NIXPKGS-2025-0011

published 5 months, 4 weeks ago

Permalink CVE-2025-11934

updated 5 months, 4 weeks ago by @LeSuisse Activity log

• Created suggestion 6 months, 2 weeks ago
• @LeSuisse accepted 5 months, 4 weeks ago
• @LeSuisse published on GitHub 5 months, 4 weeks ago

Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify

• https://github.com/wolfSSL/wolfssl
• https://github.com/wolfSSL/wolfssl/pull/9113 exploit

---

wolfssl

• ==v5.8.2
• <5.8.4

NIXPKGS-2025-0006

published 7 months, 1 week ago

Permalink CVE-2025-40928

7.5 HIGH

• CVSS version (CVSS): 3.1
• Attack Vector (AV): Network (N)
• Attack Complexity (AC): Low (L)
• Privileges Required (PR): None (N)
• User Interaction (UI): None (N)
• Scope (S): Unchanged (U)
• Confidentiality (C): None (N)
• Integrity (I): None (N)
• Availability (A): High (H)
• Modified Attack Vector (MAV): Network (N)
• Modified Attack Complexity (MAC): Low (L)
• Modified Privileges Required (MPR): None (N)
• Modified User Interaction (MUI): None (N)
• Modified Confidentiality (MC): None (N)
• Modified Scope (MS): Unchanged (U)
• Modified Integrity (MI): None (N)
• Modified Availability (MA): High (H)

updated 7 months, 1 week ago by @LeSuisse Activity log

• Created suggestion 8 months, 3 weeks ago
• @LeSuisse ignored
  6 packages

  • perlPackages.CpanelJSONXS
  • perl538Packages.CpanelJSONXS
  • perl540Packages.CpanelJSONXS
  • perlPackages.JSONXSVersionOneAndTwo
  • perl538Packages.JSONXSVersionOneAndTwo
  • perl540Packages.JSONXSVersionOneAndTwo
  7 months, 1 week ago
• @LeSuisse accepted 7 months, 1 week ago
• @LeSuisse published on GitHub 7 months, 1 week ago

JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact

• https://metacpan.org/release/MLEHMANN/JSON-XS-4.03/source/XS.xs#L256 related
• https://security.metacpan.org/patches/J/JSON-XS/4.03/CVE-2025-40928-r1.patch patch
• https://lists.debian.org/debian-lts-announce/2025/09/msg00033.html
• http://www.openwall.com/lists/oss-security/2025/09/08/2

---

JSON-XS

• <4.04

NIXPKGS-2025-0009

GitHub issue published 7 months, 1 week ago

Permalink CVE-2025-8941

7.8 HIGH

• CVSS version (CVSS): 3.1
• Attack Vector (AV): Local (L)
• Attack Complexity (AC): Low (L)
• Privileges Required (PR): Low (L)
• User Interaction (UI): None (N)
• Scope (S): Unchanged (U)
• Confidentiality (C): High (H)
• Integrity (I): High (H)
• Availability (A): High (H)
• Modified Attack Vector (MAV): Local (L)
• Modified Attack Complexity (MAC): Low (L)
• Modified Privileges Required (MPR): Low (L)
• Modified User Interaction (MUI): None (N)
• Modified Confidentiality (MC): High (H)
• Modified Scope (MS): Unchanged (U)
• Modified Integrity (MI): High (H)
• Modified Availability (MA): High (H)

