Nixpkgs Security Tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2023-1672
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 10 months ago
Race condition exists in the key generation and rotation functionality

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

Affected products

tang

Matching in nixpkgs

pkgs.tang

Server for binding data to network presence

  • nixos-unstable 15
    • nixos-unstable-small 15
    • nixpkgs-unstable 15

pkgs.tango

Local command-line Japanese dictionary tool using yomichan's dictionary files

pkgs.tangram

Run web apps on your desktop

pkgs.entangle

Tethered camera control and capture

pkgs.md-tangle

Generates ("tangles") source code from Markdown documents

pkgs.rectangle

Move and resize windows in macOS using keyboard shortcuts or snap areas

pkgs.tangerine

System for creating 3D models procedurally from a set of Signed Distance Function (SDF) primitive shapes and combining operators

pkgs.rectangle-pro

Move and resize windows in macOS using keyboard shortcuts or snap areas

pkgs.haskellPackages.tangle

Heterogenous memoisation monad

pkgs.rectangle.x86_64-darwin

Move and resize windows in macOS using keyboard shortcuts or snap areas

pkgs.rectangle.aarch64-darwin

Move and resize windows in macOS using keyboard shortcuts or snap areas

pkgs.gnomeExtensions.rectangle

Magnet/Rectangle like manual tiling

  • nixos-unstable 23
    • nixos-unstable-small 25
    • nixpkgs-unstable 23

pkgs.python311Packages.untangle

Convert XML documents into Python objects

pkgs.python312Packages.untangle

Convert XML documents into Python objects

pkgs.rectangle-pro.x86_64-darwin

Move and resize windows in macOS using keyboard shortcuts or snap areas

pkgs.rectangle-pro.aarch64-darwin

Move and resize windows in macOS using keyboard shortcuts or snap areas

pkgs.vscode-extensions.matangover.mypy

pkgs.emacsPackages.color-theme-tangotango

pkgs.python312Packages.untangle.x86_64-linux

Convert XML documents into Python objects

pkgs.python312Packages.untangle.aarch64-linux

Convert XML documents into Python objects

pkgs.python312Packages.untangle.x86_64-darwin

Convert XML documents into Python objects

pkgs.python312Packages.untangle.aarch64-darwin

Convert XML documents into Python objects

pkgs.vscode-extensions.matangover.mypy.x86_64-linux

pkgs.vscode-extensions.matangover.mypy.aarch64-linux

pkgs.vscode-extensions.matangover.mypy.x86_64-darwin

pkgs.vscode-extensions.matangover.mypy.aarch64-darwin

CVE-2023-3966
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 10 months ago
Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.

Affected products

openvswitch
openvswitch3.0
openvswitch3.1
openvswitch3.2
openvswitch2.10
openvswitch2.11
openvswitch2.12
openvswitch2.13
openvswitch2.15
openvswitch2.16
openvswitch2.17
rdo-openvswitch
openvswitch-ovn-kubernetes

Matching in nixpkgs

pkgs.openvswitch

Multilayer virtual switch

pkgs.openvswitch-dpdk

Multilayer virtual switch

Package maintainers: 4

CVE-2024-26280
4.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 10 months ago
Apache Airflow: Overly broad default permissions for Viewer/Ops (audit logs)

Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames they were not permitted to view. With 2.8.2 and newer, Ops and Viewer users do not have audit log permission by default, they need to be explicitly granted permissions to see the logs. Only admin users have audit log permission by default. Users of Apache Airflow are recommended to upgrade to version 2.8.2 or newer to mitigate the risk associated with this vulnerability

Affected products

apache-airflow
  • <2.8.2

Matching in nixpkgs

pkgs.apache-airflow

Programmatically author, schedule and monitor data pipelines

Package maintainers: 3

CVE-2023-0341
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 10 months ago
Stack Buffer Overflow in editorconfig-core-c

A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over the p_pcre buffer.

Affected products

editorconfig-core-c
  • <v0.12.6

Matching in nixpkgs

pkgs.editorconfig-core-c

EditorConfig core library written in C

Package maintainers: 1

CVE-2023-48291
created 10 months ago
Apache Airflow: Improper access control to DAG resources

Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't. This is a missing fix for CVE-2023-42792 in Apache Airflow 2.7.2  Users of Apache Airflow are strongly advised to upgrade to version 2.8.0 or newer to mitigate the risk associated with this vulnerability.

