Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses
Filter by:
With package: inputplumber

Found 2 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2025-14338
created 3 months ago
Polkit authentication dis isabled by default in inputplumber

Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005.

Affected products

inputplumber
  • <0.63.0

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2025-66005
created 3 months ago
Lack of Authentication in the InputManager D-Bus interface

Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session.

Affected products

inputplumber
  • <0.63.0

Matching in nixpkgs

Package maintainers