Nixpkgs security tracker

Permalink CVE-2012-5630

created 2 months ago Activity log

Created suggestion 2 months ago

libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race …

libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.

References

https://security-tracker.debian.org/tracker/CVE-2012-5630 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5630 x_transferredx_refsource_MISC
Red Hat vendor-advisoryx_transferredx_refsource_REDHAT
Fedora x_refsource_FEDORAvendor-advisoryx_transferred
https://www.securityfocus.com/bid/59285 x_transferredx_refsource_MISC

Affected products

libuser

==0.57
==0.56

Matching in nixpkgs

pkgs.lomiri.libusermetrics

Enables apps to locally store interesting numerical data for later presentation

nixos-unstable 1.4.0
- nixpkgs-unstable 1.4.0
- nixos-unstable-small 1.4.0
nixos-25.11 1.3.3
- nixos-25.11-small 1.3.3
- nixpkgs-25.11-darwin 1.3.3

Package maintainers

@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>

Permalink CVE-2011-1497

created 2 months ago Activity log

Created suggestion 2 months ago

A cross-site scripting vulnerability flaw was found in the auto_link …

A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6.

References

https://www.openwall.com/lists/oss-security/2011/04/06/13 x_transferredx_refsource_MISC
https://github.com/rails/rails/blob/38df020c95beca7e12f0188cb7e18f3c37789e20/ac… x_transferredx_refsource_MISC

Affected products

rails

==rails 3.0.6

Matching in nixpkgs

pkgs.grails

Full stack, web application framework for the JVM

nixos-unstable 7.0.0-M3
- nixpkgs-unstable 7.0.0-M3
- nixos-unstable-small 7.0.0-M3
nixos-25.11 7.0.0-M3
- nixos-25.11-small 7.0.0-M3
- nixpkgs-25.11-darwin 7.0.0-M3

pkgs.rails-new

Generate new Rails applications without having to install Ruby

nixos-unstable 0.5.0
- nixpkgs-unstable 0.5.0
- nixos-unstable-small 0.5.0
nixos-25.11 0.5.0
- nixos-25.11-small 0.5.0
- nixpkgs-25.11-darwin 0.5.0

pkgs.rubyPackages.rails

None

nixos-unstable 7.2.3
- nixpkgs-unstable 7.2.3
- nixos-unstable-small 7.2.3
nixos-25.11 7.2.3
- nixos-25.11-small 7.2.3
- nixpkgs-25.11-darwin 7.2.3

pkgs.rubyPackages_3_3.rails

None

nixos-unstable 7.2.3
- nixpkgs-unstable 7.2.3
- nixos-unstable-small 7.2.3
nixos-25.11 7.2.3
- nixos-25.11-small 7.2.3
- nixpkgs-25.11-darwin 7.2.3

pkgs.rubyPackages_3_4.rails

None

nixos-unstable 7.2.3
- nixpkgs-unstable 7.2.3
- nixos-unstable-small 7.2.3
nixos-25.11 7.2.3
- nixos-25.11-small 7.2.3
- nixpkgs-25.11-darwin 7.2.3

pkgs.rubyPackages_4_0.rails

None

nixos-unstable 7.2.3
- nixpkgs-unstable 7.2.3
- nixos-unstable-small 7.2.3
nixos-25.11 7.2.3
- nixos-25.11-small 7.2.3
- nixpkgs-25.11-darwin 7.2.3

pkgs.hyprlandPlugins.hyprtrails

Hyprland smooth trails behind moving windows plugin

nixos-unstable 0.53.0
- nixpkgs-unstable 0.53.0
- nixos-unstable-small 0.53.0
nixos-25.11 0.52.0
- nixos-25.11-small 0.52.0
- nixpkgs-25.11-darwin 0.52.0

pkgs.rubyPackages.rails-dom-testing

None

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.3.0
- nixos-25.11-small 2.3.0
- nixpkgs-25.11-darwin 2.3.0

pkgs.rubyPackages.rails-html-sanitizer

None

nixos-unstable 1.6.2
- nixpkgs-unstable 1.6.2
- nixos-unstable-small 1.6.2
nixos-25.11 1.6.2
- nixos-25.11-small 1.6.2
- nixpkgs-25.11-darwin 1.6.2

