Nixpkgs Security Tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2024-7260
6.1 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 11 months, 2 weeks ago
Keycloak-core: open redirect on account page

An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. A trusted URL can trick users and automation into believing that the URL is safe, when, in fact, it redirects to a malicious server. This issue can result in a victim inadvertently trusting the destination of the redirect, potentially leading to a successful phishing attack or other types of attacks. Once a crafted URL is made, it can be sent to a Keycloak admin via email for example. This will trigger this vulnerability when the user visits the page and clicks the link. A malicious actor can use this to target users they know are Keycloak admins for further attacks. It may also be possible to bypass other domain-related security checks, such as supplying this as a OAuth redirect uri. The malicious actor can further obfuscate the redirect_uri using URL encoding, to hide the text of the actual malicious website domain.

Affected products

keycloak
  • <24.0.7
keycloak-core
rhbk/keycloak-rhel9
  • *
rhbk/keycloak-rhel9-operator
  • *
rhbk/keycloak-operator-bundle
  • *

Matching in nixpkgs

pkgs.keycloak

Identity and access management for modern applications and services

pkgs.terraform-providers.keycloak

pkgs.python311Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-darwin

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-darwin

Provides access to the Keycloak API

Package maintainers: 3

CVE-2024-5564
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 11 months, 2 weeks ago
Libndp: buffer overflow in route information length field

A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.

Affected products

libndp
  • *
  • <1.7-7

Matching in nixpkgs

pkgs.libndp

Library for Neighbor Discovery Protocol

pkgs.libndp.x86_64-linux

Library for Neighbor Discovery Protocol

pkgs.libndp.aarch64-linux

Library for Neighbor Discovery Protocol

CVE-2024-6239
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 11 months, 2 weeks ago
Poppler: pdfinfo: crash in broken documents when using -dests parameter

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.

Affected products

poppler
  • =<24.06.1
  • *
compat-poppler022
gimp:flatpak/poppler
  • *
inkscape:flatpak/poppler
  • *
libreoffice:flatpak/poppler
  • *

Matching in nixpkgs

pkgs.poppler_data

Encoding files for Poppler, a PDF rendering library

pkgs.libsForQt5.poppler.x86_64-linux

PDF rendering library

pkgs.libsForQt5.poppler.aarch64-linux

PDF rendering library

pkgs.libsForQt5.poppler.x86_64-darwin

PDF rendering library

pkgs.python311Packages.python-poppler

Python binding to poppler-cpp

pkgs.python312Packages.python-poppler

Python binding to poppler-cpp

pkgs.qt6Packages.poppler.x86_64-linux

PDF rendering library

pkgs.libsForQt5.poppler.aarch64-darwin

PDF rendering library

pkgs.qt6Packages.poppler.aarch64-linux

PDF rendering library

pkgs.qt6Packages.poppler.x86_64-darwin

PDF rendering library

pkgs.qt6Packages.poppler.aarch64-darwin

PDF rendering library

pkgs.haskellPackages.gi-poppler.x86_64-linux

Poppler bindings

pkgs.haskellPackages.gi-poppler.aarch64-linux

Poppler bindings

pkgs.haskellPackages.gi-poppler.x86_64-darwin

Poppler bindings

pkgs.haskellPackages.gi-poppler.aarch64-darwin

Poppler bindings

pkgs.python312Packages.poppler-qt5.x86_64-linux

pkgs.python312Packages.poppler-qt5.aarch64-linux

pkgs.python312Packages.poppler-qt5.x86_64-darwin

pkgs.python312Packages.poppler-qt5.aarch64-darwin

pkgs.python312Packages.python-poppler.x86_64-linux

Python binding to poppler-cpp

pkgs.python312Packages.python-poppler.aarch64-linux

Python binding to poppler-cpp

pkgs.python312Packages.python-poppler.x86_64-darwin

Python binding to poppler-cpp

pkgs.python312Packages.python-poppler.aarch64-darwin

Python binding to poppler-cpp

pkgs.tests.pkg-config.defaultPkgConfigPackages.poppler-glib

Test whether poppler-glib-24.02.0 exposes pkg-config modules poppler-glib

  • nixos-unstable ???
    • nixos-unstable-small
    • nixpkgs-unstable

Package maintainers: 3

CVE-2024-7143
created 11 months, 2 weeks ago
Pulpcore: rbac permissions incorrectly assigned in tasks that create objects

A flaw was found in the Pulp package. When a role-based access control (RBAC) object in Pulp is set to assign permissions on its creation, it uses the `AutoAddObjPermsMixin` (typically the add_roles_for_object_creator method). This method finds the object creator by checking the current authenticated user. For objects that are created within a task, this current user is set by the first user with any permissions on the task object. This means the oldest user with model/domain-level task permissions will always be set as the current user of a task, even if they didn't dispatch the task. Therefore, all objects created in tasks will have their permissions assigned to this oldest user, and the creating user will receive nothing.

Affected products

pulp
  • =<3.56.0
receptor
python-django
python-urllib3
python-pulpcore
python3x-django
python3x-urllib3
python3x-pulpcore
automation-controller
python-pulpcore-client
rubygem-pulpcore_client

Matching in nixpkgs

pkgs.pulp

A build system for PureScript projects

pkgs.python311Packages.pulp

Module to generate MPS or LP files

pkgs.python312Packages.pulp

Module to generate MPS or LP files

pkgs.python312Packages.pulp.x86_64-linux

Module to generate MPS or LP files

pkgs.python312Packages.pulp.aarch64-linux

Module to generate MPS or LP files

pkgs.python312Packages.pulp.x86_64-darwin

Module to generate MPS or LP files

pkgs.python312Packages.pulp.aarch64-darwin

Module to generate MPS or LP files

Package maintainers: 1

CVE-2024-6501
3.1 LOW
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 11 months, 2 weeks ago
Networkmanager: denial of service

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service.