updated 7 months, 1 week ago by @LeSuisse Activity log

• Created suggestion 8 months, 3 weeks ago
• @LeSuisse ignored
  69 packages

  • ipam
  • opam
  • paml
  • dspam
  • pamix
  • rspamd
  • openpam
  • pam_p11
  • pam_u2f
  • pamixer
  • dopamine
  • pam_krb5
  • sbclPackages.cl-xmlspam
  • python312Packages.pamela
  • python313Packages.pamela
  • stalwart-mail-spam-filter
  • python312Packages.pypamtest
  • python313Packages.pypamtest
  • python312Packages.python-pam
  • python313Packages.python-pam
  • wordpressPackages.plugins.antispam-bee
  • matrix-synapse-plugins.matrix-synapse-pam
  • matrix-synapse-plugins.synapse-http-antispam
  • matrix-synapse-plugins.matrix-synapse-mjolnir-antispam
  • vscode-extensions.fabiospampinato.vscode-open-in-github
  • pam_ssh_agent_auth
  • rubyPackages.rpam2
  • decode-spam-headers
  • haskellPackages.pam
  • luaPackages.lua-pam
  • google-authenticator
  • lua51Packages.lua-pam
  • lua52Packages.lua-pam
  • lua53Packages.lua-pam
  • rubyPackages_3_1.rpam2
  • rubyPackages_3_2.rpam2
  • rubyPackages_3_3.rpam2
  • rubyPackages_3_4.rpam2
  • kdePackages.kwallet-pam
  • opensmtpd-filter-rspamd
  • python312Packages.pamqp
  • python313Packages.pamqp
  • apparmor-pam
  • opam-publish
  • pam-reattach
  • spamassassin
  • nss_pam_ldapd
  • libpam-wrapper
  • opam-installer
  • pam-honeycreds
  • rspamd-trainer
  • pam_ussh
  • pam_rssh
  • pam_ldap
  • pam
  • ncpamixer
  • opam2json
  • pam_dp9ik
  • pam_gnupg
  • pam_mount
  • pam_mysql
  • pam_pgsql
  • pamtester
  • pam_ccreds
  • pam_mktemp
  • pam_rundir
  • pam_tmpdir
  • yubico-pam
  • pam-watchid
  7 months, 1 week ago
• @LeSuisse accepted 7 months, 1 week ago
• @LeSuisse published on GitHub 7 months, 1 week ago

Linux-pam: incomplete fix for cve-2025-6020

• https://access.redhat.com/security/cve/CVE-2025-8941 x_refsource_REDHATvdb-entry
• RHBZ#2388220 issue-trackingx_refsource_REDHAT
• RHSA-2025:14557 x_refsource_REDHATvendor-advisory
• RHSA-2025:15099 x_refsource_REDHATvendor-advisory
• RHSA-2025:15100 x_refsource_REDHATvendor-advisory
• RHSA-2025:15101 x_refsource_REDHATvendor-advisory
• RHSA-2025:15102 x_refsource_REDHATvendor-advisory
• RHSA-2025:15103 x_refsource_REDHATvendor-advisory
• RHSA-2025:15104 x_refsource_REDHATvendor-advisory
• RHSA-2025:15105 x_refsource_REDHATvendor-advisory
• RHSA-2025:15106 x_refsource_REDHATvendor-advisory
• RHSA-2025:15107 x_refsource_REDHATvendor-advisory
• RHSA-2025:15709 x_refsource_REDHATvendor-advisory
• RHSA-2025:15827 x_refsource_REDHATvendor-advisory
• RHSA-2025:15828 x_refsource_REDHATvendor-advisory
• RHSA-2025:16524 x_refsource_REDHATvendor-advisory
• RHSA-2025:18219 x_refsource_REDHATvendor-advisory
• RHSA-2025:17181 x_refsource_REDHATvendor-advisory
• RHSA-2025:21885 x_refsource_REDHATvendor-advisory

---

pam

• *

linux-pam

discovery/discovery-server-rhel9

• *

web-terminal/web-terminal-tooling-rhel9

• *

cert-manager/jetstack-cert-manager-rhel9

• *

web-terminal/web-terminal-rhel9-operator

• *

insights-proxy/insights-proxy-container-rhel9

• *

compliance/openshift-compliance-openscap-rhel8

• *

openshift-sandboxed-containers/osc-monitor-rhel9

• *

registry.redhat.io/discovery/discovery-server-rhel9

• *

openshift-sandboxed-containers/osc-podvm-builder-rhel9

• *

openshift-sandboxed-containers/osc-podvm-payload-rhel9

• *

openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9

• *

registry.redhat.io/openshift-sandboxed-containers/osc-monitor-rhel9

• *

registry.redhat.io/openshift-sandboxed-containers/osc-podvm-builder-rhel9

• *

registry.redhat.io/openshift-sandboxed-containers/osc-podvm-payload-rhel9

• *

registry.redhat.io/openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9

• *

NIXPKGS-2025-0010

published 7 months, 1 week ago

Permalink CVE-2025-40920

8.6 HIGH

• CVSS version (CVSS): 3.1
• Attack Vector (AV): Network (N)
• Attack Complexity (AC): Low (L)
• Privileges Required (PR): None (N)
• User Interaction (UI): None (N)
• Scope (S): Unchanged (U)
• Confidentiality (C): High (H)
• Integrity (I): Low (L)
• Availability (A): Low (L)
• Modified Attack Vector (MAV): Network (N)
• Modified Attack Complexity (MAC): Low (L)
• Modified Privileges Required (MPR): None (N)
• Modified User Interaction (MUI): None (N)
• Modified Confidentiality (MC): High (H)
• Modified Scope (MS): Unchanged (U)
• Modified Integrity (MI): Low (L)
• Modified Availability (MA): Low (L)

updated 7 months, 1 week ago by @LeSuisse Activity log

• Created suggestion 8 months, 3 weeks ago
• @LeSuisse accepted 7 months, 1 week ago
• @LeSuisse published on GitHub 7 months, 1 week ago