pkgs.rubyPackages_3_1.rails-dom-testing

None

pkgs.rubyPackages_3_2.rails-dom-testing

None

pkgs.rubyPackages_3_3.rails-dom-testing

None

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.3.0
- nixos-25.11-small 2.3.0
- nixpkgs-25.11-darwin 2.3.0

pkgs.rubyPackages_3_4.rails-dom-testing

None

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.3.0
- nixos-25.11-small 2.3.0
- nixpkgs-25.11-darwin 2.3.0

pkgs.rubyPackages_4_0.rails-dom-testing

None

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.3.0
- nixos-25.11-small 2.3.0
- nixpkgs-25.11-darwin 2.3.0

pkgs.rubyPackages_3_1.rails-html-sanitizer

None

pkgs.rubyPackages_3_2.rails-html-sanitizer

None

pkgs.rubyPackages_3_3.rails-html-sanitizer

None

nixos-unstable 1.6.2
- nixpkgs-unstable 1.6.2
- nixos-unstable-small 1.6.2
nixos-25.11 1.6.2
- nixos-25.11-small 1.6.2
- nixpkgs-25.11-darwin 1.6.2

pkgs.rubyPackages_3_4.rails-html-sanitizer

None

nixos-unstable 1.6.2
- nixpkgs-unstable 1.6.2
- nixos-unstable-small 1.6.2
nixos-25.11 1.6.2
- nixos-25.11-small 1.6.2
- nixpkgs-25.11-darwin 1.6.2

pkgs.rubyPackages_4_0.rails-html-sanitizer

None

nixos-unstable 1.6.2
- nixpkgs-unstable 1.6.2
- nixos-unstable-small 1.6.2
nixos-25.11 1.6.2
- nixos-25.11-small 1.6.2
- nixpkgs-25.11-darwin 1.6.2

Package maintainers

@bjornfor Bjørn Forsman <bjorn.forsman@gmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@donovanglover Donovan Glover
@NotAShelf NotAShelf <raf@notashelf.dev>
@khaneliman Austin Horstman <khaneliman12@gmail.com>
@fufexan Fufezan Mihai <fufexan@protonmail.com>
@coat Kent Smith <kentsmith@gmail.com>

Permalink CVE-2012-1187

created 2 months ago Activity log

Created suggestion 2 months ago

Bitlbee does not drop extra group privileges correctly in unix.c

References

https://security-tracker.debian.org/tracker/CVE-2012-1187 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-1187 x_transferredx_refsource_MISC
https://bugs.bitlbee.org/ticket/852 x_transferredx_refsource_MISC

Affected products

Bitlbee

==3.0.4

Matching in nixpkgs

pkgs.bitlbee

IRC instant messaging gateway

nixos-unstable 3.6
- nixpkgs-unstable 3.6
- nixos-unstable-small 3.6
nixos-25.11 3.6
- nixos-25.11-small 3.6
- nixpkgs-25.11-darwin 3.6

pkgs.bitlbee-steam

Steam protocol plugin for BitlBee

nixos-unstable 1.4.2
- nixpkgs-unstable 1.4.2
- nixos-unstable-small 1.4.2
nixos-25.11 1.4.2
- nixos-25.11-small 1.4.2
- nixpkgs-25.11-darwin 1.4.2

pkgs.bitlbee-discord

Bitlbee plugin for Discord

nixos-unstable 0.4.3
- nixpkgs-unstable 0.4.3
- nixos-unstable-small 0.4.3
nixos-25.11 0.4.3
- nixos-25.11-small 0.4.3
- nixpkgs-25.11-darwin 0.4.3

pkgs.bitlbee-facebook

Facebook protocol plugin for bitlbee

nixos-unstable 1.2.2
- nixpkgs-unstable 1.2.2
- nixos-unstable-small 1.2.2
nixos-25.11 1.2.2
- nixos-25.11-small 1.2.2
- nixpkgs-25.11-darwin 1.2.2

pkgs.bitlbee-mastodon

Bitlbee plugin for Mastodon

nixos-unstable 1.4.5
- nixpkgs-unstable 1.4.5
- nixos-unstable-small 1.4.5
nixos-25.11 1.4.5
- nixos-25.11-small 1.4.5
- nixpkgs-25.11-darwin 1.4.5

Package maintainers

@pSub Pascal Wittmann <mail@pascal-wittmann.de>
@Lassulus Lassulus <lassulus@gmail.com>
@toonn Toon Nolten <nixpkgs@toonn.io>
@jpotier Martin Potier <jpo.contributes.to.nixos@marvid.fr>

Permalink CVE-2011-1588

created 2 months ago Activity log

Created suggestion 2 months ago

Thunar before 1.3.1 could crash when copy and pasting a …

Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.

