Nixpkgs security tracker

Permalink CVE-2012-4440

created 2 months ago Activity log

Created suggestion 2 months ago

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS …

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin.

References

https://security-tracker.debian.org/tracker/CVE-2012-4440 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/09/21/2 x_transferredx_refsource_MISC
https://www.cloudbees.com/jenkins-security-advisory-2012-09-17 x_transferredx_refsource_MISC

Affected products

jenkins

==2

Matching in nixpkgs

pkgs.jenkins

Extendable open source continuous integration server

nixos-unstable 2.541.1
- nixpkgs-unstable 2.541.1
- nixos-unstable-small 2.541.1
nixos-25.11 2.541.1
- nixos-25.11-small 2.541.1
- nixpkgs-25.11-darwin 2.541.1

pkgs.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python312Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python313Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15
nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python314Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15

pkgs.python312Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python313Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3
nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python314Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3

pkgs.python312Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python313Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python314Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2

Package maintainers

@coreyoconnor Corey O'Connor <coreyoconnor@gmail.com>
@NeQuissimus Tim Steinbach <tim@nequissimus.com>
@earldouglas James Earl Douglas <james@earldouglas.com>
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>
@drets Dmytro Rets <dmitryrets@gmail.com>
@de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
@invokes-su Souvik Sen <nixpkgs-commits@deshaw.com>
@gador Florian Brandes <florian.brandes@posteo.de>
@despsyched Priyanshu Tripathi <priyanshu.tripathi@deshaw.com>

Permalink CVE-2012-1567

created 2 months ago Activity log

Created suggestion 2 months ago

LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in …

LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate.

References

http://www.openwall.com/lists/oss-security/2012/03/19/14 x_transferredx_refsource_MISC
https://github.com/linuxmint/mintupdate/blob/master/usr/lib/linuxmint/mintUpdat… x_transferredx_refsource_MISC

Affected products

Mint

==2012-03-19

Matching in nixpkgs

pkgs.mint

Refreshing language for the front-end web

nixos-unstable 0.28.1
nixos-25.11 0.24.1
- nixos-25.11-small 0.24.1
- nixpkgs-25.11-darwin 0.24.1

pkgs.mintotp

Minimal TOTP generator

nixos-unstable 0.3.0
- nixpkgs-unstable 0.3.0
- nixos-unstable-small 0.3.0
nixos-25.11 0.3.0
- nixos-25.11-small 0.3.0
- nixpkgs-25.11-darwin 0.3.0

pkgs.fedimint

Federated E-Cash Mint

nixos-unstable 0.7.1
- nixpkgs-unstable 0.7.1
- nixos-unstable-small 0.7.1
nixos-25.11 0.7.1
- nixos-25.11-small 0.7.1
- nixpkgs-25.11-darwin 0.7.1

pkgs.tendermint

Byzantine-Fault Tolerant State Machines. Or Blockchain, for short

nixos-unstable 0.35.9
- nixpkgs-unstable 0.35.9
- nixos-unstable-small 0.35.9
nixos-25.11 0.35.9
- nixos-25.11-small 0.35.9
- nixpkgs-25.11-darwin 0.35.9

pkgs.garmintools

Provides the ability to communicate with the Garmin Forerunner 305 via the USB interface

nixos-unstable 0.10
- nixpkgs-unstable 0.10
- nixos-unstable-small 0.10
nixos-25.11 0.10
- nixos-25.11-small 0.10
- nixpkgs-25.11-darwin 0.10

pkgs.latexminted

Python executable for LaTeX minted package

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0
nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.mint-themes

