Nixpkgs Security Tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2023-31347
4.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 9 months ago
Due to a code bug in Secure_TSC, SEV firmware may …

Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.  

Affected products

PI
  • ==various

Matching in nixpkgs

pkgs.spoofdpi

Simple and fast anti-censorship tool written in Go

pkgs.perl538Packages.PPI

Parse, Analyze and Manipulate Perl (without perl)

pkgs.perl540Packages.PPI

Parse, Analyze and Manipulate Perl (without perl)

pkgs.haskellPackages.hsPID

PID control loop

pkgs.spirv-llvm-translator

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.spoofdpi.x86_64-linux

Simple and fast anti-censorship tool written in Go

pkgs.perl538Packages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

pkgs.perl540Packages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

pkgs.spoofdpi.aarch64-linux

Simple and fast anti-censorship tool written in Go

pkgs.spoofdpi.x86_64-darwin

Simple and fast anti-censorship tool written in Go

pkgs.spoofdpi.aarch64-darwin

Simple and fast anti-censorship tool written in Go

pkgs.haskellPackages.EdisonAPI

A library of efficient, purely-functional data structures (API)

pkgs.perl538Packages.PPIxUtils

Utility functions for PPI

pkgs.perl540Packages.PPIxUtils

Utility functions for PPI

pkgs.perl538Packages.PPIxRegexp

Parse regular expressions

pkgs.perl540Packages.PPIxRegexp

Parse regular expressions

pkgs.perl538Packages.ProcPIDFile

Manage process id files

pkgs.perl540Packages.ProcPIDFile

Manage process id files

pkgs.perl538Packages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

pkgs.perl538Packages.OpenAPIClient

Client for talking to an Open API powered server

pkgs.perl538Packages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.OpenAPIClient

Client for talking to an Open API powered server

pkgs.perl540Packages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPI.x86_64-linux

Parse, Analyze and Manipulate Perl (without perl)

pkgs.perl540Packages.PPI.aarch64-linux

Parse, Analyze and Manipulate Perl (without perl)

pkgs.perl540Packages.PPI.x86_64-darwin

Parse, Analyze and Manipulate Perl (without perl)

pkgs.haskellPackages.hsPID.x86_64-linux

PID control loop

pkgs.perl540Packages.PPI.aarch64-darwin

Parse, Analyze and Manipulate Perl (without perl)

pkgs.spirv-llvm-translator.x86_64-linux

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.haskellPackages.hsPID.aarch64-linux

PID control loop

pkgs.haskellPackages.hsPID.x86_64-darwin

PID control loop

pkgs.spirv-llvm-translator.aarch64-linux

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.spirv-llvm-translator.x86_64-darwin

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.haskellPackages.hsPID.aarch64-darwin

PID control loop

pkgs.perl540Packages.PDFAPI2.x86_64-linux

Create, modify, and examine PDF files

pkgs.spirv-llvm-translator.aarch64-darwin

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.perl540Packages.PDFAPI2.aarch64-linux

Create, modify, and examine PDF files

pkgs.perl540Packages.PDFAPI2.x86_64-darwin

Create, modify, and examine PDF files

pkgs.perl540Packages.PDFAPI2.aarch64-darwin

Create, modify, and examine PDF files

pkgs.perl540Packages.PPIxUtils.x86_64-linux

Utility functions for PPI

pkgs.perl540Packages.PPIxRegexp.x86_64-linux

Parse regular expressions

pkgs.perl540Packages.PPIxUtils.aarch64-linux

Utility functions for PPI

pkgs.perl540Packages.PPIxUtils.x86_64-darwin

Utility functions for PPI

pkgs.perl538Packages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.PPIxRegexp.aarch64-linux

Parse regular expressions

pkgs.perl540Packages.PPIxRegexp.x86_64-darwin

Parse regular expressions

pkgs.perl540Packages.PPIxUtils.aarch64-darwin

Utility functions for PPI

pkgs.perl540Packages.ProcPIDFile.x86_64-linux

Manage process id files

pkgs.perl540Packages.PPIxRegexp.aarch64-darwin

Parse regular expressions

pkgs.perl540Packages.ProcPIDFile.aarch64-linux

Manage process id files

pkgs.perl540Packages.ProcPIDFile.x86_64-darwin

Manage process id files

pkgs.perl540Packages.WWWTwilioAPI.x86_64-linux

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.OpenAPIClient.x86_64-linux

Client for talking to an Open API powered server

pkgs.perl540Packages.PPIxQuoteLike.x86_64-linux

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPIxUtilities.x86_64-linux

Extensions to PPI|PPI

pkgs.perl540Packages.ProcPIDFile.aarch64-darwin

Manage process id files

pkgs.perl540Packages.WWWTwilioAPI.aarch64-linux

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.WWWTwilioAPI.x86_64-darwin

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.OpenAPIClient.aarch64-linux

