Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses

Filter by:

With package: abseil-cpp_202401

Found 2 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2025-53242

9.8 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 2 months, 4 weeks ago

WordPress Seil Theme <= 1.7.1 - Deserialization of untrusted data Vulnerability

Deserialization of Untrusted Data vulnerability in VictorThemes Seil seil allows Object Injection.This issue affects Seil: from n/a through <= 1.7.1.

References

Affected products

seil

=<<= 1.7.1

Matching in nixpkgs

pkgs.seilfahrt

Tool to create a wiki page from a HedgeDoc

nixos-unstable 2.1.1
- nixpkgs-unstable 2.1.1
- nixos-unstable-small 2.1.1
nixos-25.11 2.1.1
- nixpkgs-25.11-darwin 2.1.1

pkgs.abseil-cpp

Open-source collection of C++ code designed to augment the C++ standard library

nixos-25.11 20250814.1
- nixpkgs-25.11-darwin 20250814.1

pkgs.abseil-cpp_202103

Open-source collection of C++ code designed to augment the C++ standard library

nixos-unstable 20210324.2
- nixpkgs-unstable 20210324.2
- nixos-unstable-small 20210324.2
nixos-25.11 20210324.2
- nixpkgs-25.11-darwin 20210324.2

pkgs.abseil-cpp_202301

Open-source collection of C++ code designed to augment the C++ standard library

nixos-unstable 20230125.4
- nixpkgs-unstable 20230125.4
- nixos-unstable-small 20230125.4

pkgs.abseil-cpp_202401

Open-source collection of C++ code designed to augment the C++ standard library

nixos-unstable 20240116.3
- nixpkgs-unstable 20240116.3
- nixos-unstable-small 20240116.3
nixos-25.11 20240116.3
- nixpkgs-25.11-darwin 20240116.3

pkgs.abseil-cpp_202407

Open-source collection of C++ code designed to augment the C++ standard library

nixos-unstable 20240722.1
- nixpkgs-unstable 20240722.1
- nixos-unstable-small 20240722.1
nixos-25.11 20240722.1
- nixpkgs-25.11-darwin 20240722.1

pkgs.abseil-cpp_202501

Open-source collection of C++ code designed to augment the C++ standard library

nixos-unstable 20250512.1
- nixpkgs-unstable 20250512.1
- nixos-unstable-small 20250512.1

pkgs.abseil-cpp_202505

Open-source collection of C++ code designed to augment the C++ standard library

nixos-25.11 20250512.1
- nixpkgs-25.11-darwin 20250512.1

pkgs.python312Packages.pybind11-abseil

Pybind11 bindings for the Abseil C++ Common Libraries

nixos-unstable pybind11-abseil-202402.0
- nixpkgs-unstable pybind11-abseil-202402.0
- nixos-unstable-small pybind11-abseil-202402.0
nixos-25.11 pybind11-abseil-202402.0
- nixpkgs-25.11-darwin pybind11-abseil-202402.0

pkgs.python313Packages.pybind11-abseil

Pybind11 bindings for the Abseil C++ Common Libraries

nixos-unstable pybind11-abseil-202402.0
- nixpkgs-unstable pybind11-abseil-202402.0
- nixos-unstable-small pybind11-abseil-202402.0
nixos-25.11 pybind11-abseil-202402.0
- nixpkgs-25.11-darwin pybind11-abseil-202402.0

Package maintainers

@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@andersk Anders Kaseorg <andersk@mit.edu>
@wegank Weijia Wang <contact@weijia.wang>
@peterablehmann XGWQ <nixos.xgwq@xnee.net>

Untriaged

Permalink CVE-2025-0838

created 1 year, 1 month ago

Heap Buffer overflow in Abseil

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

References

Affected products

abseil-cpp

<5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

Matching in nixpkgs

pkgs.abseil-cpp_202103

Open-source collection of C++ code designed to augment the C++ standard library

nixos-unstable 20210324.2
- nixpkgs-unstable 20210324.2
- nixos-unstable-small 20210324.2

pkgs.abseil-cpp_202301

Open-source collection of C++ code designed to augment the C++ standard library

nixos-unstable 20230125.4
- nixpkgs-unstable 20230125.4
- nixos-unstable-small 20230125.4

pkgs.abseil-cpp_202401

Open-source collection of C++ code designed to augment the C++ standard library

nixos-unstable 20240116.2
- nixpkgs-unstable 20240116.2
- nixos-unstable-small 20240116.2

pkgs.abseil-cpp_202407

Open-source collection of C++ code designed to augment the C++ standard library

nixos-unstable 20240722.0
- nixpkgs-unstable 20240722.0
- nixos-unstable-small 20240722.0

Package maintainers

@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@andersk Anders Kaseorg <andersk@mit.edu>

1