Mint-X and Mint-Y themes for the cinnamon desktop

nixos-unstable 2.3.8
- nixpkgs-unstable 2.3.8
- nixos-unstable-small 2.3.8
nixos-25.11 2.3.2
- nixos-25.11-small 2.3.2
- nixpkgs-25.11-darwin 2.3.2

pkgs.mint-artwork

Artwork for the cinnamon desktop

nixos-unstable 1.9.3
- nixpkgs-unstable 1.9.3
- nixos-unstable-small 1.9.3
nixos-25.11 1.9.2
- nixos-25.11-small 1.9.2
- nixpkgs-25.11-darwin 1.9.2

pkgs.mint-l-icons

Mint-L icon theme

nixos-unstable 1.8.0
- nixpkgs-unstable 1.8.0
- nixos-unstable-small 1.8.0
nixos-25.11 1.7.8
- nixos-25.11-small 1.7.8
- nixpkgs-25.11-darwin 1.7.8

pkgs.mint-l-theme

Mint-L theme for the Cinnamon desktop

nixos-unstable 2.0.6
- nixpkgs-unstable 2.0.6
- nixos-unstable-small 2.0.6
nixos-25.11 2.0.2
- nixos-25.11-small 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.mint-x-icons

Mint/metal theme based on mintified versions of Clearlooks Revamp, Elementary and Faenza

nixos-unstable 1.7.5
- nixpkgs-unstable 1.7.5
- nixos-unstable-small 1.7.5
nixos-25.11 1.7.4
- nixos-25.11-small 1.7.4
- nixpkgs-25.11-darwin 1.7.4

pkgs.mint-y-icons

Mint-Y icon theme

nixos-unstable 1.9.1
- nixpkgs-unstable 1.9.1
- nixos-unstable-small 1.9.1
nixos-25.11 1.8.8
- nixos-25.11-small 1.8.8
- nixpkgs-25.11-darwin 1.8.8

pkgs.marwaita-mint

Variation for marwaita GTK theme based on linux mint color scheme

nixos-unstable 24
- nixpkgs-unstable 24
- nixos-unstable-small 24
nixos-25.11 24
- nixos-25.11-small 24
- nixpkgs-25.11-darwin 24

pkgs.mint-cursor-themes

Linux Mint cursor themes

nixos-unstable 1.0.2
- nixpkgs-unstable 1.0.2
- nixos-unstable-small 1.0.2
nixos-25.11 1.0.2
- nixos-25.11-small 1.0.2
- nixpkgs-25.11-darwin 1.0.2

pkgs.haskellPackages.mintty

A reliable way to detect the presence of a MinTTY console on Windows

nixos-unstable 0.1.4
- nixpkgs-unstable 0.1.4
- nixos-unstable-small 0.1.4
nixos-25.11 0.1.4
- nixos-25.11-small 0.1.4
- nixpkgs-25.11-darwin 0.1.4

pkgs.octavePackages.optiminterp

Optimal interpolation toolbox for octave

nixos-unstable 10.3.0-optiminterp-0.3.7
- nixpkgs-unstable 10.3.0-optiminterp-0.3.7
- nixos-unstable-small 10.3.0-optiminterp-0.3.7
nixos-25.11 10.3.0-optiminterp-0.3.7
- nixos-25.11-small 10.3.0-optiminterp-0.3.7
- nixpkgs-25.11-darwin 10.3.0-optiminterp-0.3.7

Package maintainers

@dpc Dawid Ciężarkiewicz <dpc@dpc.pw>
@romildo José Romildo Malaquias <malaquias@gmail.com>
@manveru Michael Fellinger <m.fellinger@gmail.com>
@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@bobby285271 Bobby Rong <rjl931189261@126.com>
@ravenjoad Raven Hallsby <raven@hallsby.com>
@alexfmpe Alexandre Esteves <alexfmpe@proton.me>
@provokateurin Kate Döen

Permalink CVE-2012-1572

created 2 months ago Activity log

Created suggestion 2 months ago

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting …

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space

References

https://security-tracker.debian.org/tracker/CVE-2012-1572 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 x_transferredx_refsource_MISC

Affected products

Keystone

==2014.1.3

Matching in nixpkgs

pkgs.keystone

Lightweight multi-platform, multi-architecture assembler framework

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2
nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.rubyPackages.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.python312Packages.keystoneauth1