Client for talking to an Open API powered server

pkgs.perl540Packages.OpenAPIClient.x86_64-darwin

Client for talking to an Open API powered server

pkgs.perl540Packages.PPIxQuoteLike.aarch64-linux

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPIxQuoteLike.x86_64-darwin

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPIxUtilities.aarch64-linux

Extensions to PPI|PPI

pkgs.perl540Packages.PPIxUtilities.x86_64-darwin

Extensions to PPI|PPI

pkgs.perl540Packages.WWWTwilioAPI.aarch64-darwin

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.OpenAPIClient.aarch64-darwin

Client for talking to an Open API powered server

pkgs.perl540Packages.PPIxQuoteLike.aarch64-darwin

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPIxUtilities.aarch64-darwin

Extensions to PPI|PPI

pkgs.perl540Packages.MojoliciousPluginOpenAPI.x86_64-linux

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.MojoliciousPluginOpenAPI.aarch64-linux

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.MojoliciousPluginOpenAPI.x86_64-darwin

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.MojoliciousPluginOpenAPI.aarch64-darwin

OpenAPI / Swagger plugin for Mojolicious

CVE-2025-0495
created 9 months ago
Secrets leakage to telemetry endpoint via cache backend configuration via buildx

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry traces as part of the arguments and flags for the traced CLI command. OpenTelemetry traces are also saved in BuildKit daemon's history records. This vulnerability does not impact secrets passed to the Github cache backend via environment variables or registry authentication.

Affected products

buildx
  • =<0.21.2

Matching in nixpkgs

pkgs.docker-buildx

Docker CLI plugin for extended build capabilities with BuildKit

Package maintainers: 2

CVE-2023-5215
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 9 months ago
Libnbd: crash or misbehaviour when nbd server returns an unexpected block size

A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly.

Affected products

libnbd
  • *
virt:av/libnbd
virt:rhel/libnbd
virt-devel:av/libnbd

Matching in nixpkgs

pkgs.libnbd

Network Block Device client library in userspace

pkgs.libnbd.x86_64-linux

Network Block Device client library in userspace

pkgs.libnbd.aarch64-linux

Network Block Device client library in userspace

pkgs.python311Packages.libnbd

Network Block Device client library in userspace

pkgs.python312Packages.libnbd

Network Block Device client library in userspace

pkgs.python312Packages.libnbd.x86_64-linux

Network Block Device client library in userspace

pkgs.python312Packages.libnbd.aarch64-linux

Network Block Device client library in userspace

Package maintainers: 1

CVE-2024-4028
3.8 LOW
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 9 months ago
Keycloak-core: stored xss in keycloak when creating a items in admin console

A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting (XSS) attack.

Affected products

keycloak
  • <18.0.8
keycloak-core
rh-sso7-keycloak

Matching in nixpkgs

pkgs.keycloak

Identity and access management for modern applications and services

pkgs.terraform-providers.keycloak

pkgs.python311Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-darwin

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-darwin

Provides access to the Keycloak API

Package maintainers: 3

CVE-2025-2157
3.3 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 9 months ago
Foreman: disclosure of executed commands and outputs in foreman / red hat satellite

A flaw was found in Foreman/Red Hat Satellite. Improper file permissions allow low-privileged OS users to monitor and access temporary files under /var/tmp, exposing sensitive command outputs, such as /etc/shadow. This issue can lead to information disclosure and privilege escalation if exploited effectively.

Affected products

foreman
  • ==6.17
  • ==6.16

Matching in nixpkgs

pkgs.foreman

Process manager for applications with multiple components

Package maintainers: 1

CVE-2023-20579
4.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 9 months ago
Improper Access Control in the AMD SPI protection feature may …

Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 (kernel mode) privileged access to bypass protections potentially resulting in loss of integrity and availability.

