Nixpkgs security tracker

Permalink CVE-2015-7556

created 2 months ago Activity log

Created suggestion 2 months ago

DeleGate 9.9.13 allows local users to gain privileges as demonstrated …

DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program.

References

http://www.vapidlabs.com/advisory.php?v=159 x_transferredx_refsource_MISC
http://seclists.org/fulldisclosure/2015/Dec/123 x_transferredx_refsource_MISC

Affected products

DeleGate

==9.9.13

Matching in nixpkgs

pkgs.python312Packages.lazr-delegates

Easily write objects that delegate behavior

nixos-25.11 2.1.1
- nixos-25.11-small 2.1.1
- nixpkgs-25.11-darwin 2.1.1

pkgs.python313Packages.lazr-delegates

Easily write objects that delegate behavior

nixos-unstable 2.1.1
- nixpkgs-unstable 2.1.1
- nixos-unstable-small 2.1.1
nixos-25.11 2.1.1
- nixos-25.11-small 2.1.1
- nixpkgs-25.11-darwin 2.1.1

pkgs.python314Packages.lazr-delegates

Easily write objects that delegate behavior

nixos-unstable 2.1.1
- nixpkgs-unstable 2.1.1
- nixos-unstable-small 2.1.1

pkgs.haskellPackages.wai-middleware-delegate

WAI middleware that delegates handling of requests

nixos-unstable 0.2.0.1
- nixpkgs-unstable 0.2.0.1
- nixos-unstable-small 0.2.0.1
nixos-25.11 0.2.0.1
- nixos-25.11-small 0.2.0.1
- nixpkgs-25.11-darwin 0.2.0.1

Permalink CVE-2014-2369

created 2 months ago Activity log

Created suggestion 2 months ago

Cross-site request forgery (CSRF) vulnerability in the web application on …

Cross-site request forgery (CSRF) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

References

http://ics-cert.us-cert.gov/advisories/ICSA-14-203-01 x_transferredx_refsource_MISC
https://www.cisa.gov/news-events/ics-advisories/icsa-14-203-01
https://automation.omron.com/en/us/products/

Affected products

NS5

<8.68x

NS8

<8.68x

n/a

==n/a

NS10

<8.68x

NS12

<8.68x

NS15

<8.68x

Matching in nixpkgs

pkgs.tests.fetchpatch.fileWithSpace

None

nixos-25.11 qg6lzm9a3ns8
- nixos-25.11-small qg6lzm9a3ns8
- nixpkgs-25.11-darwin qg6lzm9a3ns8

Permalink CVE-2013-0192

created 2 months ago Activity log

Created suggestion 2 months ago

File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin …

File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.

References

http://www.openwall.com/lists/oss-security/2013/02/01/4 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2013/01/17/5 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2013/01/31/1 x_transferredx_refsource_MISC

Affected products

SMF

==<= 2.0.3

Matching in nixpkgs

pkgs.smfh

Sleek Manifest File Handler

nixos-unstable 1.3
- nixpkgs-unstable 1.3
- nixos-unstable-small 1.3
nixos-25.11 1.3
- nixos-25.11-small 1.4
- nixpkgs-25.11-darwin 1.3

pkgs.asmfmt

Go assembler formatter

nixos-unstable 1.3.2
- nixpkgs-unstable 1.3.2
- nixos-unstable-small 1.3.2
nixos-25.11 1.3.2
- nixos-25.11-small 1.3.2
- nixpkgs-25.11-darwin 1.3.2

pkgs.libsmf

C library for reading and writing Standard MIDI Files

nixos-unstable 1.3
- nixpkgs-unstable 1.3
- nixos-unstable-small 1.3
nixos-25.11 1.3
- nixos-25.11-small 1.3
- nixpkgs-25.11-darwin 1.3

pkgs.nasmfmt

Formatter for NASM source files

nixos-unstable 2022-09-15
- nixpkgs-unstable 2022-09-15
- nixos-unstable-small 2022-09-15
nixos-25.11 2022-09-15
- nixos-25.11-small 2022-09-15
- nixpkgs-25.11-darwin 2022-09-15

pkgs.mt32emu-smf2wav

Produces a WAVE file from a Standard MIDI file (SMF)

nixos-unstable smf2wav-1.9.0
- nixpkgs-unstable smf2wav-1.9.0
- nixos-unstable-small smf2wav-1.9.0
nixos-25.11 smf2wav-1.9.0
- nixos-25.11-small smf2wav-1.9.0
- nixpkgs-25.11-darwin smf2wav-1.9.0

pkgs.python312Packages.pysmf

Python extension module for reading and writing Standard MIDI Files, based on libsmf

nixos-25.11 0.1.1
- nixos-25.11-small 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.python313Packages.pysmf