Authentication Library for OpenStack Identity

nixos-25.11 keystoneauth1-5.12.0
- nixos-25.11-small keystoneauth1-5.12.0
- nixpkgs-25.11-darwin keystoneauth1-5.12.0

pkgs.python313Packages.keystoneauth1

Authentication Library for OpenStack Identity

nixos-unstable keystoneauth1-5.13.0
- nixpkgs-unstable keystoneauth1-5.13.0
- nixos-unstable-small keystoneauth1-5.13.0
nixos-25.11 keystoneauth1-5.12.0
- nixos-25.11-small keystoneauth1-5.12.0
- nixpkgs-25.11-darwin keystoneauth1-5.12.0

pkgs.python314Packages.keystoneauth1

Authentication Library for OpenStack Identity

nixos-unstable keystoneauth1-5.13.0
- nixpkgs-unstable keystoneauth1-5.13.0
- nixos-unstable-small keystoneauth1-5.13.0

pkgs.rubyPackages_3_1.keystone-engine

None

pkgs.rubyPackages_3_2.keystone-engine

None

pkgs.rubyPackages_3_3.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.rubyPackages_3_4.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.rubyPackages_4_0.keystone-engine

None

nixos-unstable 0.9.0
- nixpkgs-unstable 0.9.0
- nixos-unstable-small 0.9.0
nixos-25.11 0.9.0
- nixos-25.11-small 0.9.0
- nixpkgs-25.11-darwin 0.9.0

pkgs.python312Packages.keystone-engine

Lightweight multi-platform, multi-architecture assembler framework

nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.python313Packages.keystone-engine

Lightweight multi-platform, multi-architecture assembler framework

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2
nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.python314Packages.keystone-engine

Lightweight multi-platform, multi-architecture assembler framework

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2

pkgs.python312Packages.python-keystoneclient

Client Library for OpenStack Identity

nixos-25.11 5.7.0
- nixos-25.11-small 5.7.0
- nixpkgs-25.11-darwin 5.7.0

pkgs.python313Packages.python-keystoneclient

Client Library for OpenStack Identity

nixos-unstable 5.7.0
- nixpkgs-unstable 5.7.0
- nixos-unstable-small 5.7.0
nixos-25.11 5.7.0
- nixos-25.11-small 5.7.0
- nixpkgs-25.11-darwin 5.7.0

pkgs.python314Packages.python-keystoneclient

Client Library for OpenStack Identity

nixos-unstable 5.7.0
- nixpkgs-unstable 5.7.0
- nixos-unstable-small 5.7.0

Package maintainers

@jollheef Mikhail Klementev <root@dumpstack.io>
@anthonyroussel Anthony Roussel <anthony@roussel.dev>
@vinetos vinetos <contact+git@vinetos.fr>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>

Permalink CVE-2012-5640

created 2 months ago Activity log

Created suggestion 2 months ago

thttpd has a local DoS vulnerability via specially-crafted .htpasswd files

References

https://security-tracker.debian.org/tracker/CVE-2012-5640 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5640 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/12/15/1 x_transferredx_refsource_MISC
Red Hat vendor-advisoryx_transferredx_refsource_REDHAT

Affected products

thttpd

==2012-12-15

Matching in nixpkgs

pkgs.thttpd

Tiny/turbo/throttling HTTP server

nixos-unstable 2.29
- nixpkgs-unstable 2.29
- nixos-unstable-small 2.29
nixos-25.11 2.29
- nixos-25.11-small 2.29
- nixpkgs-25.11-darwin 2.29

pkgs.althttpd

Althttpd webserver

nixos-unstable 0-unstable-2025-08-22
- nixpkgs-unstable 0-unstable-2025-08-22
- nixos-unstable-small 0-unstable-2025-08-22
nixos-25.11 0-unstable-2023-08-12
- nixos-25.11-small 0-unstable-2023-08-12
- nixpkgs-25.11-darwin 0-unstable-2023-08-12

