Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:
Compact
Detailed
Permalink CVE-2015-1340
created 2 months ago Activity log
  • Created suggestion 2 months ago
chmod race in doUidshiftIntoContainer

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice.

Affected products

LXD
  • <0.19-0ubuntu5

Matching in nixpkgs

pkgs.lxd-ui

Web user interface for LXD

pkgs.lxd-lts

Daemon based on liblxc offering a REST API to manage containers

pkgs.lxd-image-server

Creates and manages a simplestreams lxd image server on top of nginx

pkgs.lxd-unwrapped-lts

Daemon based on liblxc offering a REST API to manage containers

Package maintainers

Permalink CVE-2026-25596
4.8 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 2 months ago Activity log
  • Created suggestion 2 months ago
InvoicePlane has Stored XSS via Product Unit Name in Invoice Item List

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting (XSS) vulnerability exists in InvoicePlane 1.7.0 via the Product Unit Name fields. An authenticated administrator can inject malicious JavaScript that executes when any administrator views an invoice containing a product with the malicious unit. Version 1.7.1 patches the issue.

Affected products

InvoicePlane
  • ==<= 1.7.0

Matching in nixpkgs

pkgs.invoiceplane

Self-hosted open source application for managing your invoices, clients and payments

Package maintainers

Permalink CVE-2014-8184
created 2 months ago Activity log
  • Created suggestion 2 months ago
A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. …

A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened.

References

Affected products

liblouis
  • ==2.5.x before 2.5.4

Matching in nixpkgs

Package maintainers

Permalink CVE-2015-0837
created 2 months ago Activity log
  • Created suggestion 2 months ago
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before …

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."

Affected products

GnuPG
  • ==before 1.4.19
Libgcrypt
  • ==before 1.6.3

Matching in nixpkgs

pkgs.gnupg

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation

pkgs.gnupg1

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation with symbolic links for gpg and gpgv

pkgs.gnupg24

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation

pkgs.pam_gnupg

Unlock GnuPG keys on login

  • nixos-unstable 0.4
    • nixpkgs-unstable 0.4
    • nixos-unstable-small 0.4
  • nixos-25.11 0.4
    • nixos-25.11-small 0.4
    • nixpkgs-25.11-darwin 0.4

pkgs.gnupg1compat

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation with symbolic links for gpg and gpgv

Permalink CVE-2014-8271
created 2 months ago Activity log
  • Created suggestion 2 months ago
Buffer overflow in the Reclaim function in Tianocore EDK2 before …

Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name.

References

Affected products

EDK2
  • ==before SVN 16280

Matching in nixpkgs

Package maintainers

Permalink CVE-2013-3492
created 2 months ago Activity log
  • Created suggestion 2 months ago
XnView 2.03 has a stack-based buffer overflow vulnerability

XnView 2.03 has a stack-based buffer overflow vulnerability

References

Affected products

XnView
  • ==2.03

Matching in nixpkgs

pkgs.xnviewmp

Efficient multimedia viewer, browser and converter

Package maintainers

Permalink CVE-2013-3620
created 2 months ago Activity log
  • Created suggestion 2 months ago
Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with …

Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312.

Affected products

IPMI
  • ==before 3.15 (SMT_X9_315) and before SMT X8 312

Matching in nixpkgs

pkgs.freeipmi

Implementation of the Intelligent Platform Management Interface

pkgs.ipmiutil

Easy-to-use IPMI server management utility

pkgs.openipmi

User-level library that provides a higher-level abstraction of IPMI and generic services

Package maintainers

Permalink CVE-2015-5297
created 2 months ago Activity log
  • Created suggestion 2 months ago
An integer overflow issue has been reported in the general_composite_rect() …

An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code.

References

Affected products

pixman
  • ==0.32.8

Matching in nixpkgs

Permalink CVE-2013-2167
created 2 months ago Activity log
  • Created suggestion 2 months ago
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass

Affected products

python-keystoneclient
  • ==< 0.2.6

Matching in nixpkgs

Package maintainers

Permalink CVE-2026-24126
6.6 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 2 months ago Activity log
  • Created suggestion 2 months ago
Weblate has an argument injection in management console

Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to `ssh-add`. Version 5.16.0 fixes the issue. As a workaround, properly limit access to the management console.

Affected products

weblate
  • ==< 5.16.0

Matching in nixpkgs

pkgs.weblate

Web based translation tool with tight version control integration

Package maintainers