References

https://security-tracker.debian.org/tracker/CVE-2011-1588 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1588 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-1588 x_transferredx_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00008.html x_transferredx_refsource_MISC
https://github.com/xfce-mirror/thunar/commit/03dd312e157d4fa8a11d5fa402706ae5b0… x_transferredx_refsource_MISC
https://github.com/xfce-mirror/thunar/blob/master/NEWS#L774 x_transferredx_refsource_MISC

Affected products

thunar

==before 1.3.1

Matching in nixpkgs

pkgs.thunar

Xfce file manager

nixos-unstable 4.20.7
- nixpkgs-unstable 4.20.7
- nixos-unstable-small 4.20.7

pkgs.xfce.thunar

Xfce file manager

nixos-unstable 4.20.7
- nixpkgs-unstable 4.20.7
- nixos-unstable-small 4.20.7
nixos-25.11 4.20.6
- nixos-25.11-small 4.20.6
- nixpkgs-25.11-darwin 4.20.6

pkgs.thunar-volman

Thunar extension for automatic management of removable drives and media

nixos-unstable 4.20.0
- nixpkgs-unstable 4.20.0
- nixos-unstable-small 4.20.0

pkgs.thunar-unwrapped

Xfce file manager

nixos-unstable 4.20.7
- nixpkgs-unstable 4.20.7
- nixos-unstable-small 4.20.7

pkgs.xfce.thunar-bare

Xfce file manager

nixos-25.11 4.20.6
- nixos-25.11-small 4.20.6
- nixpkgs-25.11-darwin 4.20.6

pkgs.thunar-vcs-plugin

Thunar plugin providing support for Subversion and Git

nixos-unstable 0.4.0
- nixpkgs-unstable 0.4.0
- nixos-unstable-small 0.4.0

pkgs.xfce.thunar-volman

Thunar extension for automatic management of removable drives and media

nixos-unstable 4.20.0
- nixpkgs-unstable 4.20.0
- nixos-unstable-small 4.20.0
nixos-25.11 4.20.0
- nixos-25.11-small 4.20.0
- nixpkgs-25.11-darwin 4.20.0

pkgs.thunar-archive-plugin

Thunar plugin providing file context menus for archives

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0

pkgs.thunar-dropbox-plugin

Plugin that adds context-menu items for Dropbox to Thunar

nixos-unstable 0.3.2
- nixpkgs-unstable 0.3.2
- nixos-unstable-small 0.3.2

pkgs.xfce.thunar-unwrapped

Xfce file manager

nixos-unstable 4.20.7
- nixpkgs-unstable 4.20.7
- nixos-unstable-small 4.20.7
nixos-25.11 4.20.6
- nixos-25.11-small 4.20.6
- nixpkgs-25.11-darwin 4.20.6

pkgs.xfce.thunar-vcs-plugin

Thunar plugin providing support for Subversion and Git

nixos-unstable 0.4.0
- nixpkgs-unstable 0.4.0
- nixos-unstable-small 0.4.0
nixos-25.11 0.4.0
- nixos-25.11-small 0.4.0
- nixpkgs-25.11-darwin 0.4.0

pkgs.thunar-media-tags-plugin

Thunar plugin providing tagging and renaming features for media files

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0

pkgs.xfce.thunar-archive-plugin

Thunar plugin providing file context menus for archives

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0
nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.xfce.thunar-dropbox-plugin

Plugin that adds context-menu items for Dropbox to Thunar

nixos-unstable 0.3.2
- nixpkgs-unstable 0.3.2
- nixos-unstable-small 0.3.2
nixos-25.11 0.3.2
- nixos-25.11-small 0.3.2
- nixpkgs-25.11-darwin 0.3.2

pkgs.xfce.thunar-media-tags-plugin

Thunar plugin providing tagging and renaming features for media files

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0
nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

Package maintainers

@muscaln Mustafa Çalışkan <muscaln@protonmail.com>
@bobby285271 Bobby Rong <rjl931189261@126.com>
@romildo José Romildo Malaquias <malaquias@gmail.com>
@ncfavier Naïm Favier <n@monade.li>
@LordMZTE Moritz Thomae <lord@mzte.de>

