Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:
Compact
Detailed
Permalink CVE-2024-43428
7.7 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 year, 2 months ago
Moodle: cache poisoning via injection into storage

To address a cache poisoning risk in Moodle, additional validation for local storage was required.

References

Affected products

moodle
  • <4.4.2
  • <4.2.9
  • <4.3.6
  • <4.1.12

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

Package maintainers

Permalink CVE-2024-43426
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 year, 2 months ago
Moodle: arbitrary file read risk through pdftex

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.

References

Affected products

moodle
  • <4.4.2
  • <4.2.9
  • <4.3.6
  • <4.1.12

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

Package maintainers

Permalink CVE-2024-11831
5.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 year, 2 months ago
Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript

A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.

References

Affected products

pcs
ceph
  • *
pybind
grafana
libarrow
dotnet6.0
dotnet7.0
dotnet8.0
  • *
nodejs-webpack
quay/quay-rhel8
mta/mta-ui-rhel9
mta/mta-cli-rhel9
rh-dotnet60-dotnet
rhdh-hub-container
odf4/mcg-core-rhel8
odf4/mcg-core-rhel9
odh-dashboard-rhel8
rhdh/rhdh-hub-rhel9
devspaces/code-rhel8
rhacm2/console-rhel8
rhacm2/console-rhel9
serialize-javascript
  • <6.0.2
automation-controller
rhceph/rhceph-8-rhel9
  • *
aap-cloud-ui-container
odf4/odf-console-rhel9
  • *
odh-operator-container
openshift3/ose-console
devspaces/traefik-rhel8
odh-dashboard-container
rhdh-operator-container
odh-model-registry-rhel8
automation-eda-controller
devspaces/dashboard-rhel8
rhosdt/jaeger-agent-rhel8
rhosdt/jaeger-query-rhel8
discovery-server-container
3scale-amp-system-container
rhosdt/jaeger-ingester-rhel8
odf4/ocs-client-console-rhel9
  • *
odh-ml-pipelines-driver-rhel8
odh-notebook-controller-rhel8
rhosdt/jaeger-collector-rhel8
nodejs-uglifyjs-webpack-plugin
rhosdt/jaeger-all-in-one-rhel8
odh-ml-pipelines-launcher-rhel8
openshift-logging/kibana6-rhel8
rhosdt/jaeger-es-rollover-rhel8
odh-kf-notebook-controller-rhel8
nodejs-compression-webpack-plugin
openshift-service-mesh/kiali-rhel8
nodejs-css-minimizer-webpack-plugin
odf4/odf-multicluster-console-rhel8
odf4/odf-multicluster-console-rhel9
  • *
odh-ml-pipelines-api-server-v2-rhel8
rhosdt/jaeger-es-index-cleaner-rhel8
openshift4/ose-monitoring-plugin-rhel8
openshift4/ose-monitoring-plugin-rhel9
openshift-service-mesh/kiali-ossmc-rhel8
rhtpa/rhtpa-trustification-service-rhel9
advanced-cluster-security/rhacs-main-rhel8
  • *
odh-ml-pipelines-persistenceagent-v2-rhel8
openshift-pipelines/pipelines-hub-ui-rhel8
  • *
odh-ml-pipelines-scheduledworkflow-v2-rhel8
openshift-pipelines/pipelines-hub-api-rhel8
advanced-cluster-security/rhacs-roxctl-rhel8
advanced-cluster-security/rhacs-rhel8-operator
odh-data-science-pipelines-argo-argoexec-rhel8
ansible-automation-platform-24/lightspeed-rhel8
ansible-automation-platform-25/lightspeed-rhel8
advanced-cluster-security/rhacs-central-db-rhel8
advanced-cluster-security/rhacs-scanner-v4-rhel8
openshift-pipelines-console-plugin-rhel8-container
openshift-pipelines/pipelines-console-plugin-rhel8
  • *
openshift-pipelines/pipelines-console-plugin-rhel9
  • *
advanced-cluster-security/rhacs-scanner-v4-db-rhel8
openshift-pipelines/pipelines-hub-db-migration-rhel8
odh-data-science-pipelines-argo-workflowcontroller-rhel8
migration-toolkit-virtualization/mtv-console-plugin-rhel9
openshift-lightspeed-beta/lightspeed-console-plugin-rhel9

