0
pkgs.prometheus-libvirt-exporter Prometheus metrics exporter for libvirt nixos-unstable 2.3.3 nixos-unstable-small 2.3.3 nixpkgs-unstable 2.3.3
pkgs.terraform-providers.libvirt nixos-unstable 0.8.1 nixos-unstable-small 0.8.1 nixpkgs-unstable 0.8.1
pkgs.rubyPackages_3_1.ruby-libvirt nixos-unstable 0.8.2 nixos-unstable-small 0.8.2 nixpkgs-unstable 0.8.2
pkgs.rubyPackages_3_2.ruby-libvirt nixos-unstable 0.8.2 nixos-unstable-small 0.8.2 nixpkgs-unstable 0.8.2
pkgs.rubyPackages_3_3.ruby-libvirt nixos-unstable 0.8.2 nixos-unstable-small 0.8.2 nixpkgs-unstable 0.8.2
pkgs.rubyPackages_3_4.ruby-libvirt nixos-unstable 0.8.2 nixos-unstable-small 0.8.2 nixpkgs-unstable 0.8.2
CVE-2025-31375 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 8 months, 1 week ago WordPress Scheduled plugin <= 1.0 - CSRF to Stored XSS vulnerability Cross-Site Request Forgery (CSRF) vulnerability in bhoogterp Scheduled allows Stored XSS. This issue affects Scheduled: from n/a through 1.0. Affected products scheduled =<1.0 Matching in nixpkgs pkgs.azure-cli-extensions.scheduled-query Microsoft Azure Command-Line Tools Scheduled_query Extension nixos-unstable 1.0.0b1 nixos-unstable-small 1.0.0b1 nixpkgs-unstable 1.0.0b1 Package maintainers: 2 @katexochen Paul Meyer <katexochen0@gmail.com> @ulrikstrid Ulrik Strid <ulrik.strid@outlook.com>
pkgs.azure-cli-extensions.scheduled-query Microsoft Azure Command-Line Tools Scheduled_query Extension nixos-unstable 1.0.0b1 nixos-unstable-small 1.0.0b1 nixpkgs-unstable 1.0.0b1
CVE-2023-23457 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 8 months, 1 week ago Upx: segv on packlinuxelf64::invert_pt_dynamic() in p_lx_elf.cpp A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service. Affected products upx * Matching in nixpkgs pkgs.upx Ultimate Packer for eXecutables nixos-unstable 4.2.4 nixos-unstable-small 4.2.4 nixpkgs-unstable 4.2.4
pkgs.upx Ultimate Packer for eXecutables nixos-unstable 4.2.4 nixos-unstable-small 4.2.4 nixpkgs-unstable 4.2.4
CVE-2025-3359 6.2 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 8 months, 1 week ago Gnuplot: segmentation fault via io_str_init_static_internal function A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment. Affected products gnuplot <6.1 Matching in nixpkgs pkgs.gnuplot Portable command-line driven graphing utility for many platforms nixos-unstable 6.0.1 nixos-unstable-small 6.0.1 nixpkgs-unstable 6.0.1 pkgs.gnuplot_qt Portable command-line driven graphing utility for many platforms nixos-unstable 6.0.1 nixos-unstable-small 6.0.1 nixpkgs-unstable 6.0.1 pkgs.feedgnuplot General purpose pipe-oriented plotting tool nixos-unstable 1.61 nixos-unstable-small 1.61 nixpkgs-unstable 1.61 pkgs.gnuplot_aquaterm Portable command-line driven graphing utility for many platforms nixos-unstable 6.0.1 nixos-unstable-small 6.0.1 nixpkgs-unstable 6.0.1 pkgs.emacsPackages.gnuplot nixos-unstable 20240914.1522 nixos-unstable-small 20240914.1522 nixpkgs-unstable 20240914.1522 pkgs.haskellPackages.gnuplot 2D and 3D plots using gnuplot nixos-unstable 0.5.7 nixos-unstable-small 0.5.7 nixpkgs-unstable 0.5.7 pkgs.emacsPackages.gnuplot-mode nixos-unstable 20171013.1616 nixos-unstable-small 20171013.1616 nixpkgs-unstable 20171013.1616 pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe A simple interface to Gnuplot nixos-unstable 0.4.2 nixos-unstable-small 0.4.2 nixpkgs-unstable 0.4.2 pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot nixos-unstable ??? nixos-unstable-small nixpkgs-unstable Package maintainers: 3 @lovek323 Jason O'Conal <jason@oconal.id.au> @mnacamura Mitsuhiro Nakamura <m.nacamura@gmail.com> @thielema Henning Thielemann <nix@henning-thielemann.de>
pkgs.gnuplot Portable command-line driven graphing utility for many platforms nixos-unstable 6.0.1 nixos-unstable-small 6.0.1 nixpkgs-unstable 6.0.1
pkgs.gnuplot_qt Portable command-line driven graphing utility for many platforms nixos-unstable 6.0.1 nixos-unstable-small 6.0.1 nixpkgs-unstable 6.0.1
pkgs.feedgnuplot General purpose pipe-oriented plotting tool nixos-unstable 1.61 nixos-unstable-small 1.61 nixpkgs-unstable 1.61
pkgs.gnuplot_aquaterm Portable command-line driven graphing utility for many platforms nixos-unstable 6.0.1 nixos-unstable-small 6.0.1 nixpkgs-unstable 6.0.1
pkgs.emacsPackages.gnuplot nixos-unstable 20240914.1522 nixos-unstable-small 20240914.1522 nixpkgs-unstable 20240914.1522
pkgs.haskellPackages.gnuplot 2D and 3D plots using gnuplot nixos-unstable 0.5.7 nixos-unstable-small 0.5.7 nixpkgs-unstable 0.5.7
pkgs.emacsPackages.gnuplot-mode nixos-unstable 20171013.1616 nixos-unstable-small 20171013.1616 nixpkgs-unstable 20171013.1616
pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe A simple interface to Gnuplot nixos-unstable 0.4.2 nixos-unstable-small 0.4.2 nixpkgs-unstable 0.4.2
pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot nixos-unstable ??? nixos-unstable-small nixpkgs-unstable