Dismissed suggestions Untriaged suggestions Draft issues Published issues Automatically generated suggestions Create Draft to queue a suggestion for refinement. Dismiss to remove a suggestion from the queue. CVE-2024-21886 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: heap buffer overflow in disabledevice A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. tigervnc * xorg-server ==1.21.1.7 xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.xorg.xvfb nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.xorg.xorgserver nixos-24.05 21.1.14 nixpkgs-24.05-darwin 21.1.14 nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.xorg.xvfb.x86_64-linux nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.xorg.xvfb.aarch64-linux nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xvfb.x86_64-darwin nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xvfb.aarch64-darwin nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.x86_64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.aarch64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.x86_64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.aarch64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name> CVE-2023-6478 7.6 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): LOW Availability impact (A): LOW created 21 hours ago Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name> CVE-2023-5367 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name> CVE-2023-6377 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name> CVE-2024-0229 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments. tigervnc * xorg-server <21.1.11 xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.xorg.xvfb nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.xorg.xorgserver nixos-24.05 21.1.14 nixpkgs-24.05-darwin 21.1.14 nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.xorg.xvfb.x86_64-linux nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.xorg.xvfb.aarch64-linux nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xvfb.x86_64-darwin nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xvfb.aarch64-darwin nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.x86_64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.aarch64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.x86_64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.aarch64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name> CVE-2023-5574 7.0 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: use-after-free bug in damagedestroy A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service. tigervnc * xorg-x11-server xorg-x11-server-Xwayland pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name> CVE-2025-53512 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 1 day, 21 hours ago Sensitive log retrieval in Juju The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information. juju <2.9.52 <3.6.8 pkgs.juju Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixos-24.05-small 3.3.0 nixos-24.11 3.5.4 nixpkgs-24.11-darwin 3.5.4 nixos-24.11-small 3.5.4 nixos-unstable 3.5.4 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.jujutsu A Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixos-24.05-small 0.17.1 nixos-24.11 0.23.0 nixpkgs-24.11-darwin 0.23.0 nixos-24.11-small 0.23.0 nixos-unstable 0.24.0 nixos-unstable-small 0.29.0 nixpkgs-unstable 0.29.0 pkgs.jujuutils Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixos-24.05-small 0.2 nixos-24.11 0.2 nixpkgs-24.11-darwin 0.2 nixos-24.11-small 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.juju.x86_64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.x86_64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.jujutsu.x86_64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.x86_64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujuutils.x86_64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.jujuutils.aarch64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 Package maintainers: 5 @RealityAnomaly Alex Zero <alex@arctarus.co.uk> @0x4A6F Joachim Ernst <mail-maintainer@0x4A6F.dev> @thoughtpolice Austin Seipp <aseipp@pobox.com> @emilazy Emily <nixpkgs@emily.moe> @bbigras Bruno Bigras <bigras.bruno@gmail.com> CVE-2025-0928 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 day, 21 hours ago Arbitrary executable upload via authenticated endpoint In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, without verifying model membership or requiring explicit permissions. This enabled the distribution of poisoned binaries to new or upgraded machines, potentially resulting in remote code execution. juju <2.9.52 <3.6.8 pkgs.juju Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixos-24.05-small 3.3.0 nixos-24.11 3.5.4 nixpkgs-24.11-darwin 3.5.4 nixos-24.11-small 3.5.4 nixos-unstable 3.5.4 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.jujutsu A Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixos-24.05-small 0.17.1 nixos-24.11 0.23.0 nixpkgs-24.11-darwin 0.23.0 nixos-24.11-small 0.23.0 nixos-unstable 0.24.0 nixos-unstable-small 0.29.0 nixpkgs-unstable 0.29.0 pkgs.jujuutils Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixos-24.05-small 0.2 nixos-24.11 0.2 nixpkgs-24.11-darwin 0.2 nixos-24.11-small 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.juju.x86_64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.x86_64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.jujutsu.x86_64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.x86_64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujuutils.x86_64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.jujuutils.aarch64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 Package maintainers: 5 @RealityAnomaly