Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses
Filter by:
With package: python314Packages.spectral-cube

Found 3 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-25957
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 2 months ago
Cube Denial of Service (DoS) - An authenticated attacker can crash the server by sending a specially crafted request

Cube is a semantic layer for building data applications. From 1.1.17 to before 1.5.13 and 1.4.2, it is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. This vulnerability is fixed in 1.5.13 and 1.4.2.

Affected products

cube
  • ==>= 1.5.0, < 1.5.13
  • ==>= 1.1.17, < 1.4.2

Matching in nixpkgs

pkgs.pascube

Simple OpenGL spinning cube written in Pascal

  • nixos-unstable -
    • nixpkgs-unstable 1.5.1
    • nixos-unstable-small 1.5.1
  • nixos-25.11 1.5.1
    • nixpkgs-25.11-darwin 1.5.1

pkgs.musikcube

Terminal-based music player, library, and streaming audio server

pkgs.classicube

Lightweight, custom Minecraft Classic/ClassiCube client with optional additions written from scratch in C

pkgs.stm32cubemx

Graphical tool for configuring STM32 microcontrollers and microprocessors

pkgs.spacenav-cube-example

Example application to test the spacenavd driver

  • nixos-unstable 1.2
    • nixpkgs-unstable 1.2
    • nixos-unstable-small 1.2
  • nixos-25.11 1.2
    • nixpkgs-25.11-darwin 1.2

Package maintainers

Untriaged
Permalink CVE-2026-25958
7.7 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 2 months ago
Cube privilege escalation via a specially crafted request

Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privilege escalation. This vulnerability is fixed in 1.5.13, 1.4.2, and 1.0.14.

Affected products

cube
  • ==>= 0.27.19, < 1.0.14
  • ==>= 1.1.0, < 1.4.2
  • ==>= 1.5.0, < 1.5.13

Matching in nixpkgs

pkgs.pascube

Simple OpenGL spinning cube written in Pascal

  • nixos-unstable -
    • nixpkgs-unstable 1.5.1
    • nixos-unstable-small 1.5.1
  • nixos-25.11 1.5.1
    • nixpkgs-25.11-darwin 1.5.1

pkgs.musikcube

Terminal-based music player, library, and streaming audio server

pkgs.classicube

Lightweight, custom Minecraft Classic/ClassiCube client with optional additions written from scratch in C

pkgs.stm32cubemx

Graphical tool for configuring STM32 microcontrollers and microprocessors

pkgs.spacenav-cube-example

Example application to test the spacenavd driver

  • nixos-unstable 1.2
    • nixpkgs-unstable 1.2
    • nixos-unstable-small 1.2
  • nixos-25.11 1.2
    • nixpkgs-25.11-darwin 1.2

Package maintainers

Untriaged
Permalink CVE-2026-24982
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 2 months, 1 week ago
WordPress Spectra plugin <= 2.19.17 - Broken Access Control vulnerability

Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.17.

Affected products

ultimate-addons-for-gutenberg
  • =<<= 2.19.17

Matching in nixpkgs

pkgs.spectra

C++ library for large scale eigenvalue problems, built on top of Eigen

pkgs.python314Packages.spectra

Python library that makes color math, color scales, and color-space conversion easy

  • nixos-unstable -
    • nixpkgs-unstable 0.1.0
    • nixos-unstable-small 0.1.0

Package maintainers