Affected products

PI
  • ==Various
  • ==various
  • ==various

Matching in nixpkgs

pkgs.spoofdpi

Simple and fast anti-censorship tool written in Go

pkgs.perl538Packages.PPI

Parse, Analyze and Manipulate Perl (without perl)

pkgs.perl540Packages.PPI

Parse, Analyze and Manipulate Perl (without perl)

pkgs.haskellPackages.hsPID

PID control loop

pkgs.spirv-llvm-translator

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.spoofdpi.x86_64-linux

Simple and fast anti-censorship tool written in Go

pkgs.perl538Packages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

pkgs.perl540Packages.GSSAPI

Perl extension providing access to the GSSAPIv2 library

pkgs.spoofdpi.aarch64-linux

Simple and fast anti-censorship tool written in Go

pkgs.spoofdpi.x86_64-darwin

Simple and fast anti-censorship tool written in Go

pkgs.spoofdpi.aarch64-darwin

Simple and fast anti-censorship tool written in Go

pkgs.haskellPackages.EdisonAPI

A library of efficient, purely-functional data structures (API)

pkgs.perl538Packages.PPIxUtils

Utility functions for PPI

pkgs.perl540Packages.PPIxUtils

Utility functions for PPI

pkgs.perl538Packages.PPIxRegexp

Parse regular expressions

pkgs.perl540Packages.PPIxRegexp

Parse regular expressions

pkgs.perl538Packages.ProcPIDFile

Manage process id files

pkgs.perl540Packages.ProcPIDFile

Manage process id files

pkgs.perl538Packages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.WWWTwilioAPI

Accessing Twilio's REST API with Perl

pkgs.perl538Packages.OpenAPIClient

Client for talking to an Open API powered server

pkgs.perl538Packages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.OpenAPIClient

Client for talking to an Open API powered server

pkgs.perl540Packages.PPIxQuoteLike

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPI.x86_64-linux

Parse, Analyze and Manipulate Perl (without perl)

pkgs.perl540Packages.PPI.aarch64-linux

Parse, Analyze and Manipulate Perl (without perl)

pkgs.perl540Packages.PPI.x86_64-darwin

Parse, Analyze and Manipulate Perl (without perl)

pkgs.haskellPackages.hsPID.x86_64-linux

PID control loop

pkgs.perl540Packages.PPI.aarch64-darwin

Parse, Analyze and Manipulate Perl (without perl)

pkgs.spirv-llvm-translator.x86_64-linux

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.haskellPackages.hsPID.aarch64-linux

PID control loop

pkgs.haskellPackages.hsPID.x86_64-darwin

PID control loop

pkgs.spirv-llvm-translator.aarch64-linux

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.spirv-llvm-translator.x86_64-darwin

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.haskellPackages.hsPID.aarch64-darwin

PID control loop

pkgs.perl540Packages.PDFAPI2.x86_64-linux

Create, modify, and examine PDF files

pkgs.spirv-llvm-translator.aarch64-darwin

Tool and a library for bi-directional translation between SPIR-V and LLVM IR

pkgs.perl540Packages.PDFAPI2.aarch64-linux

Create, modify, and examine PDF files

pkgs.perl540Packages.PDFAPI2.x86_64-darwin

Create, modify, and examine PDF files

pkgs.perl540Packages.PDFAPI2.aarch64-darwin

Create, modify, and examine PDF files

pkgs.perl540Packages.PPIxUtils.x86_64-linux

Utility functions for PPI

pkgs.perl540Packages.PPIxRegexp.x86_64-linux

Parse regular expressions

pkgs.perl540Packages.PPIxUtils.aarch64-linux

Utility functions for PPI

pkgs.perl540Packages.PPIxUtils.x86_64-darwin

Utility functions for PPI

pkgs.perl538Packages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.MojoliciousPluginOpenAPI

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.PPIxRegexp.aarch64-linux

Parse regular expressions

pkgs.perl540Packages.PPIxRegexp.x86_64-darwin

Parse regular expressions

pkgs.perl540Packages.PPIxUtils.aarch64-darwin

Utility functions for PPI

pkgs.perl540Packages.ProcPIDFile.x86_64-linux

Manage process id files

pkgs.perl540Packages.PPIxRegexp.aarch64-darwin

Parse regular expressions

pkgs.perl540Packages.ProcPIDFile.aarch64-linux

Manage process id files

pkgs.perl540Packages.ProcPIDFile.x86_64-darwin

Manage process id files

pkgs.perl540Packages.WWWTwilioAPI.x86_64-linux

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.OpenAPIClient.x86_64-linux

Client for talking to an Open API powered server

pkgs.perl540Packages.PPIxQuoteLike.x86_64-linux

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPIxUtilities.x86_64-linux

Extensions to PPI|PPI

pkgs.perl540Packages.ProcPIDFile.aarch64-darwin

Manage process id files

pkgs.perl540Packages.WWWTwilioAPI.aarch64-linux

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.WWWTwilioAPI.x86_64-darwin

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.OpenAPIClient.aarch64-linux