Python extension module for reading and writing Standard MIDI Files, based on libsmf

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1
nixos-25.11 0.1.1
- nixos-25.11-small 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.python314Packages.pysmf

Python extension module for reading and writing Standard MIDI Files, based on libsmf

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1

pkgs.tests.fetchFromGitHub.rootDir

None

nixos-unstable smfyc8dzpa0l
- nixpkgs-unstable smfyc8dzpa0l
- nixos-unstable-small smfyc8dzpa0l

Package maintainers

@kalbasit Wael Nasreddine <wael.nasreddine@gmail.com>
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
@NotAShelf NotAShelf <raf@notashelf.dev>
@eclairevoyant éclairevoyant
@Gerg-L Greg Leyda <gregleyda@proton.me>

Permalink CVE-2013-4532

created 2 months ago Activity log

Created suggestion 2 months ago

Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which …

Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

References

https://security-tracker.debian.org/tracker/CVE-2013-4532 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4532 x_transferredx_refsource_MISC
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4532 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2013-4532 x_transferredx_refsource_MISC
http://www.ubuntu.com/usn/USN-2342-1 x_transferredx_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739589 x_transferredx_refsource_MISC
https://github.com/qemu/qemu/commit/2e1198672759eda6e122ff38fcf6df06f27e0fe2 x_transferredx_refsource_MISC

Affected products

qemu

==1.1.2+dfsg to 2.1+dfsg

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable 10.2.0
- nixpkgs-unstable 10.2.0
- nixos-unstable-small 10.2.0
nixos-25.11 10.1.2
- nixos-25.11-small 10.1.2
- nixpkgs-25.11-darwin 10.1.2

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable 10.2.0
- nixpkgs-unstable 10.2.0
- nixos-unstable-small 10.2.0
nixos-25.11 10.1.2
- nixos-25.11-small 10.1.2
- nixpkgs-25.11-darwin 10.1.2

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable 10.2.0
- nixpkgs-unstable 10.2.0
- nixos-unstable-small 10.2.0
nixos-25.11 10.1.2
- nixos-25.11-small 10.1.2
- nixpkgs-25.11-darwin 10.1.2

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable 10.2.0
- nixpkgs-unstable 10.2.0
- nixos-unstable-small 10.2.0
nixos-25.11 10.1.2
- nixos-25.11-small 10.1.2
- nixpkgs-25.11-darwin 10.1.2

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable 10.2.0
- nixpkgs-unstable 10.2.0
- nixos-unstable-small 10.2.0
nixos-25.11 10.1.2
- nixos-25.11-small 10.1.2
- nixpkgs-25.11-darwin 10.1.2

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable 10.2.0
- nixpkgs-unstable 10.2.0
- nixos-unstable-small 10.2.0
nixos-25.11 10.1.2
- nixos-25.11-small 10.1.2
- nixpkgs-25.11-darwin 10.1.2

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable 10.2.0
- nixpkgs-unstable 10.2.0
- nixos-unstable-small 10.2.0
nixos-25.11 10.1.2
- nixos-25.11-small 10.1.2
- nixpkgs-25.11-darwin 10.1.2

pkgs.canokey-qemu

CanoKey QEMU Virt Card

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable x86_defconfig-2025.10
- nixpkgs-unstable x86_defconfig-2025.10
- nixos-unstable-small x86_defconfig-2025.10
nixos-25.11 x86_defconfig-2025.10
- nixos-25.11-small x86_defconfig-2025.10
- nixpkgs-25.11-darwin x86_defconfig-2025.10

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable x86_64_defconfig-2025.10
- nixpkgs-unstable x86_64_defconfig-2025.10
- nixos-unstable-small x86_64_defconfig-2025.10
nixos-25.11 x86_64_defconfig-2025.10
- nixos-25.11-small x86_64_defconfig-2025.10
- nixpkgs-25.11-darwin x86_64_defconfig-2025.10

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable qemu_arm64_defconfig-2025.10
- nixpkgs-unstable qemu_arm64_defconfig-2025.10
- nixos-unstable-small qemu_arm64_defconfig-2025.10
nixos-25.11 qemu_arm64_defconfig-2025.10
- nixos-25.11-small qemu_arm64_defconfig-2025.10
- nixpkgs-25.11-darwin qemu_arm64_defconfig-2025.10