Affected products

apache-airflow
  • <2.8.0

Matching in nixpkgs

pkgs.apache-airflow

Programmatically author, schedule and monitor data pipelines

Package maintainers: 3

CVE-2024-5197
created 10 months ago
Integer overflow in libvpx

There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. Calling vpx_img_wrap() with a large value of the d_w, d_h, or stride_align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. We recommend upgrading to version 1.14.1 or beyond

Affected products

libvpx
  • <1.14.1

Matching in nixpkgs

pkgs.libvpx.x86_64-linux

WebM VP8/VP9 codec SDK

pkgs.libvpx.aarch64-linux

WebM VP8/VP9 codec SDK

pkgs.libvpx.x86_64-darwin

WebM VP8/VP9 codec SDK

pkgs.libvpx.aarch64-darwin

WebM VP8/VP9 codec SDK

Package maintainers: 1

CVE-2023-6779
8.2 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): HIGH
created 10 months ago
Glibc: off-by-one heap-based buffer overflow in __vsyslog_internal()

An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.

Affected products

glibc
compat-glibc

Matching in nixpkgs

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.glibcLocales

Locale information for the GNU C Library

pkgs.glibcLocalesUtf8

Locale information for the GNU C Library

pkgs.locale.x86_64-linux

pkgs.locale.aarch64-linux

pkgs.libiconv.x86_64-linux

pkgs.libiconv.aarch64-linux

Package maintainers: 2

CVE-2022-31631
9.1 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 10 months ago
PDO::quote() may return unquoted string

In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities.

Affected products

pdo_sqlite
  • <8.2.2
  • <8.0.27
  • <8.1.15

Matching in nixpkgs

pkgs.php81Extensions.pdo_sqlite

PHP upstream extension: pdo_sqlite

pkgs.php82Extensions.pdo_sqlite

PHP upstream extension: pdo_sqlite

pkgs.php83Extensions.pdo_sqlite

PHP upstream extension: pdo_sqlite

pkgs.php84Extensions.pdo_sqlite

PHP upstream extension: pdo_sqlite

pkgs.php81Extensions.pdo_sqlite.x86_64-linux

PHP upstream extension: pdo_sqlite

pkgs.php82Extensions.pdo_sqlite.x86_64-linux

PHP upstream extension: pdo_sqlite

pkgs.php83Extensions.pdo_sqlite.x86_64-linux

PHP upstream extension: pdo_sqlite

pkgs.php84Extensions.pdo_sqlite.x86_64-linux

PHP upstream extension: pdo_sqlite

pkgs.php81Extensions.pdo_sqlite.aarch64-linux

PHP upstream extension: pdo_sqlite

pkgs.php81Extensions.pdo_sqlite.x86_64-darwin

PHP upstream extension: pdo_sqlite

pkgs.php82Extensions.pdo_sqlite.aarch64-linux

PHP upstream extension: pdo_sqlite

pkgs.php82Extensions.pdo_sqlite.x86_64-darwin

PHP upstream extension: pdo_sqlite

pkgs.php83Extensions.pdo_sqlite.aarch64-linux

PHP upstream extension: pdo_sqlite

pkgs.php83Extensions.pdo_sqlite.x86_64-darwin

PHP upstream extension: pdo_sqlite

pkgs.php84Extensions.pdo_sqlite.aarch64-linux

PHP upstream extension: pdo_sqlite

pkgs.php84Extensions.pdo_sqlite.x86_64-darwin

PHP upstream extension: pdo_sqlite

pkgs.php81Extensions.pdo_sqlite.aarch64-darwin

PHP upstream extension: pdo_sqlite

pkgs.php82Extensions.pdo_sqlite.aarch64-darwin

PHP upstream extension: pdo_sqlite

pkgs.php83Extensions.pdo_sqlite.aarch64-darwin

PHP upstream extension: pdo_sqlite

pkgs.php84Extensions.pdo_sqlite.aarch64-darwin

PHP upstream extension: pdo_sqlite

Package maintainers: 5

CVE-2023-1258
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 10 months ago
Flow-X disclosure of sensitive information to unauthenticated users

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: before 4.0.