Permalink CVE-2009-3723

created 2 months ago Activity log

Created suggestion 2 months ago

asterisk allows calls on prohibited networks

References

https://security-tracker.debian.org/tracker/CVE-2009-3723 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2009-3723 x_transferredx_refsource_MISC
http://downloads.asterisk.org/pub/security/AST-2009-007.html x_transferredx_refsource_MISC

Affected products

asterisk

==All 1.6.1 versions

Matching in nixpkgs

pkgs.asterisk

Software implementation of a telephone private branch exchange (PBX)

nixos-unstable 22.8.2
- nixpkgs-unstable 22.8.2
- nixos-unstable-small 22.8.2
nixos-25.11 22.8.2
- nixos-25.11-small 22.8.2
- nixpkgs-25.11-darwin 22.8.2

pkgs.asterisk_18

Software implementation of a telephone private branch exchange (PBX)

pkgs.asterisk_20

Software implementation of a telephone private branch exchange (PBX)

nixos-unstable 20.18.2
- nixpkgs-unstable 20.18.2
- nixos-unstable-small 20.18.2
nixos-25.11 20.18.2
- nixos-25.11-small 20.18.2
- nixpkgs-25.11-darwin 20.18.2

pkgs.asterisk_22

Software implementation of a telephone private branch exchange (PBX)

nixos-unstable 22.8.2
- nixpkgs-unstable 22.8.2
- nixos-unstable-small 22.8.2
nixos-25.11 22.8.2
- nixos-25.11-small 22.8.2
- nixpkgs-25.11-darwin 22.8.2

pkgs.asterisk_23

Software implementation of a telephone private branch exchange (PBX)

nixos-unstable 23.2.2
- nixpkgs-unstable 23.2.2
- nixos-unstable-small 23.2.2
nixos-25.11 23.2.2
- nixos-25.11-small 23.2.2
- nixpkgs-25.11-darwin 23.2.2

pkgs.asterisk-lts

Software implementation of a telephone private branch exchange (PBX)

nixos-unstable 22.8.2
- nixpkgs-unstable 22.8.2
- nixos-unstable-small 22.8.2
nixos-25.11 22.8.2
- nixos-25.11-small 22.8.2
- nixpkgs-25.11-darwin 22.8.2

pkgs.asterisk-ldap

Software implementation of a telephone private branch exchange (PBX)

nixos-unstable 22.8.2
- nixpkgs-unstable 22.8.2
- nixos-unstable-small 22.8.2
nixos-25.11 22.8.2
- nixos-25.11-small 22.8.2
- nixpkgs-25.11-darwin 22.8.2

pkgs.asterisk-stable

Software implementation of a telephone private branch exchange (PBX)

nixos-unstable 20.18.2
- nixpkgs-unstable 20.18.2
- nixos-unstable-small 20.18.2
nixos-25.11 20.18.2
- nixos-25.11-small 20.18.2
- nixpkgs-25.11-darwin 20.18.2

pkgs.asterisk-module-sccp

Replacement for the SCCP channel driver in Asterisk

pkgs.python312Packages.asterisk-mbox

Client side of a client/server to interact with Asterisk voicemail mailboxes

nixos-25.11 0.5.0
- nixos-25.11-small 0.5.0
- nixpkgs-25.11-darwin 0.5.0

pkgs.python313Packages.asterisk-mbox

Client side of a client/server to interact with Asterisk voicemail mailboxes

nixos-unstable 0.5.0
- nixpkgs-unstable 0.5.0
- nixos-unstable-small 0.5.0
nixos-25.11 0.5.0
- nixos-25.11-small 0.5.0
- nixpkgs-25.11-darwin 0.5.0

pkgs.python314Packages.asterisk-mbox

Client side of a client/server to interact with Asterisk voicemail mailboxes

nixos-unstable 0.5.0
- nixpkgs-unstable 0.5.0
- nixos-unstable-small 0.5.0

Package maintainers

@yorickvP Yorick van Pelt <yorickvanpelt@gmail.com>
@auntieNeo Jonathan Glines <auntieNeo@gmail.com>
@DerTim1 Tim Digel <tim.digel@active-group.de>
@dasJ Janne Heß <janne@hess.ooo>
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>

Permalink CVE-2011-4120

created 2 months ago Activity log

Created suggestion 2 months ago

Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' …

Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the account in question by providing a NULL value (pressing Ctrl-D keyboard sequence) as the password string.

