Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2026-22863

created 3 months ago

Deno node:crypto doesn't finalize cipher

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.6.0, node:crypto doesn't finalize cipher. The vulnerability allows an attacker to have infinite encryptions. This can lead to naive attempts at brute forcing, as well as more refined attacks with the goal to learn the server secrets. This vulnerability is fixed in 2.6.0.

References

https://github.com/denoland/deno/security/advisories/GHSA-5379-f5hf-w38v x_refsource_CONFIRM
https://github.com/denoland/deno/releases/tag/v2.6.0 x_refsource_MISC

Affected products

deno

==< 2.6.0

Matching in nixpkgs

pkgs.deno

Secure runtime for JavaScript and TypeScript

nixos-unstable 2.4.2
- nixpkgs-unstable 2.4.3
- nixos-unstable-small 2.4.3
nixos-25.11 2.5.6
- nixpkgs-25.11-darwin 2.5.6

pkgs.speech-denoiser

Speech denoise lv2 plugin based on RNNoise library

nixos-unstable 0-unstable-2018-10-08
- nixpkgs-unstable 0-unstable-2018-10-08
- nixos-unstable-small 0-unstable-2018-10-08
nixos-25.11 0-unstable-2018-10-08
- nixpkgs-25.11-darwin 0-unstable-2018-10-08

pkgs.openimagedenoise

High-Performance Denoising Library for Ray Tracing

nixos-unstable 2.3.3
- nixpkgs-unstable 2.3.3
- nixos-unstable-small 2.3.3
nixos-25.11 2.3.3
- nixpkgs-25.11-darwin 2.3.3

pkgs.terraform-providers.deno

None

nixos-unstable 0.1.0
- nixpkgs-unstable 0.1.0
- nixos-unstable-small 0.1.0

pkgs.python312Packages.denonavr

Automation Library for Denon AVR receivers

nixos-unstable 1.1.2
- nixpkgs-unstable 1.1.2
- nixos-unstable-small 1.1.2
nixos-25.11 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.python313Packages.denonavr

Automation Library for Denon AVR receivers

nixos-unstable 1.1.2
- nixpkgs-unstable 1.1.2
- nixos-unstable-small 1.1.2
nixos-25.11 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.haskellPackages.pandoc-sidenote

Convert Pandoc Markdown-style footnotes into sidenotes

nixos-unstable 0.23.0.0
- nixpkgs-unstable 0.23.0.0
- nixos-unstable-small 0.23.0.0
nixos-25.11 0.23.0.0
- nixpkgs-25.11-darwin 0.23.0.0

pkgs.terraform-providers.denoland_deno

None

nixos-25.11 0.1.0
- nixpkgs-25.11-darwin 0.1.0

pkgs.gnomeExtensions.denon-avr-controler

Denon AVR controler

nixos-unstable 11
- nixpkgs-unstable 11
- nixos-unstable-small 11
nixos-25.11 12
- nixpkgs-25.11-darwin 12

pkgs.python312Packages.bnunicodenormalizer

Bangla Unicode Normalization Toolkit

nixos-unstable 0.1.7
- nixpkgs-unstable 0.1.7
- nixos-unstable-small 0.1.7
nixos-25.11 0.1.7
- nixpkgs-25.11-darwin 0.1.7

pkgs.python313Packages.bnunicodenormalizer

Bangla Unicode Normalization Toolkit

nixos-unstable 0.1.7
- nixpkgs-unstable 0.1.7
- nixos-unstable-small 0.1.7
nixos-25.11 0.1.7
- nixpkgs-25.11-darwin 0.1.7

pkgs.vscode-extensions.denoland.vscode-deno

Language server client for Deno

nixos-unstable 3.45.0
- nixpkgs-unstable 3.45.0
- nixos-unstable-small 3.45.0
nixos-25.11 3.46.1
- nixpkgs-25.11-darwin 3.46.1

pkgs.home-assistant-component-tests.denonavr

Open source home automation that puts local control and privacy first

nixos-unstable 2025.8.0
- nixpkgs-unstable 2025.8.0
- nixos-unstable-small 2025.8.0
nixos-25.11 2025.11.3
- nixpkgs-25.11-darwin 2025.11.3

Package maintainers

@06kellyjac Jack <hello+nixpkgs@j-k.io>
@ofalvai Olivér Falvai <ofalvai@gmail.com>
@honnip Jung seungwoo <me@honnip.page>
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
@LeshaInc Alexey Nikashkin <leshainc@fomalhaut.me>
@Mic92 Jörg Thalheim <joerg@thalheim.io>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@ratsclub Victor Freire <victor@freire.dev.br>