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl use insecurely generated nonces

• https://github.com/perl-catalyst/Catalyst-Authentication-Credential-HTTP/commit… patch
• https://github.com/perl-catalyst/Catalyst-Authentication-Credential-HTTP/pull/1 issue-tracking
• https://metacpan.org/release/ETHER/Catalyst-Authentication-Credential-HTTP-1.01…
• https://datatracker.ietf.org/doc/html/rfc9562#name-security-considerations
• https://datatracker.ietf.org/doc/html/rfc7616#section-5.12
• https://security.metacpan.org/patches/C/Catalyst-Authentication-Credential-HTTP… patch
• http://www.openwall.com/lists/oss-security/2025/08/12/1
• https://github.com/perl-catalyst/Catalyst-Authentication-Credential-HTTP/commit… patch

---

Catalyst-Authentication-Credential-HTTP

• =<1.018

NIXPKGS-2025-0007

published 7 months, 1 week ago

Permalink CVE-2025-40929

5.6 MEDIUM

• CVSS version (CVSS): 3.1
• Attack Vector (AV): Network (N)
• Attack Complexity (AC): High (H)
• Privileges Required (PR): None (N)
• User Interaction (UI): None (N)
• Scope (S): Unchanged (U)
• Confidentiality (C): Low (L)
• Integrity (I): Low (L)
• Availability (A): Low (L)
• Modified Attack Vector (MAV): Network (N)
• Modified Attack Complexity (MAC): High (H)
• Modified Privileges Required (MPR): None (N)
• Modified User Interaction (MUI): None (N)
• Modified Confidentiality (MC): Low (L)
• Modified Scope (MS): Unchanged (U)
• Modified Integrity (MI): Low (L)
• Modified Availability (MA): Low (L)

updated 7 months, 1 week ago by @LeSuisse Activity log

• Created suggestion 8 months, 3 weeks ago
• @LeSuisse accepted 7 months, 1 week ago
• @LeSuisse published on GitHub 7 months, 1 week ago

Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact

• https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.39/source/XS.xs#L713 related
• https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.40/changes release-notes
• https://github.com/rurban/Cpanel-JSON-XS/commit/378236219eaa35742c3962ecbdee364… patch
• https://lists.debian.org/debian-lts-announce/2025/09/msg00034.html
• http://www.openwall.com/lists/oss-security/2025/09/08/1

---

Cpanel-JSON-XS

• <4.40

NIXPKGS-2025-0008

published 7 months, 1 week ago

Permalink CVE-2025-7039

3.7 LOW

• CVSS version (CVSS): 3.1
• Attack Vector (AV): Network (N)
• Attack Complexity (AC): High (H)
• Privileges Required (PR): None (N)
• User Interaction (UI): None (N)
• Scope (S): Unchanged (U)
• Confidentiality (C): None (N)
• Integrity (I): Low (L)
• Availability (A): None (N)
• Modified Attack Vector (MAV): Network (N)
• Modified Attack Complexity (MAC): High (H)
• Modified Privileges Required (MPR): None (N)
• Modified User Interaction (MUI): None (N)
• Modified Confidentiality (MC): None (N)
• Modified Scope (MS): Unchanged (U)
• Modified Integrity (MI): Low (L)
• Modified Availability (MA): None (N)

updated 7 months, 1 week ago by @LeSuisse Activity log

• Created suggestion 8 months, 3 weeks ago
• @LeSuisse accepted 7 months, 1 week ago
• @LeSuisse ignored
  12 packages

  • bootc
  • loupe
  • rpm-ostree
  • podman-bootc
  • mlxbf-bootctl
  • glycin-loaders
  • systemd-bootchart
  • rubyPackages.glib2
  • rubyPackages_3_1.glib2
  • rubyPackages_3_2.glib2
  • rubyPackages_3_3.glib2
  • rubyPackages_3_4.glib2
  7 months, 1 week ago
• @LeSuisse published on GitHub 7 months, 1 week ago

Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()

• https://access.redhat.com/security/cve/CVE-2025-7039 x_refsource_REDHATvdb-entry
• RHBZ#2392423 issue-trackingx_refsource_REDHAT

---

bootc

glib2

loupe

librsvg2

rpm-ostree

mingw-glib2

glycin-loaders

NIXPKGS-2025-0004

published 7 months, 1 week ago

Permalink CVE-2025-10854

8.1 HIGH

• CVSS version (CVSS): 3.1
• Attack Vector (AV): Network (N)
• Attack Complexity (AC): High (H)
• Privileges Required (PR): None (N)
• User Interaction (UI): None (N)
• Scope (S): Unchanged (U)
• Confidentiality (C): High (H)
• Integrity (I): High (H)
• Availability (A): High (H)
• Modified Attack Vector (MAV): Network (N)
• Modified Attack Complexity (MAC): High (H)
• Modified Privileges Required (MPR): None (N)
• Modified User Interaction (MUI): None (N)
• Modified Confidentiality (MC): High (H)
• Modified Scope (MS): Unchanged (U)
• Modified Integrity (MI): High (H)
• Modified Availability (MA): High (H)

updated 7 months, 1 week ago by @LeSuisse Activity log

• Created suggestion 8 months, 2 weeks ago
• @LeSuisse ignored
  2 packages

  • python312Packages.llama-index-readers-txtai
  • python313Packages.llama-index-readers-txtai
  7 months, 1 week ago
• @LeSuisse accepted 7 months, 1 week ago
• @LeSuisse published on GitHub 7 months, 1 week ago

Symlink Following in txtai leads to arbitrary file write when loading untrusted embedding indices

• https://github.com/neuml/txtai/issues/965 patch
• https://research.jfrog.com/vulnerabilities/txtai-arbitrary-file-write-jfsa-2025… third-party-advisory

---

txtai

• =<9.0.0

NIXPKGS-2025-0005

published 7 months, 1 week ago

Permalink CVE-2025-9959

7.6 HIGH

• CVSS version (CVSS): 3.1
• Attack Vector (AV): Network (N)
• Attack Complexity (AC): Low (L)
• Privileges Required (PR): None (N)
• User Interaction (UI): Required (R)
• Scope (S): Unchanged (U)
• Confidentiality (C): Low (L)
• Integrity (I): High (H)
• Availability (A): Low (L)
• Modified Attack Vector (MAV): Network (N)
• Modified Attack Complexity (MAC): Low (L)
• Modified Privileges Required (MPR): None (N)
• Modified User Interaction (MUI): Required (R)
• Modified Confidentiality (MC): Low (L)
• Modified Scope (MS): Unchanged (U)
• Modified Integrity (MI): High (H)
• Modified Availability (MA): Low (L)

updated 7 months, 1 week ago by @LeSuisse Activity log

• Created suggestion 8 months, 3 weeks ago
• @LeSuisse accepted 7 months, 1 week ago
• @LeSuisse published on GitHub 7 months, 1 week ago

Sandbox escape in smolagents Local Python execution environment via dunder attributes

• https://research.jfrog.com/vulnerabilities/smolagents-local-python-sandbox-esca… third-party-advisory
• https://github.com/huggingface/smolagents/pull/1551 patch

---

smolagents

• <1.21.0

NIXPKGS-2025-0002

published 7 months, 1 week ago

Permalink CVE-2025-9900

8.8 HIGH

• CVSS version (CVSS): 3.1
• Attack Vector (AV): Network (N)
• Attack Complexity (AC): Low (L)
• Privileges Required (PR): None (N)
• User Interaction (UI): Required (R)
• Scope (S): Unchanged (U)
• Confidentiality (C): High (H)
• Integrity (I): High (H)
• Availability (A): High (H)
• Modified Attack Vector (MAV): Network (N)
• Modified Attack Complexity (MAC): Low (L)
• Modified Privileges Required (MPR): None (N)
• Modified User Interaction (MUI): Required (R)
• Modified Confidentiality (MC): High (H)
• Modified Scope (MS): Unchanged (U)
• Modified Integrity (MI): High (H)
• Modified Availability (MA): High (H)

updated 7 months, 1 week ago by @balsoft Activity log

• Created suggestion 8 months, 2 weeks ago
• @balsoft accepted 7 months, 1 week ago
• @balsoft deleted
  3 maintainers

