Nixpkgs Security Tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2023-3301
5.6 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 10 months ago
Triggerable assertion due to race condition in hot-unplug

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.

Affected products

qemu
qemu-kvm
qemu-kvm-ma
qemu-kvm-rhev
virt:av/qemu-kvm
virt:rhel/qemu-kvm

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.qemu.x86_64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu.aarch64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu.x86_64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu.aarch64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu_kvm.x86_64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu_xen.x86_64-linux

Generic and open source machine emulator and virtualizer

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

pkgs.python311Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.qemu-user.x86_64-linux

QEMU User space emulator - launch executables compiled for one CPU on another CPU

pkgs.qemu_full.x86_64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu_kvm.aarch64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu_kvm.x86_64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu_test.x86_64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu-user.aarch64-linux

QEMU User space emulator - launch executables compiled for one CPU on another CPU

pkgs.qemu-utils.x86_64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu_full.aarch64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu_full.x86_64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu_kvm.aarch64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu_test.aarch64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu_test.x86_64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu-utils.aarch64-linux

Generic and open source machine emulator and virtualizer

pkgs.qemu-utils.x86_64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu_full.aarch64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu_test.aarch64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu-utils.aarch64-darwin

Generic and open source machine emulator and virtualizer

pkgs.qemu-python-utils.x86_64-linux

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.qemu-python-utils.aarch64-linux

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.qemu-python-utils.x86_64-darwin

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.qemu-python-utils.aarch64-darwin

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.python312Packages.qemu.x86_64-linux

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.python312Packages.qemu.aarch64-linux

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.python312Packages.qemu.x86_64-darwin

Python tooling used by the QEMU project to build, configure, and test QEMU

pkgs.python312Packages.qemu.aarch64-darwin

Python tooling used by the QEMU project to build, configure, and test QEMU

Package maintainers: 10

CVE-2023-50944
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 10 months ago
Apache Airflow: Bypass permission verification to read code of other dags

Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they don't have access. This vulnerability is considered low since it requires an authenticated user to exploit it. Users are recommended to upgrade to version 2.8.1, which fixes this issue.

Affected products

apache-airflow
  • <2.8.1

Matching in nixpkgs

pkgs.apache-airflow

Programmatically author, schedule and monitor data pipelines

Package maintainers: 3

CVE-2023-6246
8.4 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 10 months ago
Glibc: heap-based buffer overflow in __vsyslog_internal()

A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.

Affected products

glibc
compat-glibc

Matching in nixpkgs

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.glibcLocales

Locale information for the GNU C Library

pkgs.glibcLocalesUtf8

Locale information for the GNU C Library

pkgs.locale.x86_64-linux

pkgs.locale.aarch64-linux

pkgs.libiconv.x86_64-linux

pkgs.libiconv.aarch64-linux

Package maintainers: 2

CVE-2023-45348
created 10 months ago
Apache Airflow: Configuration information leakage vulnerability

Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the "expose_config" option is set to "non-sensitive-only". The `expose_config` option is False by default. It is recommended to upgrade to a version that is not affected.

Affected products

apache-airflow
  • <2.7.2

Matching in nixpkgs

pkgs.apache-airflow

Programmatically author, schedule and monitor data pipelines

Package maintainers: 3

CVE-2023-5366
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 10 months ago
Openvswitch don't match packets on nd_target field

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.

Affected products

openvswitch
openvswitch3.0
openvswitch3.1
openvswitch2.10
openvswitch2.11
openvswitch2.12
openvswitch2.13
openvswitch2.15
openvswitch2.16
openvswitch2.17
rhosp-openvswitch
openvswitch-ovn-kubernetes
redhat-virtualization-host

Matching in nixpkgs

pkgs.openvswitch

Multilayer virtual switch

pkgs.openvswitch-dpdk

Multilayer virtual switch

Package maintainers: 4

CVE-2023-4255
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 10 months ago
W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)

An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.

Affected products

w3m

Matching in nixpkgs

Package maintainers: 1

CVE-2024-27906
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 10 months ago
Apache Airflow: Dag Code and Import Error Permissions Ignored

Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI. Users of Apache Airflow are recommended to upgrade to version 2.8.2 or newer to mitigate the risk associated with this vulnerability

Affected products

apache-airflow
  • <2.8.2

Matching in nixpkgs

pkgs.apache-airflow

Programmatically author, schedule and monitor data pipelines

Package maintainers: 3

CVE-2023-42663
created 10 months ago
Apache Airflow: Bypass permission verification to view task instances of other dags

Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

Affected products

apache-airflow
  • <2.7.2

Matching in nixpkgs

pkgs.apache-airflow

Programmatically author, schedule and monitor data pipelines

Package maintainers: 3

CVE-2023-4136
7.4 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 10 months ago
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crafter Engine

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27.

Affected products

Engine
  • =<3.1.27
  • =<4.0.2

Matching in nixpkgs

pkgs.haskellPackages.Control-Engine

A parallel producer/consumer engine (thread pool)

pkgs.perl538Packages.XMLXPathEngine

Re-usable XPath engine for DOM-like trees

pkgs.perl540Packages.XMLXPathEngine

Re-usable XPath engine for DOM-like trees

pkgs.perl538Packages.ZonemasterEngine

Tool to check the quality of a DNS zone

pkgs.perl540Packages.ZonemasterEngine

Tool to check the quality of a DNS zone

pkgs.perl540Packages.XMLXPathEngine.x86_64-linux

Re-usable XPath engine for DOM-like trees

pkgs.perl540Packages.XMLXPathEngine.aarch64-linux

Re-usable XPath engine for DOM-like trees

pkgs.perl540Packages.XMLXPathEngine.x86_64-darwin

Re-usable XPath engine for DOM-like trees

pkgs.perl540Packages.XMLXPathEngine.aarch64-darwin

Re-usable XPath engine for DOM-like trees

pkgs.perl540Packages.ZonemasterEngine.x86_64-linux

Tool to check the quality of a DNS zone

pkgs.perl540Packages.ZonemasterEngine.aarch64-linux

Tool to check the quality of a DNS zone

pkgs.perl540Packages.ZonemasterEngine.x86_64-darwin

Tool to check the quality of a DNS zone

pkgs.perl540Packages.ZonemasterEngine.aarch64-darwin

Tool to check the quality of a DNS zone

CVE-2023-48733
6.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 10 months ago
An insecure default to allow UEFI Shell in EDK2 was …

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.

Affected products

edk2
  • <2023.05-2ubuntu0.1

Matching in nixpkgs

pkgs.edk2-uefi-shell

UEFI Shell from Tianocore EFI development kit

Package maintainers: 3