NIXPKGS-2026-0006 published on 11 Jan 2026 CVE-2025-34451 updated 1 week, 4 days ago by @LeSuisse Activity log Created automatic suggestion 1 week, 5 days ago @LeSuisse accepted as draft 1 week, 5 days ago @LeSuisse published on GitHub 1 week, 4 days ago rofl0r/proxychains-ng <= 4.17 Stack-based Buffer Overflow rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fields, the application may write beyond the bounds of fixed-size stack buffers, leading to memory corruption or crashes. This vulnerability may allow denial of service and, under certain conditions, could be leveraged for further exploitation depending on the execution environment and applied mitigations. Affected products proxychains-ng =<4.17 ==commit cc005b7 Matching in nixpkgs pkgs.proxychains-ng Preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies nixos-unstable 4.17 nixpkgs-unstable 4.17 nixos-unstable-small 4.17 nixos-25.11 4.17 nixos-25.11-small 4.17 nixpkgs-25.11-darwin 4.17 nixos-25.05 4.17 nixos-25.05-small 4.17 nixpkgs-25.05-darwin 4.17 Package maintainers: 2 @usertam Samuel Tam <code@usertam.dev> @ZenithalHourlyRate zenithal <i@zenithal.me>
CVE-2025-34451 updated 1 week, 4 days ago by @LeSuisse Activity log Created automatic suggestion 1 week, 5 days ago @LeSuisse accepted as draft 1 week, 5 days ago @LeSuisse published on GitHub 1 week, 4 days ago rofl0r/proxychains-ng <= 4.17 Stack-based Buffer Overflow rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fields, the application may write beyond the bounds of fixed-size stack buffers, leading to memory corruption or crashes. This vulnerability may allow denial of service and, under certain conditions, could be leveraged for further exploitation depending on the execution environment and applied mitigations. Affected products proxychains-ng =<4.17 ==commit cc005b7 Matching in nixpkgs pkgs.proxychains-ng Preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies nixos-unstable 4.17 nixpkgs-unstable 4.17 nixos-unstable-small 4.17 nixos-25.11 4.17 nixos-25.11-small 4.17 nixpkgs-25.11-darwin 4.17 nixos-25.05 4.17 nixos-25.05-small 4.17 nixpkgs-25.05-darwin 4.17 Package maintainers: 2 @usertam Samuel Tam <code@usertam.dev> @ZenithalHourlyRate zenithal <i@zenithal.me>
pkgs.proxychains-ng Preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies nixos-unstable 4.17 nixpkgs-unstable 4.17 nixos-unstable-small 4.17 nixos-25.11 4.17 nixos-25.11-small 4.17 nixpkgs-25.11-darwin 4.17 nixos-25.05 4.17 nixos-25.05-small 4.17 nixpkgs-25.05-darwin 4.17