References

https://security-tracker.debian.org/tracker/CVE-2011-4120 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4120 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-4120 x_transferredx_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/11/07/6 x_transferredx_refsource_MISC

Affected products

yubico-pam

==before 2.10

Matching in nixpkgs

pkgs.yubico-pam

Yubico PAM module

nixos-unstable 2.27
- nixpkgs-unstable 2.27
- nixos-unstable-small 2.27
nixos-25.11 2.27
- nixos-25.11-small 2.27
- nixpkgs-25.11-darwin 2.27

Permalink CVE-2012-2238

created 2 months ago Activity log

Created suggestion 2 months ago

trytond 2.4: ModelView.button fails to validate authorization

References

https://security-tracker.debian.org/tracker/CVE-2012-2238 x_transferredx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/78435 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/09/11/10 x_transferredx_refsource_MISC
http://www.securityfocus.com/bid/55503 x_transferredx_refsource_MISC
http://hg.tryton.org/2.4/trytond/rev/279f0031b461 x_transferredx_refsource_MISC

Affected products

trytond

==≤ 2.4

Matching in nixpkgs

pkgs.trytond

Server of the Tryton application platform

nixos-unstable 7.8.1
- nixpkgs-unstable 7.8.1
- nixos-unstable-small 7.8.1
nixos-25.11 7.8.1
- nixos-25.11-small 7.8.1
- nixpkgs-25.11-darwin 7.8.1

pkgs.python312Packages.trytond

Server of the Tryton application platform

nixos-25.11 7.8.1
- nixos-25.11-small 7.8.1
- nixpkgs-25.11-darwin 7.8.1

pkgs.python313Packages.trytond

Server of the Tryton application platform

nixos-unstable 7.8.1
- nixpkgs-unstable 7.8.1
- nixos-unstable-small 7.8.1
nixos-25.11 7.8.1
- nixos-25.11-small 7.8.1
- nixpkgs-25.11-darwin 7.8.1

pkgs.python314Packages.trytond

Server of the Tryton application platform

nixos-unstable 7.8.1
- nixpkgs-unstable 7.8.1
- nixos-unstable-small 7.8.1

Package maintainers

@johbo Johannes Bornhold <johannes@bornhold.name>
@udono Udo Spallek <udono@virtual-things.biz>

Permalink CVE-2012-4439

created 2 months ago Activity log

Created suggestion 2 months ago

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS …

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.

References

https://security-tracker.debian.org/tracker/CVE-2012-4439 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/09/21/2 x_transferredx_refsource_MISC
https://www.cloudbees.com/jenkins-security-advisory-2012-09-17 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4439 x_transferredx_refsource_CONFIRM

Affected products

jenkins

==1.447.2

Matching in nixpkgs

pkgs.jenkins

Extendable open source continuous integration server

nixos-unstable 2.541.1
- nixpkgs-unstable 2.541.1
- nixos-unstable-small 2.541.1
nixos-25.11 2.541.1
- nixos-25.11-small 2.541.1
- nixpkgs-25.11-darwin 2.541.1

pkgs.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python312Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python313Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15
nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python314Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15

pkgs.python312Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python313Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3
nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python314Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3

pkgs.python312Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python313Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python314Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2

Package maintainers

@coreyoconnor Corey O'Connor <coreyoconnor@gmail.com>
@NeQuissimus Tim Steinbach <tim@nequissimus.com>
@earldouglas James Earl Douglas <james@earldouglas.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>
@drets Dmytro Rets <dmitryrets@gmail.com>
@de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
@invokes-su Souvik Sen <nixpkgs-commits@deshaw.com>
@gador Florian Brandes <florian.brandes@posteo.de>
@despsyched Priyanshu Tripathi <priyanshu.tripathi@deshaw.com>

Permalink CVE-2012-1615

created 2 months ago Activity log

Created suggestion 2 months ago

A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to …

A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1615 x_transferredx_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076873.html x_transferredx_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081113.html x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/04/04/2 x_transferredx_refsource_MISC
http://www.securityfocus.com/bid/52884 x_transferredx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/74655 x_transferredx_refsource_MISC