Alex Zero <alex@arctarus.co.uk> @0x4A6F Joachim Ernst <mail-maintainer@0x4A6F.dev> @thoughtpolice Austin Seipp <aseipp@pobox.com> @emilazy Emily <nixpkgs@emily.moe> @bbigras Bruno Bigras <bigras.bruno@gmail.com> CVE-2025-53513 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 day, 21 hours ago Zip slip vulnerability in Juju The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm. juju <2.9.52 <3.6.8 pkgs.juju Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixos-24.05-small 3.3.0 nixos-24.11 3.5.4 nixpkgs-24.11-darwin 3.5.4 nixos-24.11-small 3.5.4 nixos-unstable 3.5.4 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.jujutsu A Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixos-24.05-small 0.17.1 nixos-24.11 0.23.0 nixpkgs-24.11-darwin 0.23.0 nixos-24.11-small 0.23.0 nixos-unstable 0.24.0 nixos-unstable-small 0.29.0 nixpkgs-unstable 0.29.0 pkgs.jujuutils Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixos-24.05-small 0.2 nixos-24.11 0.2 nixpkgs-24.11-darwin 0.2 nixos-24.11-small 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.juju.x86_64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.x86_64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.jujutsu.x86_64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.x86_64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujuutils.x86_64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.jujuutils.aarch64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 Package maintainers: 5 @RealityAnomaly Alex Zero <alex@arctarus.co.uk> @0x4A6F Joachim Ernst <mail-maintainer@0x4A6F.dev> @thoughtpolice Austin Seipp <aseipp@pobox.com> @emilazy Emily <nixpkgs@emily.moe> @bbigras Bruno Bigras <bigras.bruno@gmail.com> CVE-2024-5148 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 4 days, 21 hours ago Gnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificate A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition. gnome-remote-desktop <46.2 pkgs.gnome-remote-desktop GNOME Remote Desktop server nixos-24.11 47.2 nixpkgs-24.11-darwin 47.2 nixos-24.11-small 47.2 nixos-unstable 48.1 nixos-unstable-small 47.2 nixpkgs-unstable 48.1 pkgs.gnome.gnome-remote-desktop GNOME Remote Desktop server nixos-24.05 46.2 nixos-24.05-small 46.2 pkgs.gnome-remote-desktop.x86_64-linux GNOME Remote Desktop server nixos-24.11 47.1 nixos-unstable 47.2 pkgs.gnome-remote-desktop.aarch64-linux GNOME Remote Desktop server nixos-24.11 47.1 nixos-unstable 47.2 pkgs.gnome.gnome-remote-desktop.x86_64-linux GNOME Remote Desktop server nixos-24.05 46.2 nixpkgs-24.05-darwin 46.2 pkgs.gnome.gnome-remote-desktop.aarch64-linux GNOME Remote Desktop server nixos-24.05 46.2 nixpkgs-24.05-darwin 46.2 Package maintainers: 4 @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @jtojnar Jan Tojnar <jtojnar@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
CVE-2024-21886 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: heap buffer overflow in disabledevice A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. tigervnc * xorg-server ==1.21.1.7 xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.xorg.xvfb nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.xorg.xorgserver nixos-24.05 21.1.14 nixpkgs-24.05-darwin 21.1.14 nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.xorg.xvfb.x86_64-linux nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.xorg.xvfb.aarch64-linux nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xvfb.x86_64-darwin nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xvfb.aarch64-darwin nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.x86_64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.aarch64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.x86_64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.aarch64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name>
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.xorg.xvfb nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16
pkgs.xorg.xorgserver nixos-24.05 21.1.14 nixpkgs-24.05-darwin 21.1.14 nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16
pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.xorg.xorgserver.x86_64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14
pkgs.xorg.xorgserver.aarch64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14
pkgs.xorg.xorgserver.x86_64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14
pkgs.xorg.xorgserver.aarch64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14
CVE-2023-6478 7.6 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): LOW Availability impact (A): LOW created 21 hours ago Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name>
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
CVE-2023-5367 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name>
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
CVE-2023-6377 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name>
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
CVE-2024-0229 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments. tigervnc * xorg-server <21.1.11 xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.xorg.xvfb nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.xorg.xorgserver nixos-24.05 21.1.14 nixpkgs-24.05-darwin 21.1.14 nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.xorg.xvfb.x86_64-linux nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.xorg.xvfb.aarch64-linux nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xvfb.x86_64-darwin nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xvfb.aarch64-darwin nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.x86_64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.aarch64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.x86_64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 pkgs.xorg.xorgserver.aarch64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name>