Package maintainers

@siraben Siraphob Phipathananunth <bensiraphob@gmail.com>

Permalink CVE-2010-4661

created 2 months ago Activity log

Created suggestion 2 months ago

udisks before 1.0.3 allows a local user to load arbitrary …

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

References

https://security-tracker.debian.org/tracker/CVE-2010-4661 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4661 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2010-4661 x_transferredx_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html x_transferredx_refsource_MISC

Affected products

udisks

==before 1.0.3

Matching in nixpkgs

pkgs.udisks

Daemon, tools and libraries to access and manipulate disks, storage devices and technologies

nixos-unstable 2.11.0
- nixpkgs-unstable 2.11.0
- nixos-unstable-small 2.11.0
nixos-25.11 2.10.2
- nixos-25.11-small 2.10.2
- nixpkgs-25.11-darwin 2.10.2

pkgs.udisks2

Daemon, tools and libraries to access and manipulate disks, storage devices and technologies

nixos-unstable 2.11.0
- nixpkgs-unstable 2.11.0
- nixos-unstable-small 2.11.0
nixos-25.11 2.10.2
- nixos-25.11-small 2.10.2
- nixpkgs-25.11-darwin 2.10.2

pkgs.deepin.udisks2-qt5

UDisks2 D-Bus interfaces binding for Qt5

Package maintainers

@wineee Lu Hongxu <lhongxu@outlook.com>
@jtojnar Jan Tojnar <jtojnar@gmail.com>
@JohnAZoidberg Daniel Schäfer <git@danielschaefer.me>

Permalink CVE-2009-5068

created 2 months ago Activity log

Created suggestion 2 months ago

There is a file disclosure vulnerability in SMF (Simple Machines …

There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several "co-admins" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arbitrary files on the filesystem and therefore gain new privileges by reading the settings.php with the database passwords.

References

http://www.openwall.com/lists/oss-security/2013/02/01/4 x_transferredx_refsource_MISC

Affected products

SMF

==through 2.0.3

Matching in nixpkgs

pkgs.smfh

Sleek Manifest File Handler

nixos-unstable 1.3
- nixpkgs-unstable 1.3
- nixos-unstable-small 1.3
nixos-25.11 1.3
- nixos-25.11-small 1.4
- nixpkgs-25.11-darwin 1.3

pkgs.asmfmt

Go assembler formatter

nixos-unstable 1.3.2
- nixpkgs-unstable 1.3.2
- nixos-unstable-small 1.3.2
nixos-25.11 1.3.2
- nixos-25.11-small 1.3.2
- nixpkgs-25.11-darwin 1.3.2

pkgs.libsmf

C library for reading and writing Standard MIDI Files

nixos-unstable 1.3
- nixpkgs-unstable 1.3
- nixos-unstable-small 1.3
nixos-25.11 1.3
- nixos-25.11-small 1.3
- nixpkgs-25.11-darwin 1.3

pkgs.nasmfmt

Formatter for NASM source files

nixos-unstable 2022-09-15
- nixpkgs-unstable 2022-09-15
- nixos-unstable-small 2022-09-15
nixos-25.11 2022-09-15
- nixos-25.11-small 2022-09-15
- nixpkgs-25.11-darwin 2022-09-15

pkgs.mt32emu-smf2wav

Produces a WAVE file from a Standard MIDI file (SMF)

nixos-unstable smf2wav-1.9.0
- nixpkgs-unstable smf2wav-1.9.0
- nixos-unstable-small smf2wav-1.9.0
nixos-25.11 smf2wav-1.9.0
- nixos-25.11-small smf2wav-1.9.0
- nixpkgs-25.11-darwin smf2wav-1.9.0

pkgs.python312Packages.pysmf

Python extension module for reading and writing Standard MIDI Files, based on libsmf

nixos-25.11 0.1.1
- nixos-25.11-small 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.python313Packages.pysmf