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable 0.6.1.0a1
- nixpkgs-unstable 0.6.1.0a1
- nixos-unstable-small 0.6.1.0a1
nixos-25.11 0.6.1.0a1
- nixos-25.11-small 0.6.1.0a1
- nixpkgs-25.11-darwin 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable 2.13.0
- nixpkgs-unstable 2.13.0
- nixos-unstable-small 2.13.0
nixos-25.11 2.13.0
- nixos-25.11-small 2.13.0
- nixpkgs-25.11-darwin 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-25.11 0.6.1.0a1
- nixos-25.11-small 0.6.1.0a1
- nixpkgs-25.11-darwin 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable 0.6.1.0a1
- nixpkgs-unstable 0.6.1.0a1
- nixos-unstable-small 0.6.1.0a1
nixos-25.11 0.6.1.0a1
- nixos-25.11-small 0.6.1.0a1
- nixpkgs-25.11-darwin 0.6.1.0a1

pkgs.python314Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable 0.6.1.0a1
- nixpkgs-unstable 0.6.1.0a1
- nixos-unstable-small 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-25.11 0.0.5
- nixos-25.11-small 0.0.5
- nixpkgs-25.11-darwin 0.0.5

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable 0.0.5
- nixpkgs-unstable 0.0.5
- nixos-unstable-small 0.0.5
nixos-25.11 0.0.5
- nixos-25.11-small 0.0.5
- nixpkgs-25.11-darwin 0.0.5

pkgs.python314Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable 0.0.5
- nixpkgs-unstable 0.0.5
- nixos-unstable-small 0.0.5

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@DavHau David Hauer <d.hauer.it@gmail.com>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@alyssais Alyssa Ross <hi@alyssa.is>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@digitalrane Rane <rane+git@junkyard.systems>
@hehongbo Hongbo
@bartsch Daniel Martin <consume.noise@gmail.com>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>

Permalink CVE-2014-4859

created 2 months ago Activity log

Created suggestion 2 months ago

Integer overflow in the Drive Execution Environment (DXE) phase in …

Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data.

References

http://www.kb.cert.org/vuls/id/552286 x_transferredx_refsource_MISC

Affected products

BIOS

==unknown

SCT3

==before 5/23/2014

Matching in nixpkgs

pkgs.seabios

Open source implementation of a 16bit x86 BIOS

nixos-unstable 1.17.0
- nixpkgs-unstable 1.17.0
- nixos-unstable-small 1.17.0
nixos-25.11 1.17.0
- nixos-25.11-small 1.17.0
- nixpkgs-25.11-darwin 1.17.0

pkgs.libsmbios

Library to obtain BIOS information

nixos-unstable 2.4.3
- nixpkgs-unstable 2.4.3
- nixos-unstable-small 2.4.3
nixos-25.11 2.4.3
- nixos-25.11-small 2.4.3
- nixpkgs-25.11-darwin 2.4.3

pkgs.biosdevname

Udev helper for naming devices per BIOS names

nixos-unstable 0.7.3
- nixpkgs-unstable 0.7.3
- nixos-unstable-small 0.7.3
nixos-25.11 0.7.3
- nixos-25.11-small 0.7.3
- nixpkgs-25.11-darwin 0.7.3

pkgs.seabios-csm

Open source implementation of a 16bit x86 BIOS

nixos-unstable 1.17.0
- nixpkgs-unstable 1.17.0
- nixos-unstable-small 1.17.0
nixos-25.11 1.17.0
- nixos-25.11-small 1.17.0
- nixpkgs-25.11-darwin 1.17.0

pkgs.seabios-qemu

Open source implementation of a 16bit x86 BIOS

nixos-unstable 1.17.0
- nixpkgs-unstable 1.17.0
- nixos-unstable-small 1.17.0
nixos-25.11 1.17.0
- nixos-25.11-small 1.17.0
- nixpkgs-25.11-darwin 1.17.0

pkgs.seabios-coreboot

Open source implementation of a 16bit x86 BIOS

nixos-unstable 1.17.0
- nixpkgs-unstable 1.17.0
- nixos-unstable-small 1.17.0
nixos-25.11 1.17.0
- nixos-25.11-small 1.17.0
- nixpkgs-25.11-darwin 1.17.0

pkgs.dell-bios-fan-control

Simple tool to enable or disable the SMBIOS (auto) fan control on various Dell laptops

nixos-unstable 0-unstable-2022-01-19
- nixpkgs-unstable 0-unstable-2022-01-19
- nixos-unstable-small 0-unstable-2022-01-19