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.xorg.xvfb nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16
pkgs.xorg.xorgserver nixos-24.05 21.1.14 nixpkgs-24.05-darwin 21.1.14 nixos-24.11 21.1.16 nixpkgs-24.11-darwin 21.1.16 nixos-24.11-small 21.1.14 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16
pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.xorg.xorgserver.x86_64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14
pkgs.xorg.xorgserver.aarch64-linux nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14
pkgs.xorg.xorgserver.x86_64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14
pkgs.xorg.xorgserver.aarch64-darwin nixos-24.05 ??? nixos-24.05-small 21.1.14 nixos-24.11 21.1.14 nixos-unstable ??? nixos-unstable-small 21.1.14
CVE-2023-5574 7.0 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 21 hours ago Xorg-x11-server: use-after-free bug in damagedestroy A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service. tigervnc * xorg-x11-server xorg-x11-server-Xwayland pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0 Package maintainers: 1 @viric Lluís Batlle i Rossell <viric@viric.name>
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixpkgs-24.05-darwin 1.13.1 nixos-24.11 1.14.0 nixpkgs-24.11-darwin 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.tigervnc.x86_64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-linux Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.x86_64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
pkgs.tigervnc.aarch64-darwin Fork of tightVNC, made in cooperation with VirtualGL nixos-24.05 1.13.1 nixos-24.05-small 1.13.1 nixos-24.11 1.14.0 nixos-24.11-small 1.14.0 nixos-unstable 1.14.0
CVE-2025-53512 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 1 day, 21 hours ago Sensitive log retrieval in Juju The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information. juju <2.9.52 <3.6.8 pkgs.juju Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixos-24.05-small 3.3.0 nixos-24.11 3.5.4 nixpkgs-24.11-darwin 3.5.4 nixos-24.11-small 3.5.4 nixos-unstable 3.5.4 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.jujutsu A Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixos-24.05-small 0.17.1 nixos-24.11 0.23.0 nixpkgs-24.11-darwin 0.23.0 nixos-24.11-small 0.23.0 nixos-unstable 0.24.0 nixos-unstable-small 0.29.0 nixpkgs-unstable 0.29.0 pkgs.jujuutils Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixos-24.05-small 0.2 nixos-24.11 0.2 nixpkgs-24.11-darwin 0.2 nixos-24.11-small 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.juju.x86_64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.x86_64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.jujutsu.x86_64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.x86_64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujuutils.x86_64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.jujuutils.aarch64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 Package maintainers: 5 @RealityAnomaly Alex Zero <alex@arctarus.co.uk> @0x4A6F Joachim Ernst <mail-maintainer@0x4A6F.dev> @thoughtpolice Austin Seipp <aseipp@pobox.com> @emilazy Emily <nixpkgs@emily.moe> @bbigras Bruno Bigras <bigras.bruno@gmail.com>
pkgs.juju Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixos-24.05-small 3.3.0 nixos-24.11 3.5.4 nixpkgs-24.11-darwin 3.5.4 nixos-24.11-small 3.5.4 nixos-unstable 3.5.4 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5
pkgs.jujutsu A Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixos-24.05-small 0.17.1 nixos-24.11 0.23.0 nixpkgs-24.11-darwin 0.23.0 nixos-24.11-small 0.23.0 nixos-unstable 0.24.0 nixos-unstable-small 0.29.0 nixpkgs-unstable 0.29.0
pkgs.jujuutils Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixos-24.05-small 0.2 nixos-24.11 0.2 nixpkgs-24.11-darwin 0.2 nixos-24.11-small 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2
pkgs.juju.x86_64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.juju.aarch64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.juju.x86_64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.juju.aarch64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.jujutsu.x86_64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujutsu.aarch64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujutsu.x86_64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujutsu.aarch64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujuutils.x86_64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2
pkgs.jujuutils.aarch64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2
CVE-2025-0928 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 day, 21 hours ago Arbitrary executable upload via authenticated endpoint In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, without verifying model membership or requiring explicit permissions. This enabled the distribution of poisoned binaries to new or upgraded machines, potentially resulting in remote code execution. juju <2.9.52 <3.6.8 pkgs.juju Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixos-24.05-small 3.3.0 nixos-24.11 3.5.4 nixpkgs-24.11-darwin 3.5.4 nixos-24.11-small 3.5.4 nixos-unstable 3.5.4 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.jujutsu A Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixos-24.05-small 0.17.1 nixos-24.11 0.23.0 nixpkgs-24.11-darwin 0.23.0 nixos-24.11-small 0.23.0 nixos-unstable 0.24.0 nixos-unstable-small 0.29.0 nixpkgs-unstable 0.29.0 pkgs.jujuutils Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixos-24.05-small 0.2 nixos-24.11 0.2 nixpkgs-24.11-darwin 0.2 nixos-24.11-small 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.juju.x86_64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.x86_64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.jujutsu.x86_64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.x86_64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujuutils.x86_64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.jujuutils.aarch64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 Package maintainers: 5 @RealityAnomaly Alex Zero <alex@arctarus.co.uk> @0x4A6F Joachim Ernst <mail-maintainer@0x4A6F.dev> @thoughtpolice Austin Seipp <aseipp@pobox.com> @emilazy Emily <nixpkgs@emily.moe> @bbigras Bruno Bigras <bigras.bruno@gmail.com>