Affected products

NetworkManager
  • <1.48.10-2
  • *

Matching in nixpkgs

pkgs.networkmanager-sstp

NetworkManager's sstp plugin

pkgs.networkmanager-vpnc

NetworkManager's VPNC plugin

pkgs.networkmanager-openvpn

NetworkManager's OpenVPN plugin

pkgs.networkmanager_strongswan

NetworkManager's strongswan plugin

pkgs.networkmanager-fortisslvpn

NetworkManager’s FortiSSL plugin

pkgs.networkmanager-openconnect

NetworkManager’s OpenConnect plugin

Package maintainers: 4

CVE-2024-56217
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 11 months, 2 weeks ago
WordPress Download Manager plugin <= 3.3.03 - Broken Access Control vulnerability

Missing Authorization vulnerability in W3 Eden, Inc. Download Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Manager: from n/a through 3.3.03.

Affected products

download-manager
  • =<3.3.03

Matching in nixpkgs

pkgs.lomiri.lomiri-download-manager

Performs uploads and downloads from a centralized location

pkgs.lomiri.lomiri-download-manager.x86_64-linux

Performs uploads and downloads from a centralized location

pkgs.lomiri.lomiri-download-manager.aarch64-linux

Performs uploads and downloads from a centralized location

Package maintainers: 1

CVE-2024-7700
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 11 months, 2 weeks ago
Foreman: command injection in "host init config" template via "install packages" field on foreman

A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. This flaw allows an attacker with the necessary privileges to inject arbitrary commands into the configuration, potentially allowing unauthorized command execution during host registration. Although this issue requires user interaction to execute injected commands, it poses a significant risk if an unsuspecting user runs the generated registration script.

Affected products

foreman

Matching in nixpkgs

pkgs.foreman

Process manager for applications with multiple components

Package maintainers: 1

CVE-2023-3597
5.0 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 11 months, 2 weeks ago
Keycloak: secondary factor bypass in step-up authentication

A flaw was found in Keycloak, where it does not correctly validate its client step-up authentication in org.keycloak.authentication. This flaw allows a remote user authenticated with a password to register a false second authentication factor along with an existing one and bypass authentication.

Affected products

keycloak
  • <22.0.10
  • <24.0.3
rhbk/keycloak-rhel9
  • *
rhbk/keycloak-rhel9-operator
  • *
rhbk/keycloak-operator-bundle
  • *

Matching in nixpkgs

pkgs.keycloak

Identity and access management for modern applications and services

pkgs.terraform-providers.keycloak

pkgs.python311Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-darwin

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-darwin

Provides access to the Keycloak API

Package maintainers: 3

CVE-2024-9774
created 11 months, 2 weeks ago
Python-sql: python-sql unary operators does not escape non-expression

A vulnerability was found in python-sql where unary operators do not escape non-Expression.

Affected products

python-sql
  • <1.5.2

Matching in nixpkgs

pkgs.python311Packages.python-sql

Library to write SQL queries in a pythonic way

pkgs.python312Packages.python-sql

Library to write SQL queries in a pythonic way

pkgs.python311Packages.ipython-sql

Introduces a %sql (or %%sql) magic

pkgs.python312Packages.ipython-sql

Introduces a %sql (or %%sql) magic

pkgs.python312Packages.python-sql.x86_64-linux

Library to write SQL queries in a pythonic way

pkgs.python312Packages.ipython-sql.x86_64-linux

Introduces a %sql (or %%sql) magic

pkgs.python312Packages.python-sql.aarch64-linux

Library to write SQL queries in a pythonic way

pkgs.python312Packages.python-sql.x86_64-darwin

Library to write SQL queries in a pythonic way

pkgs.python312Packages.ipython-sql.aarch64-linux

Introduces a %sql (or %%sql) magic

pkgs.python312Packages.ipython-sql.x86_64-darwin

Introduces a %sql (or %%sql) magic

pkgs.python312Packages.python-sql.aarch64-darwin

Library to write SQL queries in a pythonic way

pkgs.python312Packages.ipython-sql.aarch64-darwin

Introduces a %sql (or %%sql) magic

Package maintainers: 2

CVE-2024-45620
3.9 LOW
  • CVSS version: 3.1
  • Attack vector (AV): PHYSICAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 11 months, 2 weeks ago
Libopensc: incorrect handling of the length of buffers or files in pkcs15init

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.

Affected products

opensc
libopensc

Matching in nixpkgs

pkgs.opensc

Set of libraries and utilities to access smart cards

pkgs.openscap

NIST Certified SCAP 1.2 toolkit

pkgs.openscad-lsp

LSP (Language Server Protocol) server for OpenSCAD

pkgs.openscenegraph

3D graphics toolkit

pkgs.vscode-extensions.antyos.openscad

OpenSCAD highlighting, snippets, and more for VSCode

pkgs.vimPlugins.vim-openscad.x86_64-linux

pkgs.vimPlugins.vim-openscad.aarch64-linux

pkgs.vimPlugins.vim-openscad.x86_64-darwin

pkgs.vimPlugins.vim-openscad.aarch64-darwin

pkgs.vscode-extensions.antyos.openscad.x86_64-linux

OpenSCAD highlighting, snippets, and more for VSCode

pkgs.vscode-extensions.antyos.openscad.aarch64-linux

OpenSCAD highlighting, snippets, and more for VSCode

pkgs.vscode-extensions.antyos.openscad.x86_64-darwin

OpenSCAD highlighting, snippets, and more for VSCode

pkgs.vscode-extensions.antyos.openscad.aarch64-darwin

OpenSCAD highlighting, snippets, and more for VSCode

Package maintainers: 8