  • @sikmir
  • @imincik
  • @nialov
  7 months, 1 week ago maintainer.delete
• @balsoft added maintainer @balsoft 7 months, 1 week ago maintainer.add
• @balsoft published on GitHub 7 months, 1 week ago

Libtiff: libtiff write-what-where

• https://access.redhat.com/security/cve/CVE-2025-9900 x_refsource_REDHATvdb-entry
• RHBZ#2392784 issue-trackingx_refsource_REDHAT
• https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=read… exploit
• RHSA-2025:17651 x_refsource_REDHATvendor-advisory
• RHSA-2025:17675 x_refsource_REDHATvendor-advisory
• RHSA-2025:17710 x_refsource_REDHATvendor-advisory
• RHSA-2025:17738 x_refsource_REDHATvendor-advisory
• RHSA-2025:17739 x_refsource_REDHATvendor-advisory
• RHSA-2025:17740 x_refsource_REDHATvendor-advisory
• RHSA-2025:19113 x_refsource_REDHATvendor-advisory
• RHSA-2025:19156 x_refsource_REDHATvendor-advisory
• RHSA-2025:19276 x_refsource_REDHATvendor-advisory
• https://lists.debian.org/debian-lts-announce/2025/09/msg00031.html
• http://www.openwall.com/lists/oss-security/2025/09/26/3
• RHSA-2025:19906 x_refsource_REDHATvendor-advisory
• https://gitlab.com/libtiff/libtiff/-/issues/704
• https://gitlab.com/libtiff/libtiff/-/merge_requests/732
• https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html
• RHSA-2025:19947 x_refsource_REDHATvendor-advisory
• RHSA-2025:20956 x_refsource_REDHATvendor-advisory
• RHSA-2025:20998 x_refsource_REDHATvendor-advisory
• RHSA-2025:21060 x_refsource_REDHATvendor-advisory
• RHSA-2025:21061 x_refsource_REDHATvendor-advisory
• RHSA-2025:21062 x_refsource_REDHATvendor-advisory
• RHSA-2025:21407 x_refsource_REDHATvendor-advisory
• RHSA-2025:21506 x_refsource_REDHATvendor-advisory
• RHSA-2025:21507 x_refsource_REDHATvendor-advisory
• RHSA-2025:21508 x_refsource_REDHATvendor-advisory
• RHSA-2025:21994 x_refsource_REDHATvendor-advisory
• RHSA-2025:23078 x_refsource_REDHATvendor-advisory
• RHSA-2025:23079 x_refsource_REDHATvendor-advisory
• RHSA-2025:23080 x_refsource_REDHATvendor-advisory
• RHSA-2026:0001 x_refsource_REDHATvendor-advisory
• RHSA-2026:0078 x_refsource_REDHATvendor-advisory
• RHSA-2026:0076 x_refsource_REDHATvendor-advisory
• RHSA-2026:0077 x_refsource_REDHATvendor-advisory

---

libtiff

• *
• <4.7.1

mingw-libtiff

• *

compat-libtiff3

• *

spice-client-win

• *

rhaiis/vllm-cuda-rhel9

• *

rhaiis/vllm-rocm-rhel9

• *

rhaiis/model-opt-cuda-rhel9

• *

discovery/discovery-ui-rhel9

• *

NIXPKGS-2025-0003

published 7 months, 1 week ago

Permalink CVE-2025-9905

updated 7 months, 1 week ago by @LeSuisse Activity log

• Created suggestion 8 months, 2 weeks ago
• @Erethon dismissed 7 months, 2 weeks ago
• @Erethon marked as untriaged 7 months, 2 weeks ago
• @LeSuisse ignored package python312Packages.tf-keras 7 months, 1 week ago
• @balsoft restored package python312Packages.tf-keras 7 months, 1 week ago
• @balsoft dismissed 7 months, 1 week ago
• @LeSuisse accepted 7 months, 1 week ago
• @LeSuisse ignored package python312Packages.tf-keras 7 months, 1 week ago
• @LeSuisse published on GitHub 7 months, 1 week ago

Arbitary Code execution in Keras load_model()

• https://github.com/keras-team/keras/pull/21602 patch
• https://github.com/keras-team/keras/security/advisories/GHSA-36rr-ww3j-vrjv

---

keras

• =<3.11.2