Affected products

firmware
  • <4.0

Matching in nixpkgs

pkgs.zd1211fw

Firmware for the ZyDAS ZD1211(b) 802.11a/b/g USB WLAN chip

pkgs.alsa-firmware

Soundcard firmwares from the alsa project

pkgs.gnome-firmware

Tool for installing firmware on devices

pkgs.linux-firmware

Binary firmware collection packaged by kernel.org

pkgs.rt5677-firmware

Firmware for Realtek rt5677 device

  • nixos-unstable ???
    • nixos-unstable-small
    • nixpkgs-unstable

pkgs.firmware-manager

Graphical frontend for firmware management

pkgs.rtl8761b-firmware

Firmware for Realtek RTL8761b

  • nixos-unstable ???
    • nixos-unstable-small
    • nixpkgs-unstable

pkgs.system76-firmware

Tools for managing firmware updates for system76 devices

pkgs.facetimehd-firmware

facetimehd firmware

pkgs.xow_dongle-firmware

Xbox One wireless dongle firmware

pkgs.uefi-firmware-parser

Tool for parsing, extracting, and recreating UEFI firmware volumes

pkgs.nitrokey-pro-firmware

Firmware for the Nitrokey Pro device

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

pkgs.armTrustedFirmwareS905

Reference implementation of secure world software for ARMv8-A

pkgs.libreelec-dvb-firmware

DVB firmware from LibreELEC

pkgs.armTrustedFirmwareTools

Reference implementation of secure world software for ARMv8-A

pkgs.nitrokey-start-firmware

Firmware for the Nitrokey Start device

  • nixos-unstable 13
    • nixos-unstable-small 13
    • nixpkgs-unstable 13

pkgs.nitrokey-storage-firmware

Firmware for the Nitrokey Storage device

pkgs.sof-firmware.x86_64-linux

Sound Open Firmware

pkgs.raspberrypifw.x86_64-linux

Firmware for the Raspberry Pi board

pkgs.sof-firmware.aarch64-linux

Sound Open Firmware

pkgs.ath9k-htc-blobless-firmware

Blobless, open source wifi firmware for ath9k_htc.ko

pkgs.linux-firmware.x86_64-linux

Binary firmware collection packaged by kernel.org

pkgs.raspberrypiWirelessFirmware

Firmware for builtin Wifi/Bluetooth devices in the Raspberry Pi 3+ and Zero W

pkgs.raspberrypifw.aarch64-linux

Firmware for the Raspberry Pi board

pkgs.linux-firmware.aarch64-linux

Binary firmware collection packaged by kernel.org

pkgs.rt5677-firmware.x86_64-linux

Firmware for Realtek rt5677 device

pkgs.rt5677-firmware.aarch64-linux

Firmware for Realtek rt5677 device

pkgs.rtl8761b-firmware.x86_64-linux

Firmware for Realtek RTL8761b

pkgs.python311Packages.virt-firmware

Tools for virtual machine firmware volumes

pkgs.python312Packages.virt-firmware

Tools for virtual machine firmware volumes

pkgs.rtl8761b-firmware.aarch64-linux

Firmware for Realtek RTL8761b

pkgs.libreelec-dvb-firmware.x86_64-linux

DVB firmware from LibreELEC

pkgs.ath9k-htc-blobless-firmware-unstable

Blobless, open source wifi firmware for ath9k_htc.ko

pkgs.libreelec-dvb-firmware.aarch64-linux

DVB firmware from LibreELEC

pkgs.azure-cli-extensions.firmwareanalysis

Microsoft Azure Command-Line Tools Firmwareanalysis Extension

pkgs.raspberrypiWirelessFirmware.x86_64-linux

Firmware for builtin Wifi/Bluetooth devices in the Raspberry Pi 3+ and Zero W

pkgs.raspberrypiWirelessFirmware.aarch64-linux

Firmware for builtin Wifi/Bluetooth devices in the Raspberry Pi 3+ and Zero W

pkgs.python312Packages.virt-firmware.x86_64-linux

Tools for virtual machine firmware volumes

pkgs.python312Packages.virt-firmware.aarch64-linux

Tools for virtual machine firmware volumes

pkgs.python312Packages.virt-firmware.x86_64-darwin

Tools for virtual machine firmware volumes

pkgs.python312Packages.virt-firmware.aarch64-darwin

Tools for virtual machine firmware volumes

Package maintainers: 31

CVE-2024-43428
7.7 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 10 months, 1 week ago
Moodle: cache poisoning via injection into storage

To address a cache poisoning risk in Moodle, additional validation for local storage was required.

Affected products

moodle
  • <4.3.6
  • <4.1.12
  • <4.4.2
  • <4.2.9

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

Package maintainers: 2