Python extension module for reading and writing Standard MIDI Files, based on libsmf

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1
nixos-25.11 0.1.1
- nixos-25.11-small 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.python314Packages.pysmf

Python extension module for reading and writing Standard MIDI Files, based on libsmf

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1

pkgs.tests.fetchFromGitHub.rootDir

None

nixos-unstable smfyc8dzpa0l
- nixpkgs-unstable smfyc8dzpa0l
- nixos-unstable-small smfyc8dzpa0l

Package maintainers

@kalbasit Wael Nasreddine <wael.nasreddine@gmail.com>
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
@NotAShelf NotAShelf <raf@notashelf.dev>
@eclairevoyant éclairevoyant
@Gerg-L Greg Leyda <gregleyda@proton.me>

Permalink CVE-2012-2142

created 2 months ago Activity log

Created suggestion 2 months ago

The error function in Error.cc in poppler before 0.21.4 allows …

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.

References

http://www.openwall.com/lists/oss-security/2013/08/09/6 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2013/08/09/5 x_transferredx_refsource_MISC
http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d0899… x_transferredx_refsource_MISC
http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4d… x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=789936 x_transferredx_refsource_MISC
http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html x_transferredx_refsource_MISC

Affected products

poppler

==before 0.21.4

Matching in nixpkgs

pkgs.poppler

PDF rendering library

nixos-unstable 25.10.0
- nixpkgs-unstable 25.10.0
- nixos-unstable-small 25.10.0
nixos-25.11 25.10.0
- nixos-25.11-small 25.10.0
- nixpkgs-25.11-darwin 25.10.0

pkgs.poppler_gi

PDF rendering library

nixos-unstable 25.10.0
- nixpkgs-unstable 25.10.0
- nixos-unstable-small 25.10.0
nixos-25.11 25.10.0
- nixos-25.11-small 25.10.0
- nixpkgs-25.11-darwin 25.10.0

pkgs.poppler_min

PDF rendering library

nixos-unstable 25.10.0
- nixpkgs-unstable 25.10.0
- nixos-unstable-small 25.10.0
nixos-25.11 25.10.0
- nixos-25.11-small 25.10.0
- nixpkgs-25.11-darwin 25.10.0

pkgs.poppler_data

Encoding files for Poppler, a PDF rendering library

nixos-unstable 0.4.12
- nixpkgs-unstable 0.4.12
- nixos-unstable-small 0.4.12
nixos-25.11 0.4.12
- nixos-25.11-small 0.4.12
- nixpkgs-25.11-darwin 0.4.12

pkgs.poppler-utils

PDF rendering library

nixos-unstable 25.10.0
- nixpkgs-unstable 25.10.0
- nixos-unstable-small 25.10.0
nixos-25.11 25.10.0
- nixos-25.11-small 25.10.0
- nixpkgs-25.11-darwin 25.10.0

pkgs.libsForQt5.poppler

PDF rendering library

nixos-unstable qt5-25.10.0
- nixpkgs-unstable qt5-25.10.0
- nixos-unstable-small qt5-25.10.0
nixos-25.11 qt5-25.10.0
- nixos-25.11-small qt5-25.10.0
- nixpkgs-25.11-darwin qt5-25.10.0

pkgs.kdePackages.poppler

PDF rendering library

nixos-unstable qt6-25.10.0
- nixpkgs-unstable qt6-25.10.0
- nixos-unstable-small qt6-25.10.0
nixos-25.11 qt6-25.10.0
- nixos-25.11-small qt6-25.10.0
- nixpkgs-25.11-darwin qt6-25.10.0

pkgs.qt6Packages.poppler

PDF rendering library

nixos-unstable qt6-25.10.0
- nixpkgs-unstable qt6-25.10.0
- nixos-unstable-small qt6-25.10.0
nixos-25.11 qt6-25.10.0
- nixos-25.11-small qt6-25.10.0
- nixpkgs-25.11-darwin qt6-25.10.0