Affected products

sectool

==through 2012-04-03

Matching in nixpkgs

pkgs.python312Packages.sectools

library containing functions to write security tools

nixos-25.11 1.5.1
- nixos-25.11-small 1.5.1
- nixpkgs-25.11-darwin 1.5.1

pkgs.python313Packages.sectools

library containing functions to write security tools

nixos-unstable 1.5.1
- nixpkgs-unstable 1.5.1
- nixos-unstable-small 1.5.1
nixos-25.11 1.5.1
- nixos-25.11-small 1.5.1
- nixpkgs-25.11-darwin 1.5.1

pkgs.python314Packages.sectools

Library containing functions to write security tools

nixos-unstable 1.5.1
- nixpkgs-unstable 1.5.1
- nixos-unstable-small 1.5.1

pkgs.haskellPackages.ParsecTools

Parsec combinators for more complex objects

nixos-unstable 0.0.2.0
- nixpkgs-unstable 0.0.2.0
- nixos-unstable-small 0.0.2.0
nixos-25.11 0.0.2.0
- nixos-25.11-small 0.0.2.0
- nixpkgs-25.11-darwin 0.0.2.0

Package maintainers

@fabaff Fabian Affolter <mail@fabian-affolter.ch>

Permalink CVE-2012-6639

created 2 months ago Activity log

Created suggestion 2 months ago

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when …

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

References

https://security-tracker.debian.org/tracker/CVE-2012-6639 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6639 x_transferredx_refsource_MISC
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6639 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-6639 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2014/03/06/7 x_transferredx_refsource_MISC
https://www.securityfocus.com/bid/66019/references x_transferredx_refsource_MISC

Affected products

cloud-init

==before 0.7.0

Matching in nixpkgs

pkgs.cloud-init

Provides configuration and customization of cloud instance

nixos-unstable 25.2
- nixpkgs-unstable 25.2
- nixos-unstable-small 25.2
nixos-25.11 25.2
- nixos-25.11-small 25.2
- nixpkgs-25.11-darwin 25.2

Package maintainers

@jfroche Jean-François Roche <jfroche@pyxel.be>
@illustris Harikrishnan R <me@illustris.tech>

Automatically generated suggestions

References

Affected products

Matching in nixpkgs

pkgs.lomiri.libusermetrics

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.grails

pkgs.rails-new

pkgs.rubyPackages.rails

pkgs.rubyPackages_3_1.rails

pkgs.rubyPackages_3_2.rails

pkgs.rubyPackages_3_3.rails

pkgs.rubyPackages_3_4.rails

pkgs.rubyPackages_4_0.rails

pkgs.hyprlandPlugins.hyprtrails

pkgs.rubyPackages.rails-dom-testing

pkgs.rubyPackages.rails-html-sanitizer

pkgs.rubyPackages_3_1.rails-dom-testing

pkgs.rubyPackages_3_2.rails-dom-testing

pkgs.rubyPackages_3_3.rails-dom-testing

pkgs.rubyPackages_3_4.rails-dom-testing

pkgs.rubyPackages_4_0.rails-dom-testing

pkgs.rubyPackages_3_1.rails-html-sanitizer

pkgs.rubyPackages_3_2.rails-html-sanitizer

pkgs.rubyPackages_3_3.rails-html-sanitizer

pkgs.rubyPackages_3_4.rails-html-sanitizer

pkgs.rubyPackages_4_0.rails-html-sanitizer

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.bitlbee

pkgs.bitlbee-steam

pkgs.bitlbee-discord

pkgs.bitlbee-facebook

pkgs.bitlbee-mastodon

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.thunar

pkgs.xfce.thunar

pkgs.thunar-volman

pkgs.thunar-unwrapped

pkgs.xfce.thunar-bare

pkgs.thunar-vcs-plugin

pkgs.xfce.thunar-volman

pkgs.thunar-archive-plugin

pkgs.thunar-dropbox-plugin

pkgs.xfce.thunar-unwrapped

pkgs.xfce.thunar-vcs-plugin

pkgs.thunar-media-tags-plugin

pkgs.xfce.thunar-archive-plugin

pkgs.xfce.thunar-dropbox-plugin

pkgs.xfce.thunar-media-tags-plugin

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.asterisk

pkgs.asterisk_18

pkgs.asterisk_20

pkgs.asterisk_22

pkgs.asterisk_23

pkgs.asterisk-lts

pkgs.asterisk-ldap

pkgs.asterisk-stable

pkgs.asterisk-module-sccp

pkgs.python312Packages.asterisk-mbox

pkgs.python313Packages.asterisk-mbox

pkgs.python314Packages.asterisk-mbox

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.yubico-pam

References