Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:
Compact
Detailed
Permalink CVE-2025-39434
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 year ago
WordPress Avatar plugin <= 0.1.4 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Scott Taylor Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Avatar: from n/a through 0.1.4.

Affected products

avatar
  • =<0.1.4

Matching in nixpkgs

pkgs.yunfaavatar

Utility for automatic centralized changing of avatar in Github, Discord, Steam, Shikimori, and many more

pkgs.gnomeExtensions.gravatar

Synchronize GNOME Shell user icon with Gravatar.

  • nixos-unstable 6
    • nixpkgs-unstable 6
    • nixos-unstable-small 6

Package maintainers

Permalink CVE-2025-39436
9.1 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 year ago
WordPress I Draw <= 1.0 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw allows Using Malicious Files. This issue affects I Draw: from n/a through 1.0.

Affected products

idraw
  • =<1.0

Matching in nixpkgs

pkgs.jitsi-excalidraw

Excalidraw collaboration backend for Jitsi

  • nixos-unstable 21
    • nixpkgs-unstable 21
    • nixos-unstable-small 21

Package maintainers

Permalink CVE-2025-39580
5.8 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 year ago
WordPress Dashi <= 3.1.8 - Broken Access Control Vulnerability

Missing Authorization vulnerability in jidaikobo Dashi allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dashi: from n/a through 3.1.8.

Affected products

dashi
  • =<3.1.8

Matching in nixpkgs

pkgs.dashing

Dash Generator Script for Any HTML

Package maintainers

Permalink CVE-2025-24655
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 year ago
WordPress Wishlist Plugin <= 1.0.39 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist allows Reflected XSS. This issue affects Wishlist: from n/a through 1.0.39.

Affected products

wishlist
  • =<1.0.39

Matching in nixpkgs

pkgs.wishlist

Single entrypoint for multiple SSH endpoints

Package maintainers

Permalink CVE-2025-32911
9.0 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 year ago
Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value

A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.

References

Affected products

libsoup
  • *
  • <3.6.3
libsoup3
mingw-freetype
  • *
spice-client-win
  • *

Matching in nixpkgs

pkgs.libsoup_3

HTTP client/server library for GNOME

Package maintainers

Permalink CVE-2024-2182
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 year ago
Ovn: insufficient validation of bfd packets may lead to denial of service

A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service.

References

Affected products

ovn
  • *
  • ==24.03.1
  • ==23.09.3
  • ==22.03.7
  • ==23.06.3
  • ==23.03.3
ovn2.11
ovn2.12
ovn2.13
ovn-2021
  • *
ovn22.03
  • *
ovn22.06
ovn22.09
ovn22.12
  • *
ovn23.03
  • *
ovn23.06
  • *
ovn23.09
  • *

Matching in nixpkgs

pkgs.novnc

VNC client web application

pkgs.turbovnc

High-speed version of VNC derived from TightVNC

pkgs.nanovna-saver

A tool for reading, displaying and saving data from the NanoVNA

Package maintainers

Permalink CVE-2025-3576
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 year ago
Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.

References

Affected products

krb5
  • <1.22
  • *
rhcos
discovery/discovery-server-rhel9
  • *
aap-cloud-metrics-collector-container
ansible-automation-platform-24/ee-minimal-rhel9
ansible-automation-platform-25/ee-minimal-rhel8
ansible-automation-platform-24/ee-supported-rhel8
ansible-automation-platform-24/ee-supported-rhel9
registry.redhat.io/discovery/discovery-server-rhel9
  • *
ansible-automation-platform-24/ansible-builder-rhel9
ansible-automation-platform-25/ansible-builder-rhel8
ansible-automation-platform-24/platform-resource-runner-rhel8
ansible-automation-platform-25/platform-resource-runner-rhel8

Matching in nixpkgs

pkgs.pam_krb5

PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC

Package maintainers

Permalink CVE-2025-32909
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 year ago
Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c

A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.

References

Affected products

libsoup
  • <3.6.2
libsoup3
mingw-freetype
  • *
spice-client-win
  • *

Matching in nixpkgs

pkgs.libsoup_3

HTTP client/server library for GNOME

Package maintainers

Permalink CVE-2023-52356
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 year ago
Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service

A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.

References

Affected products

iv
tkimg
libtiff
  • <4.6.0
  • *
mingw-libtiff
compat-libtiff3
rhaiis/vllm-cuda-rhel9
  • *
rhaiis/vllm-rocm-rhel9
  • *
rhaiis/model-opt-cuda-rhel9
  • *
discovery/discovery-ui-rhel9
  • *

Matching in nixpkgs

pkgs.libtiff

Library and utilities for working with the TIFF image file format

Package maintainers

Permalink CVE-2025-32914
7.4 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 year ago
Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process

A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds.

References

Affected products

libsoup
  • <3.6.5
  • *
libsoup3
  • *

Matching in nixpkgs

pkgs.libsoup_3

HTTP client/server library for GNOME

Package maintainers