pkgs.plasma5Packages.poppler

PDF rendering library

nixos-unstable qt5-25.10.0
- nixpkgs-unstable qt5-25.10.0
- nixos-unstable-small qt5-25.10.0
nixos-25.11 qt5-25.10.0
- nixos-25.11-small qt5-25.10.0
- nixpkgs-25.11-darwin qt5-25.10.0

pkgs.haskellPackages.gi-poppler

Poppler bindings

nixos-unstable 0.18.30
- nixpkgs-unstable 0.18.30
- nixos-unstable-small 0.18.30
nixos-25.11 0.18.30
- nixos-25.11-small 0.18.30
- nixpkgs-25.11-darwin 0.18.30

pkgs.python312Packages.poppler-qt5

None

nixos-25.11 qt5-21.3.0
- nixos-25.11-small qt5-21.3.0
- nixpkgs-25.11-darwin qt5-21.3.0

pkgs.python313Packages.poppler-qt5

None

nixos-unstable qt5-21.3.0
- nixpkgs-unstable qt5-21.3.0
- nixos-unstable-small qt5-21.3.0
nixos-25.11 qt5-21.3.0
- nixos-25.11-small qt5-21.3.0
- nixpkgs-25.11-darwin qt5-21.3.0

pkgs.python314Packages.poppler-qt5

None

nixos-unstable qt5-21.3.0
- nixpkgs-unstable qt5-21.3.0
- nixos-unstable-small qt5-21.3.0

pkgs.zathuraPkgs.zathura_pdf_poppler

Zathura PDF plugin (poppler)

nixos-unstable 0.3.4
- nixpkgs-unstable 2026.02.03
- nixos-unstable-small 2026.02.03
nixos-25.11 0.3.3
- nixos-25.11-small 0.3.3
- nixpkgs-25.11-darwin 0.3.3

pkgs.python312Packages.python-poppler

Python binding to poppler-cpp

nixos-25.11 0.4.1
- nixos-25.11-small 0.4.1
- nixpkgs-25.11-darwin 0.4.1

pkgs.python313Packages.python-poppler

Python binding to poppler-cpp

nixos-unstable 0.4.1
- nixpkgs-unstable 0.4.1
- nixos-unstable-small 0.4.1
nixos-25.11 0.4.1
- nixos-25.11-small 0.4.1
- nixpkgs-25.11-darwin 0.4.1

pkgs.python314Packages.python-poppler

Python binding to poppler-cpp

nixos-unstable 0.4.1
- nixpkgs-unstable 0.4.1
- nixos-unstable-small 0.4.1

pkgs.tests.pkg-config.defaultPkgConfigPackages.poppler-glib

Test whether poppler-glib-25.05.0 exposes pkg-config modules poppler-glib

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@onny Jonas Heinrich <onny@project-insanity.org>

Permalink CVE-2011-4350

created 2 months ago Activity log

Created suggestion 2 months ago

Yaws 1.91 has a directory traversal vulnerability in the way …

Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-crafted URL request.

References

https://security-tracker.debian.org/tracker/CVE-2011-4350 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4350 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-4350 x_transferredx_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650009 x_transferredx_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/11/25/7 x_transferredx_refsource_MISC

Affected products

yaws

==1.91

Matching in nixpkgs

pkgs.yaws

Webserver for dynamic content written in Erlang

nixos-unstable 2.2.0
- nixpkgs-unstable 2.2.0
- nixos-unstable-small 2.2.0
nixos-25.11 2.2.0
- nixos-25.11-small 2.2.0
- nixpkgs-25.11-darwin 2.2.0

