Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:
Compact
Detailed
Permalink CVE-2025-32052
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 year ago
Libsoup: heap buffer overflow in sniff_unknown()

A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.

References

Affected products

libsoup
  • *
  • <3.6.1
libsoup3
mingw-freetype
  • *
spice-client-win
  • *

Matching in nixpkgs

pkgs.libsoup_3

HTTP client/server library for GNOME

Package maintainers

Permalink CVE-2025-32051
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 year ago
Libsoup: segmentation fault when parsing malformed data uri

A flaw was found in libsoup. The libsoup soup_uri_decode_data_uri() function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service (DoS).

References

Affected products

libsoup
  • <3.6.1
libsoup3

Matching in nixpkgs

pkgs.libsoup_3

HTTP client/server library for GNOME

Package maintainers

Permalink CVE-2025-32053
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 year ago
Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()

A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.

References

Affected products

libsoup
  • *
  • <3.6.1
libsoup3
mingw-freetype
  • *
spice-client-win
  • *

Matching in nixpkgs

pkgs.libsoup_3

HTTP client/server library for GNOME

Package maintainers

Permalink CVE-2025-31746
6.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 year ago
WordPress Clients plugin <= 1.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Think201 Clients allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clients: from n/a through 1.1.4.

Affected products

clients
  • =<1.1.4

Matching in nixpkgs

Package maintainers

Permalink CVE-2024-2236
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 year ago
Libgcrypt: vulnerable to marvin attack

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

References

Affected products

upstream
libgcrypt
  • <9.4.0
  • *
mingw-libgcrypt

Matching in nixpkgs

Permalink CVE-2023-6917
6.0 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 year ago
Pcp: unsafe use of directories allows pcp to root privilege escalation

A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.

References

Affected products

pcp
  • *
  • ==6.2.0

Matching in nixpkgs

pkgs.pcp

Command line peer-to-peer data transfer tool based on libp2p

pkgs.ncmpcpp

Featureful ncurses based MPD client inspired by ncmpc

  • nixos-unstable 0.10
    • nixpkgs-unstable 0.10
    • nixos-unstable-small 0.10

pkgs.libamqpcpp

Library for communicating with a RabbitMQ server

Package maintainers

Permalink CVE-2025-31787
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 year ago
WordPress Cue by AudioTheme.com plugin <= 2.4.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Brady Vercher Cue allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cue: from n/a through 2.4.4.

Affected products

cue
  • =<2.4.4

Matching in nixpkgs

pkgs.cue

Data constraint language which aims to simplify tasks involving defining and using data

pkgs.mkcue

Generates CUE sheets from a CD TOC

  • nixos-unstable 1
    • nixpkgs-unstable 1
    • nixos-unstable-small 1

pkgs.cuelsp

Language Server implementation for CUE, with built-in support for Dagger

pkgs.cuetsy

Experimental CUE->TypeScript exporter

pkgs.libcue

CUE Sheet Parser Library

pkgs.cuetools

Set of utilities for working with cue files and toc files

pkgs.ddrescue

GNU ddrescue, a data recovery tool

  • nixos-unstable 1.28
    • nixpkgs-unstable 1.28
    • nixos-unstable-small 1.28

pkgs.mrrescue

Arcade-style fire fighting game

pkgs.myrescue

Hard disk recovery tool that reads undamaged regions first

pkgs.dd_rescue

Tool to copy data from a damaged block device

pkgs.rescuetime

Helps you understand your daily habits so you can focus and be more productive

pkgs.ddrescueview

Tool to graphically examine ddrescue mapfiles

Permalink CVE-2025-22523
9.3 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 year ago
WordPress Schedule Plugin <= 1.0.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Schedule allows Blind SQL Injection. This issue affects Schedule: from n/a through 1.0.0.

Affected products

schedule
  • =<1.0.0

Matching in nixpkgs

Permalink CVE-2024-13939
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 year ago
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string may be leaked (but not its contents)." This is similar to CVE-2020-36829

Affected products

String-Compare-ConstantTime
  • =<0.321

Matching in nixpkgs

Permalink CVE-2025-1860
7.7 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 year ago
Data::Entropy for Perl uses insecure rand() function for cryptographic functions

Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.

Affected products

Data-Entropy
  • <0.008

Matching in nixpkgs