pkgs.haskellPackages.hie-bios

Set up a GHC API session

nixos-unstable 0.17.0
- nixpkgs-unstable 0.17.0
- nixos-unstable-small 0.17.0
nixos-25.11 0.17.0
- nixos-25.11-small 0.17.0
- nixpkgs-25.11-darwin 0.17.0

pkgs.python312Packages.biosppy

Biosignal Processing in Python

nixos-25.11 2.2.4
- nixos-25.11-small 2.2.4
- nixpkgs-25.11-darwin 2.2.4

pkgs.python313Packages.biosppy

Biosignal Processing in Python

nixos-unstable 2.2.4
- nixpkgs-unstable 2.2.4
- nixos-unstable-small 2.2.4
nixos-25.11 2.2.4
- nixos-25.11-small 2.2.4
- nixpkgs-25.11-darwin 2.2.4

pkgs.python314Packages.biosppy

Biosignal Processing in Python

nixos-unstable 2.2.4
- nixpkgs-unstable 2.2.4
- nixos-unstable-small 2.2.4

pkgs.gnomeExtensions.one-click-bios

Restart into firmware settings directly from OS

nixos-unstable 8
- nixpkgs-unstable 8
- nixos-unstable-small 8
nixos-25.11 8
- nixos-25.11-small 8
- nixpkgs-25.11-darwin 8

pkgs.vscode-extensions.fabiospampinato.vscode-open-in-github

VS Code extension to open the current project or file in github.com

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0
nixos-25.11 2.4.0
- nixos-25.11-small 2.4.0
- nixpkgs-25.11-darwin 2.4.0

Package maintainers

@honnip Jung seungwoo <me@honnip.page>
@genga898 Emmanuel Genga <genga898@gmail.com>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@rickyelopez Ricky

Permalink CVE-2013-0294

created 2 months ago Activity log

Created suggestion 2 months ago

packet.py in pyrad before 2.1 uses weak random numbers to …

packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.

References

https://bugzilla.redhat.com/show_bug.cgi?id=911682 x_transferredx_refsource_CONFIRM
https://github.com/wichert/pyrad/commit/38f74b36814ca5b1a27d9898141126af4953bee5 x_transferredx_refsource_CONFIRM
http://www.securityfocus.com/bid/57984 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2013/02/15/13 x_transferredx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/82133 x_transferredx_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116567… x_transferredx_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115705… x_transferredx_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115677… x_transferredx_refsource_CONFIRM

Affected products

pyrad

==before 2.1

Matching in nixpkgs

pkgs.pyradio

Curses based internet radio player

nixos-unstable 0.9.3.11.27
- nixpkgs-unstable 0.9.3.11.27
- nixos-unstable-small 0.9.3.11.27
nixos-25.11 0.9.3.11.27
- nixos-25.11-small 0.9.3.11.27
- nixpkgs-25.11-darwin 0.9.3.11.27

pkgs.python312Packages.pyrad

Python RADIUS Implementation

nixos-25.11 2.4-unstable-2024-07-24
- nixos-25.11-small 2.4-unstable-2024-07-24
- nixpkgs-25.11-darwin 2.4-unstable-2024-07-24

pkgs.python313Packages.pyrad

Python RADIUS Implementation

nixos-unstable 2.4-unstable-2025-12-02
- nixpkgs-unstable 2.4-unstable-2025-12-02
- nixos-unstable-small 2.4-unstable-2025-12-02
nixos-25.11 2.4-unstable-2024-07-24
- nixos-25.11-small 2.4-unstable-2024-07-24
- nixpkgs-25.11-darwin 2.4-unstable-2024-07-24

pkgs.python314Packages.pyrad

Python RADIUS Implementation

nixos-unstable 2.4-unstable-2025-12-02
- nixpkgs-unstable 2.4-unstable-2025-12-02
- nixos-unstable-small 2.4-unstable-2025-12-02

pkgs.python312Packages.pyradios

Python client for the https://api.radio-browser.info

nixos-25.11 2.1.1
- nixos-25.11-small 2.1.1
- nixpkgs-25.11-darwin 2.1.1

pkgs.python313Packages.pyradios

Python client for the https://api.radio-browser.info

nixos-unstable 2.1.1
- nixpkgs-unstable 2.1.1
- nixos-unstable-small 2.1.1
nixos-25.11 2.1.1
- nixos-25.11-small 2.1.1
- nixpkgs-25.11-darwin 2.1.1