Permalink CVE-2012-4524

created 2 months ago Activity log

Created suggestion 2 months ago

xlockmore before 5.43 'dclock' security bypass vulnerability

References

https://security-tracker.debian.org/tracker/CVE-2012-4524 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4524 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-4524 x_transferredx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/79558 x_transferredx_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091108.… x_transferredx_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091150.… x_transferredx_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091709.… x_transferredx_refsource_MISC
http://security.gentoo.org/glsa/glsa-201309-03.xml x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/10/17/12 x_transferredx_refsource_MISC
http://www.securityfocus.com/bid/56169 x_transferredx_refsource_MISC

Affected products

xlockmore

==< 5.43

Matching in nixpkgs

pkgs.xlockmore

Screen locker for the X Window System

nixos-unstable 5.87
- nixpkgs-unstable 5.87
- nixos-unstable-small 5.87
nixos-25.11 5.84
- nixos-25.11-small 5.84
- nixpkgs-25.11-darwin 5.84

Package maintainers

@pSub Pascal Wittmann <mail@pascal-wittmann.de>

Permalink CVE-2012-0046

created 2 months ago Activity log

Created suggestion 2 months ago

mediawiki allows deleted text to be exposed

References

https://security-tracker.debian.org/tracker/CVE-2012-0046 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0046 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0046 x_transferredx_refsource_MISC

Affected products

mediawiki

==1.16

Matching in nixpkgs

pkgs.mediawiki

Collaborative editing software that runs Wikipedia

nixos-unstable 1.45.1
- nixpkgs-unstable 1.45.1
- nixos-unstable-small 1.45.1
nixos-25.11 1.44.3
- nixos-25.11-small 1.44.3
- nixpkgs-25.11-darwin 1.44.3

Package maintainers

@astro Astro <astro@spaceboyz.net>
@gshipunov Grigory Shipunov <blame@oxapentane.com>
@tanneberger Tassilo Tanneberger <revol-xut@protonmail.com>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>

Automatically generated suggestions

References

Affected products

Matching in nixpkgs

pkgs.jenkins

pkgs.jenkins-job-builder

pkgs.python312Packages.jenkinsapi

pkgs.python313Packages.jenkinsapi

pkgs.python314Packages.jenkinsapi

pkgs.python312Packages.python-jenkins

pkgs.python313Packages.python-jenkins

pkgs.python314Packages.python-jenkins

pkgs.python312Packages.jenkins-job-builder

pkgs.python313Packages.jenkins-job-builder

pkgs.python314Packages.jenkins-job-builder

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.mint

pkgs.mintotp

pkgs.fedimint

pkgs.tendermint

pkgs.garmintools

pkgs.latexminted

pkgs.mint-themes

pkgs.mint-artwork

pkgs.mint-l-icons

pkgs.mint-l-theme

pkgs.mint-x-icons

pkgs.mint-y-icons

pkgs.marwaita-mint

pkgs.mint-cursor-themes

pkgs.haskellPackages.mintty

pkgs.octavePackages.optiminterp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.keystone

pkgs.rubyPackages.keystone-engine

pkgs.python312Packages.keystoneauth1

pkgs.python313Packages.keystoneauth1

pkgs.python314Packages.keystoneauth1

pkgs.rubyPackages_3_1.keystone-engine

pkgs.rubyPackages_3_2.keystone-engine

pkgs.rubyPackages_3_3.keystone-engine

pkgs.rubyPackages_3_4.keystone-engine

pkgs.rubyPackages_4_0.keystone-engine

pkgs.python312Packages.keystone-engine

pkgs.python313Packages.keystone-engine

pkgs.python314Packages.keystone-engine

pkgs.python312Packages.python-keystoneclient

pkgs.python313Packages.python-keystoneclient

pkgs.python314Packages.python-keystoneclient

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.thttpd

pkgs.althttpd

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.udisks

pkgs.udisks2

pkgs.deepin.udisks2-qt5

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.smfh

pkgs.asmfmt

pkgs.libsmf

pkgs.nasmfmt

pkgs.mt32emu-smf2wav

pkgs.python312Packages.pysmf

pkgs.python313Packages.pysmf

pkgs.python314Packages.pysmf