Matching in nixpkgs

pkgs.vpcs

Simple virtual PC simulator

pkgs.pcstat

Page Cache stat: get page cache stats for files on Linux

pkgs.grafana

Gorgeous metric viz, dashboards & editors for Graphite, InfluxDB & OpenTSDB

pkgs.pcsclite

Middleware to access a smart card using SCard API (PC/SC)

pkgs.pcsx2-bin

Playstation 2 emulator (precompiled binary, repacked from official website)

pkgs.pcsc-tools

Tools used to test a PC/SC driver, card or reader

pkgs.rpcsvc-proto

This package contains rpcsvc proto.x files from glibc, which are missing in libtirpc

pkgs.grafana-agent

Lightweight subset of Prometheus and more, optimized for Grafana Cloud

pkgs.grafana-alloy

Open source OpenTelemetry Collector distribution with built-in Prometheus pipelines and support for metrics, logs, traces, and profiles

pkgs.pcsc-scm-scl011

SCM Microsystems SCL011 chipcard reader user space driver

  • nixos-unstable 2.09
    • nixpkgs-unstable 2.09
    • nixos-unstable-small 2.09

pkgs.grafana-dash-n-grab

Grafana Dash-n-Grab (gdg) -- backup and restore Grafana dashboards, datasources, and other entities

Package maintainers

Permalink CVE-2024-12243
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 year, 2 months ago
Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.

References

Affected products

rhcos
gnutls
  • =<3.6.16
  • =<3.7.11
  • *
  • <3.8.8
discovery/discovery-ui-rhel9
  • *
discovery/discovery-server-rhel9
  • *
registry.redhat.io/discovery/discovery-ui-rhel9
  • *
registry.redhat.io/discovery/discovery-server-rhel9
  • *

Matching in nixpkgs

pkgs.gnutls

GNU Transport Layer Security Library

Package maintainers

Permalink CVE-2024-12133
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 year, 2 months ago
Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.

References

Affected products

rhcos
libtasn1
  • *
  • <4.20.0
discovery/discovery-ui-rhel9
  • *
discovery/discovery-server-rhel9
  • *
registry.redhat.io/discovery/discovery-ui-rhel9
  • *
registry.redhat.io/discovery/discovery-server-rhel9
  • *

Matching in nixpkgs

Permalink CVE-2023-7216
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 year, 2 months ago
Cpio: extraction allows symlinks which enables remote command execution

A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.

References

Affected products

cpio

Matching in nixpkgs

pkgs.cpio

Program to create or extract from cpio archives

  • nixos-unstable 2.15
    • nixpkgs-unstable 2.15
    • nixos-unstable-small 2.15

pkgs.mkinitcpio-nfs-utils

ipconfig and nfsmount tools for root on NFS, ported from klibc

  • nixos-unstable 0.3
    • nixpkgs-unstable 0.3
    • nixos-unstable-small 0.3

Package maintainers

Permalink CVE-2024-31419
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 year, 2 months ago
Cnv: information disclosure through the usage of vm-dump-metrics

An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitly enabled by an administrator.

References

Affected products

CNV
  • ==4.15.1
cnv
  • ==4.15.1
kubevirt-hyperconverged-cluster-operator

Matching in nixpkgs

pkgs.python311Packages.cnvkit

Python library and command-line software toolkit to infer and visualize copy number from high-throughput DNA sequencing data

pkgs.python312Packages.cnvkit

Python library and command-line software toolkit to infer and visualize copy number from high-throughput DNA sequencing data

Package maintainers

Permalink CVE-2023-5568
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): HIGH
created 1 year, 2 months ago
Samba: heap buffer overflow with freshness tokens in the heimdal kdc

A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.

Affected products

samba
  • ==4.19.2

Matching in nixpkgs

pkgs.samba

Standard Windows interoperability suite of programs for Linux and Unix

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix

Package maintainers

Permalink CVE-2024-1454
3.4 LOW
  • CVSS version: 3.1
  • Attack vector (AV): PHYSICAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 year, 2 months ago
Opensc: memory use after free in authentic driver when updating token info

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or smart card to present the system with specially crafted responses to the APDUs, which are considered high complexity and low severity. This manipulation can allow for compromised card management operations during enrolment.

Affected products

opensc
  • ==0.25.0

Matching in nixpkgs

pkgs.opensc

Set of libraries and utilities to access smart cards

pkgs.openscad-lsp

LSP (Language Server Protocol) server for OpenSCAD

Package maintainers

Permalink CVE-2023-38252
4.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 year, 2 months ago
W3m: out of bounds read in strnew_size() at w3m/str.c

An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

Affected products

w3m

Matching in nixpkgs

Package maintainers