pkgs.python314Packages.pyradios

Python client for the https://api.radio-browser.info

nixos-unstable 2.1.1
- nixpkgs-unstable 2.1.1
- nixos-unstable-small 2.1.1

pkgs.python312Packages.pyradiomics

Extraction of Radiomics features from 2D and 3D images and binary masks

nixos-25.11 3.1.0
- nixos-25.11-small 3.1.0
- nixpkgs-25.11-darwin 3.1.0

pkgs.python313Packages.pyradiomics

Extraction of Radiomics features from 2D and 3D images and binary masks

nixos-unstable 3.1.0
- nixpkgs-unstable 3.1.0
- nixos-unstable-small 3.1.0
nixos-25.11 3.1.0
- nixos-25.11-small 3.1.0
- nixpkgs-25.11-darwin 3.1.0

pkgs.python314Packages.pyradiomics

Extraction of Radiomics features from 2D and 3D images and binary masks

nixos-unstable 3.1.0
- nixpkgs-unstable 3.1.0
- nixos-unstable-small 3.1.0

pkgs.pkgsRocm.python3Packages.pyradiomics

Extraction of Radiomics features from 2D and 3D images and binary masks

nixos-unstable 3.1.0
- nixpkgs-unstable 3.1.0
- nixos-unstable-small 3.1.0
nixos-25.11 3.1.0
- nixos-25.11-small 3.1.0
- nixpkgs-25.11-darwin 3.1.0

Package maintainers

@yayayayaka Yaya <github@uwu.is>
@contrun B YI <uuuuuu@protonmail.com>
@drawbu Clément Boillot <nixpkgs@drawbu.dev>
@bcdarwin Ben Darwin <bcdarwin@gmail.com>

Permalink CVE-2013-2159

created 2 months ago Activity log

Created suggestion 2 months ago

Monkey HTTP Daemon: broken user name authentication

References

https://security-tracker.debian.org/tracker/CVE-2013-2159 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2013/06/07/4 x_transferredx_refsource_MISC
http://www.securityfocus.com/bid/60415 x_transferredx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/85138 x_transferredx_refsource_MISC

Affected products

monkey

==< 1.2.2

Matching in nixpkgs

pkgs.cloudmonkey

CLI for Apache CloudStack

nixos-unstable 6.5.0
- nixpkgs-unstable 6.5.0
- nixos-unstable-small 6.5.0
nixos-25.11 6.5.0
- nixos-25.11-small 6.5.0
- nixpkgs-25.11-darwin 6.5.0

pkgs.monkeysAudio

APE codec and decompressor

nixos-unstable 12.09
- nixpkgs-unstable 12.13
- nixos-unstable-small 12.13
nixos-25.11 11.87
- nixos-25.11-small 11.87
- nixpkgs-25.11-darwin 11.87

pkgs.monkeysphere

Leverage the OpenPGP web of trust for SSH and TLS authentication

nixos-unstable 0.44
- nixpkgs-unstable 0.44
- nixos-unstable-small 0.44
nixos-25.11 0.44
- nixos-25.11-small 0.44
- nixpkgs-25.11-darwin 0.44

pkgs.monkeys-audio

APE codec and decompressor

nixos-unstable 12.09
- nixpkgs-unstable 12.13
- nixos-unstable-small 12.13

pkgs.spidermonkey_91

Mozilla's JavaScript engine written in C/C++

pkgs.spidermonkey_115

Mozilla's JavaScript engine written in C/C++

nixos-unstable 115.28.0
- nixpkgs-unstable 115.28.0
- nixos-unstable-small 115.28.0
nixos-25.11 115.28.0
- nixos-25.11-small 115.28.0
- nixpkgs-25.11-darwin 115.28.0

pkgs.spidermonkey_128

Mozilla's JavaScript engine written in C/C++

nixos-unstable 128.14.0
- nixpkgs-unstable 128.14.0
- nixos-unstable-small 128.14.0
nixos-25.11 128.14.0
- nixos-25.11-small 128.14.0
- nixpkgs-25.11-darwin 128.14.0

pkgs.spidermonkey_140

Mozilla's JavaScript engine written in C/C++

nixos-unstable 140.6.0
- nixpkgs-unstable 140.6.0
- nixos-unstable-small 140.6.0
nixos-25.11 140.5.0
- nixos-25.11-small 140.5.0
- nixpkgs-25.11-darwin 140.5.0

