Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses

Filter by:

With package: haskellPackages.apportionment

Found 2 matching suggestions

View:

Compact

Detailed

Dismissed

Permalink CVE-2020-11936

3.1 LOW

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

updated 1 year, 3 months ago by @fricklerhandwerk Activity log

Created suggestion 1 year, 3 months ago
@fricklerhandwerk dismissed 1 year, 3 months ago

gdbus setgid privilege escalation

gdbus setgid privilege escalation

References

https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1885633 issue-tracking
https://www.cve.org/CVERecord?id=CVE-2020-11936 issue-tracking

Affected products

apport

<2.20.11-0ubuntu27.6

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Dismissed

Permalink CVE-2022-28653

7.5 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

updated 1 year, 3 months ago by @fricklerhandwerk Activity log

Created suggestion 1 year, 3 months ago
@fricklerhandwerk dismissed 1 year, 3 months ago

Users can consume unlimited disk space in /var/crash

Users can consume unlimited disk space in /var/crash

References

https://www.cve.org/CVERecord?id=CVE-2022-28653 issue-tracking

Affected products

apport

<2.21.0

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

1