Client for talking to an Open API powered server

pkgs.perl540Packages.OpenAPIClient.x86_64-darwin

Client for talking to an Open API powered server

pkgs.perl540Packages.PPIxQuoteLike.aarch64-linux

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPIxQuoteLike.x86_64-darwin

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPIxUtilities.aarch64-linux

Extensions to PPI|PPI

pkgs.perl540Packages.PPIxUtilities.x86_64-darwin

Extensions to PPI|PPI

pkgs.perl540Packages.WWWTwilioAPI.aarch64-darwin

Accessing Twilio's REST API with Perl

pkgs.perl540Packages.OpenAPIClient.aarch64-darwin

Client for talking to an Open API powered server

pkgs.perl540Packages.PPIxQuoteLike.aarch64-darwin

Parse Perl string literals and string-literal-like things

pkgs.perl540Packages.PPIxUtilities.aarch64-darwin

Extensions to PPI|PPI

pkgs.perl540Packages.MojoliciousPluginOpenAPI.x86_64-linux

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.MojoliciousPluginOpenAPI.aarch64-linux

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.MojoliciousPluginOpenAPI.x86_64-darwin

OpenAPI / Swagger plugin for Mojolicious

pkgs.perl540Packages.MojoliciousPluginOpenAPI.aarch64-darwin

OpenAPI / Swagger plugin for Mojolicious

CVE-2023-6787
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 9 months ago
Keycloak: session hijacking via re-authentication

A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter "prompt=login," prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting "Restart login," an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session.

Affected products

keycloak
  • <22.0.10
  • <24.0.3
keycloak-core
rh-sso7-keycloak
rhbk/keycloak-rhel9
  • *
rhbk/keycloak-rhel9-operator
  • *
rhbk/keycloak-operator-bundle
  • *

Matching in nixpkgs

pkgs.keycloak

Identity and access management for modern applications and services

pkgs.terraform-providers.keycloak

pkgs.python311Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-darwin

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-darwin

Provides access to the Keycloak API

Package maintainers: 3

CVE-2024-8176
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 9 months ago
Libexpat: expat: improper restriction of xml entity expansion depth in libexpat

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.

Affected products

expat
  • *
rhcos
firefox
libexpat
  • <2.7.0
xmlrpc-c
  • *
lua-expat
mingw-expat
thunderbird
compat-expat1
firefox:flatpak/firefox
discovery/discovery-ui-rhel9
  • *
thunderbird:flatpak/thunderbird
discovery/discovery-server-rhel9
  • *
devworkspace/devworkspace-project-clone-rhel9
  • *
registry.redhat.io/discovery/discovery-ui-rhel9
  • *
registry.redhat.io/discovery/discovery-server-rhel9
  • *
registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9
  • *

Matching in nixpkgs

pkgs.expat

Stream-oriented XML parser library written in C

pkgs.xmlrpc_c

Lightweight RPC library based on XML and HTTP

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account.

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

pkgs.haskellPackages.hexpat

XML parser/formatter based on expat

pkgs.lua52Packages.luaexpat

XML Expat parsing

pkgs.haskellPackages.hxt-expat

Expat parser for HXT

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

pkgs.haskellPackages.hexpat-pickle

XML picklers based on hexpat, source-code-similar to those of the HXT package

pkgs.haskellPackages.hexpat-tagsoup

Parse (possibly malformed) HTML to hexpat tree

pkgs.gnomeExtensions.firefox-profiles

This GNOME extension makes it easy to launch Firefox with a specific profile from the indicator menu.