pkgs.haskellPackages.jmonkey

Jmonkey is very restricted but handy EDSL for JavaScript

nixos-unstable 0.1.0.1
- nixpkgs-unstable 0.1.0.1
- nixos-unstable-small 0.1.0.1
nixos-25.11 0.1.0.1
- nixos-25.11-small 0.1.0.1
- nixpkgs-25.11-darwin 0.1.0.1

pkgs.gnomeExtensions.monkeybar

See your weekly Monkeytype typing activity in top bar

nixos-unstable 9
- nixpkgs-unstable 9
- nixos-unstable-small 9
nixos-25.11 4
- nixos-25.11-small 4
- nixpkgs-25.11-darwin 4

pkgs.python312Packages.monkeyhex

Small library to assist users of the python shell who work in contexts where printed numbers are more usefully viewed in hexadecimal

nixos-25.11 1.7.4
- nixos-25.11-small 1.7.4
- nixpkgs-25.11-darwin 1.7.4

pkgs.perlPackages.MockMonkeyPatch

Monkey patching with test mocking in mind

nixos-unstable 1.02
- nixpkgs-unstable 1.02
- nixos-unstable-small 1.02
nixos-25.11 1.02
- nixos-25.11-small 1.02
- nixpkgs-25.11-darwin 1.02

pkgs.python312Packages.monkeytype

Python library that generates static type annotations by collecting runtime types

nixos-25.11 23.3.0
- nixos-25.11-small 23.3.0
- nixpkgs-25.11-darwin 23.3.0

pkgs.python313Packages.monkeytype

Python library that generates static type annotations by collecting runtime types

nixos-unstable 23.3.0
- nixpkgs-unstable 23.3.0
- nixos-unstable-small 23.3.0
nixos-25.11 23.3.0
- nixos-25.11-small 23.3.0
- nixpkgs-25.11-darwin 23.3.0

pkgs.python314Packages.monkeytype

Python library that generates static type annotations by collecting runtime types

nixos-unstable 23.3.0
- nixpkgs-unstable 23.3.0
- nixos-unstable-small 23.3.0

pkgs.perl5Packages.MockMonkeyPatch

Monkey patching with test mocking in mind

nixos-unstable 1.02
- nixpkgs-unstable 1.02
- nixos-unstable-small 1.02

pkgs.perl538Packages.MockMonkeyPatch

Monkey patching with test mocking in mind

nixos-25.11 1.02
- nixos-25.11-small 1.02
- nixpkgs-25.11-darwin 1.02

pkgs.perl540Packages.MockMonkeyPatch

Monkey patching with test mocking in mind

nixos-25.11 1.02
- nixos-25.11-small 1.02
- nixpkgs-25.11-darwin 1.02

Package maintainers

@womfoo Kranium Gikos Mendoza <kranium@gikos.net>
@doronbehar Doron Behar <me@doronbehar.com>
@primeos Michael Weiss <dev.primeos@gmail.com>
@Pamplemousse Xavier Maso <xav.maso@gmail.com>
@drupol Pol Dellaiera <pol.dellaiera@protonmail.com>
@catap Kirill A. Korinsky <kirill@korins.ky>
@abbradar Nikolay Amiantov <ab@fmap.me>
@lostnet Will Young <lost.networking@gmail.com>
@honnip Jung seungwoo <me@honnip.page>
@bobby285271 Bobby Rong <rjl931189261@126.com>

Permalink CVE-2013-1689

created 2 months ago Activity log

Created suggestion 2 months ago

Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause …

Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.

References

https://security-tracker.debian.org/tracker/CVE-2013-1689 x_transferredx_refsource_MISC
https://bugzilla.mozilla.org/show_bug.cgi?id=817219 x_transferredx_refsource_CONFIRM

Affected products

Firefox

==20.0a1

Matching in nixpkgs

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

nixos-unstable 2.83.1
- nixpkgs-unstable 2.83.1
- nixos-unstable-small 2.83.1
nixos-25.11 2.79.3
- nixos-25.11-small 2.79.3
- nixpkgs-25.11-darwin 2.79.3

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

nixos-unstable 1.1.1
- nixpkgs-unstable 1.1.1
- nixos-unstable-small 1.1.1
nixos-25.11 1.1.1
- nixos-25.11-small 1.1.1
- nixpkgs-25.11-darwin 1.1.1

pkgs.pkgsRocm.firefox

Web browser built from Firefox source tree

nixos-unstable 147.0.3
- nixpkgs-unstable 147.0.3
- nixos-unstable-small 147.0.3
nixos-25.11 147.0.3
- nixos-25.11-small 147.0.3
- nixpkgs-25.11-darwin 147.0.3