  • nixos-unstable 1
    • nixos-unstable-small 2
    • nixpkgs-unstable 1

pkgs.luaPackages.luaexpat.x86_64-linux

XML Expat parsing

pkgs.luaPackages.luaexpat.aarch64-linux

XML Expat parsing

pkgs.luaPackages.luaexpat.x86_64-darwin

XML Expat parsing

pkgs.chickenPackages_5.chickenEggs.expat

An interface to James Clark's Expat XML parser

pkgs.haskellPackages.hexpat.x86_64-linux

XML parser/formatter based on expat

pkgs.lua51Packages.luaexpat.x86_64-linux

XML Expat parsing

pkgs.lua53Packages.luaexpat.x86_64-linux

XML Expat parsing

pkgs.lua54Packages.luaexpat.x86_64-linux

XML Expat parsing

pkgs.luaPackages.luaexpat.aarch64-darwin

XML Expat parsing

pkgs.haskellPackages.hexpat.aarch64-linux

XML parser/formatter based on expat

pkgs.haskellPackages.hexpat.x86_64-darwin

XML parser/formatter based on expat

pkgs.lua51Packages.luaexpat.aarch64-linux

XML Expat parsing

pkgs.lua51Packages.luaexpat.x86_64-darwin

XML Expat parsing

pkgs.lua53Packages.luaexpat.aarch64-linux

XML Expat parsing

pkgs.lua53Packages.luaexpat.x86_64-darwin

XML Expat parsing

pkgs.lua54Packages.luaexpat.aarch64-linux

XML Expat parsing

pkgs.lua54Packages.luaexpat.x86_64-darwin

XML Expat parsing

pkgs.emacsPackages.firefox-javascript-repl

pkgs.haskellPackages.hexpat.aarch64-darwin

XML parser/formatter based on expat

pkgs.lua51Packages.luaexpat.aarch64-darwin

XML Expat parsing

pkgs.lua53Packages.luaexpat.aarch64-darwin

XML Expat parsing

pkgs.lua54Packages.luaexpat.aarch64-darwin

XML Expat parsing

pkgs.haskellPackages.hxt-expat.x86_64-linux

Expat parser for HXT

pkgs.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

pkgs.haskellPackages.hxt-expat.aarch64-linux

Expat parser for HXT

pkgs.haskellPackages.hxt-expat.x86_64-darwin

Expat parser for HXT

pkgs.haskellPackages.hxt-expat.aarch64-darwin

Expat parser for HXT

pkgs.gnomeExtensions.firefox-pip-always-on-top

Ensure that Firefox Picture-in-Picture window are always on top

  • nixos-unstable 8
    • nixos-unstable-small 8
    • nixpkgs-unstable 8

pkgs.haskellPackages.hexpat-pickle.x86_64-linux

XML picklers based on hexpat, source-code-similar to those of the HXT package

pkgs.haskellPackages.hexpat-pickle.aarch64-linux

XML picklers based on hexpat, source-code-similar to those of the HXT package

pkgs.haskellPackages.hexpat-pickle.x86_64-darwin

XML picklers based on hexpat, source-code-similar to those of the HXT package

pkgs.haskellPackages.hexpat-tagsoup.x86_64-linux

Parse (possibly malformed) HTML to hexpat tree

pkgs.haskellPackages.hexpat-pickle.aarch64-darwin

XML picklers based on hexpat, source-code-similar to those of the HXT package

pkgs.haskellPackages.hexpat-tagsoup.aarch64-linux

Parse (possibly malformed) HTML to hexpat tree

pkgs.haskellPackages.hexpat-tagsoup.x86_64-darwin

Parse (possibly malformed) HTML to hexpat tree

pkgs.haskellPackages.hexpat-tagsoup.aarch64-darwin

Parse (possibly malformed) HTML to hexpat tree

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug.x86_64-linux

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug.aarch64-linux

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug.x86_64-darwin

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug.aarch64-darwin

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

Package maintainers: 17

CVE-2022-28652
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 9 months ago
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack

~/.config/apport/settings parsing is vulnerable to "billion laughs" attack

Affected products

apport
  • <2.21.0

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

Package maintainers: 1

CVE-2025-0650
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 9 months ago
Ovn: egress acls may be bypassed via specially crafted udp packet

A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.

Affected products

ovn
  • ==22.03.8
  • ==24.03.5
  • ==24.09.2
ovn2.11
ovn2.12
ovn2.13
ovn-2021
ovn22.03
  • *
ovn22.06
  • *
ovn22.09
  • *
ovn22.12
  • *
ovn23.03
  • *
ovn23.06
  • *
ovn23.09
  • *
ovn24.03
  • *
ovn24.09
  • *

Matching in nixpkgs

pkgs.novnc

VNC client web application

pkgs.turbovnc

High-speed version of VNC derived from TightVNC

pkgs.nanovna-saver

A tool for reading, displaying and saving data from the NanoVNA

pkgs.python311Packages.slovnet

Deep-learning based NLP modeling for Russian language

Package maintainers: 6