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.3
- nixpkgs-unstable 147.0.3
- nixos-unstable-small 147.0.3
nixos-25.11 147.0.3
- nixos-25.11-small 147.0.3
- nixpkgs-25.11-darwin 147.0.3

pkgs.firefox-gnome-theme

GNOME theme for Firefox

nixos-unstable 143
- nixpkgs-unstable 143
- nixos-unstable-small 143
nixos-25.11 143
- nixos-25.11-small 143
- nixpkgs-25.11-darwin 143

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account.

nixos-unstable 1.9.0
- nixpkgs-unstable 1.9.0
- nixos-unstable-small 1.9.0
nixos-25.11 1.9.0
- nixos-25.11-small 1.9.0
- nixpkgs-25.11-darwin 1.9.0

pkgs.pkgsRocm.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.firefox-esr-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.7.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-beta

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.firefox-mobile

Web browser built from Firefox source tree

nixos-unstable 147.0.3
- nixpkgs-unstable 147.0.3
- nixos-unstable-small 147.0.3
nixos-25.11 147.0.3
- nixos-25.11-small 147.0.3
- nixpkgs-25.11-darwin 147.0.3

pkgs.firefox-esr-128-unwrapped

Web browser built from Firefox source tree

pkgs.firefox-esr-140-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.7.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.3
- nixpkgs-unstable 147.0.3
- nixos-unstable-small 147.0.3
nixos-25.11 147.0.3
- nixos-25.11-small 147.0.3
- nixpkgs-25.11-darwin 147.0.3

pkgs.pkgsRocm.firefox-devedition

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b14
nixos-25.11 148.0b14
- nixos-25.11-small 148.0b14
- nixpkgs-25.11-darwin 148.0b14

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b14
nixos-25.11 148.0b14
- nixos-25.11-small 148.0b14
- nixpkgs-25.11-darwin 148.0b14

pkgs.pkgsRocm.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.gnomeExtensions.firefox-profiles

Easily launch Firefox with your favorite profile right from the indicator menu!

nixos-unstable 5
- nixpkgs-unstable 5
- nixos-unstable-small 5
nixos-25.11 5
- nixos-25.11-small 5
- nixpkgs-25.11-darwin 5

pkgs.pkgsRocm.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b14
nixos-25.11 148.0b14
- nixos-25.11-small 148.0b14
- nixpkgs-25.11-darwin 148.0b14

pkgs.gnomeExtensions.firefox-pip-always-on-top

Automatically sets Picture-in-Picture windows to always be on top and visible on all workspaces

nixos-unstable 4
- nixpkgs-unstable 4
- nixos-unstable-small 4

pkgs.gnomeExtensions.pip-alwaysontop-for-firefox

Enable Picture-in-Picture(PIP) mode to always be on for Firefox in Gnome.

nixos-unstable 1
- nixpkgs-unstable 1
- nixos-unstable-small 1

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

nixos-unstable 2.15.0
- nixpkgs-unstable 2.15.0
- nixos-unstable-small 2.15.0
nixos-25.11 2.15.0
- nixos-25.11-small 2.15.0
- nixpkgs-25.11-darwin 2.15.0

Package maintainers

@pmahoney Patrick Mahoney <pat@polycrystal.org>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
@rhendric Ryan Hendrickson
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
@schnusch schnusch
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
@camillemndn Camille M. <camillemondon@free.fr>
@honnip Jung seungwoo <me@honnip.page>
@felschr Felix Schröter <dev@felschr.com>
@nekowinston winston <hey@winston.sh>
@booxter Ihar Hrachyshka <ihar.hrachyshka@gmail.com>

Permalink CVE-2015-1341

created 2 months ago Activity log

Created suggestion 2 months ago

Apport privilege escalation through Python module imports

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.

References

https://launchpad.net/apport/trunk/2.19.2 x_transferredx_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_transferredx_refsource_MISC

Affected products

Apport

<2.19.1-0ubuntu4
<2.0.1-0ubuntu17.13
<2.14.1-0ubuntu3.18
<2.19.2
<2.17.2-0ubuntu1.7

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4
nixos-25.11 0.0.0.4
- nixos-25.11-small 0.0.0.4
- nixpkgs-25.11-darwin 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Permalink CVE-2014-3655

created 2 months ago Activity log

Created suggestion 2 months ago

JBoss KeyCloak is vulnerable to soft token deletion via CSRF

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3655 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2014-3655 x_transferredx_refsource_MISC
https://snyk.io/vuln/SNYK-JAVA-ORGKEYCLOAK-30138 x_transferredx_refsource_MISC

Affected products

KeyCloak

==Fixed in version 1.1.0-Alpha1

Matching in nixpkgs

pkgs.keycloak

Identity and access management for modern applications and services

nixos-unstable 26.5.3
- nixpkgs-unstable 26.5.3
- nixos-unstable-small 26.5.3
nixos-25.11 26.5.3
- nixos-25.11-small 26.5.3
- nixpkgs-25.11-darwin 26.5.3

pkgs.terraform-providers.keycloak

None

nixos-unstable 5.6.0
- nixpkgs-unstable 5.6.0
- nixos-unstable-small 5.6.0
nixos-25.11 5.5.0
- nixos-25.11-small 5.5.0
- nixpkgs-25.11-darwin 5.5.0

pkgs.python312Packages.python-keycloak

Provides access to the Keycloak API

nixos-25.11 4.0.0
- nixos-25.11-small 4.0.0
- nixpkgs-25.11-darwin 4.0.0

pkgs.python313Packages.python-keycloak

Provides access to the Keycloak API

nixos-unstable 4.0.0
- nixpkgs-unstable 4.0.0
- nixos-unstable-small 4.0.0
nixos-25.11 4.0.0
- nixos-25.11-small 4.0.0
- nixpkgs-25.11-darwin 4.0.0

pkgs.python314Packages.python-keycloak

Provides access to the Keycloak API

nixos-unstable 4.0.0
- nixpkgs-unstable 4.0.0
- nixos-unstable-small 4.0.0

pkgs.terraform-providers.keycloak_keycloak

None

nixos-unstable 5.6.0
- nixpkgs-unstable 5.6.0
- nixos-unstable-small 5.6.0
nixos-25.11 5.5.0
- nixos-25.11-small 5.5.0
- nixpkgs-25.11-darwin 5.5.0

Package maintainers

@ngerstle Nicholas Gerstle <ngerstle@gmail.com>
@talyz Kim Lindberger <kim.lindberger@gmail.com>
@leona-ya Leona Maroni <nix@leona.is>
@NickCao Nick Cao <nickcao@nichi.co>

Automatically generated suggestions

References

Affected products

Matching in nixpkgs

pkgs.python312Packages.lazr-delegates

pkgs.python313Packages.lazr-delegates

pkgs.python314Packages.lazr-delegates

pkgs.haskellPackages.wai-middleware-delegate

References

Affected products

Matching in nixpkgs

pkgs.tests.fetchpatch.fileWithSpace

References

Affected products

Matching in nixpkgs

pkgs.smfh

pkgs.asmfmt

pkgs.libsmf

pkgs.nasmfmt

pkgs.mt32emu-smf2wav

pkgs.python312Packages.pysmf

pkgs.python313Packages.pysmf

pkgs.python314Packages.pysmf

pkgs.tests.fetchFromGitHub.rootDir

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.qemu

pkgs.qemu_kvm

pkgs.qemu_xen

pkgs.qemu-user

pkgs.qemu_full

pkgs.qemu_test

pkgs.qemu-utils

pkgs.canokey-qemu

pkgs.ubootQemuX86

pkgs.ubootQemuX86_64

pkgs.ubootQemuAarch64

pkgs.qemu-python-utils

pkgs.armTrustedFirmwareQemu

pkgs.python312Packages.qemu

pkgs.python313Packages.qemu

pkgs.python314Packages.qemu

pkgs.python312Packages.qemu-qmp

pkgs.python313Packages.qemu-qmp

pkgs.python314Packages.qemu-qmp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.seabios

pkgs.libsmbios

pkgs.biosdevname

pkgs.seabios-csm

pkgs.seabios-qemu

pkgs.seabios-coreboot

pkgs.dell-bios-fan-control

pkgs.haskellPackages.hie-bios

pkgs.python312Packages.biosppy

pkgs.python313Packages.biosppy

pkgs.python314Packages.biosppy

pkgs.gnomeExtensions.one-click-bios

pkgs.vscode-extensions.fabiospampinato.vscode-open-in-github

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.pyradio

pkgs.python312Packages.pyrad

pkgs.python313Packages.pyrad

pkgs.python314Packages.pyrad

pkgs.python312Packages.pyradios

pkgs.python313Packages.pyradios

pkgs.python314Packages.pyradios

pkgs.python312Packages.pyradiomics

pkgs.python313Packages.pyradiomics

pkgs.python314Packages.pyradiomics

pkgs.pkgsRocm.python3Packages.pyradiomics

Package maintainers