pkgs.juju Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixos-24.05-small 3.3.0 nixos-24.11 3.5.4 nixpkgs-24.11-darwin 3.5.4 nixos-24.11-small 3.5.4 nixos-unstable 3.5.4 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5
pkgs.jujutsu A Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixos-24.05-small 0.17.1 nixos-24.11 0.23.0 nixpkgs-24.11-darwin 0.23.0 nixos-24.11-small 0.23.0 nixos-unstable 0.24.0 nixos-unstable-small 0.29.0 nixpkgs-unstable 0.29.0
pkgs.jujuutils Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixos-24.05-small 0.2 nixos-24.11 0.2 nixpkgs-24.11-darwin 0.2 nixos-24.11-small 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2
pkgs.juju.x86_64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.juju.aarch64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.juju.x86_64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.juju.aarch64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.jujutsu.x86_64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujutsu.aarch64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujutsu.x86_64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujutsu.aarch64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujuutils.x86_64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2
pkgs.jujuutils.aarch64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2
CVE-2025-53513 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 day, 21 hours ago Zip slip vulnerability in Juju The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm. juju <2.9.52 <3.6.8 pkgs.juju Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixos-24.05-small 3.3.0 nixos-24.11 3.5.4 nixpkgs-24.11-darwin 3.5.4 nixos-24.11-small 3.5.4 nixos-unstable 3.5.4 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.jujutsu A Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixos-24.05-small 0.17.1 nixos-24.11 0.23.0 nixpkgs-24.11-darwin 0.23.0 nixos-24.11-small 0.23.0 nixos-unstable 0.24.0 nixos-unstable-small 0.29.0 nixpkgs-unstable 0.29.0 pkgs.jujuutils Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixos-24.05-small 0.2 nixos-24.11 0.2 nixpkgs-24.11-darwin 0.2 nixos-24.11-small 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.juju.x86_64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.x86_64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.juju.aarch64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4 pkgs.jujutsu.x86_64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.x86_64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujutsu.aarch64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0 pkgs.jujuutils.x86_64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 pkgs.jujuutils.aarch64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2 Package maintainers: 5 @RealityAnomaly Alex Zero <alex@arctarus.co.uk> @0x4A6F Joachim Ernst <mail-maintainer@0x4A6F.dev> @thoughtpolice Austin Seipp <aseipp@pobox.com> @emilazy Emily <nixpkgs@emily.moe> @bbigras Bruno Bigras <bigras.bruno@gmail.com>
pkgs.juju Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixos-24.05-small 3.3.0 nixos-24.11 3.5.4 nixpkgs-24.11-darwin 3.5.4 nixos-24.11-small 3.5.4 nixos-unstable 3.5.4 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5
pkgs.jujutsu A Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixos-24.05-small 0.17.1 nixos-24.11 0.23.0 nixpkgs-24.11-darwin 0.23.0 nixos-24.11-small 0.23.0 nixos-unstable 0.24.0 nixos-unstable-small 0.29.0 nixpkgs-unstable 0.29.0
pkgs.jujuutils Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixos-24.05-small 0.2 nixos-24.11 0.2 nixpkgs-24.11-darwin 0.2 nixos-24.11-small 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2
pkgs.juju.x86_64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.juju.aarch64-linux Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.juju.x86_64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.juju.aarch64-darwin Open source modelling tool for operating software in the cloud nixos-24.05 3.3.0 nixpkgs-24.05-darwin 3.3.0 nixos-unstable 3.5.4 nixos-unstable-small 3.5.4 nixpkgs-unstable 3.5.4
pkgs.jujutsu.x86_64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujutsu.aarch64-linux Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujutsu.x86_64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujutsu.aarch64-darwin Git-compatible DVCS that is both simple and powerful nixos-24.05 0.17.1 nixpkgs-24.05-darwin 0.17.1 nixos-unstable 0.24.0 nixos-unstable-small 0.24.0 nixpkgs-unstable 0.24.0
pkgs.jujuutils.x86_64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2
pkgs.jujuutils.aarch64-linux Utilities around FireWire devices connected to a Linux computer nixos-24.05 0.2 nixpkgs-24.05-darwin 0.2 nixos-unstable 0.2 nixos-unstable-small 0.2 nixpkgs-unstable 0.2
CVE-2024-5148 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 4 days, 21 hours ago Gnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificate A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition. gnome-remote-desktop <46.2 pkgs.gnome-remote-desktop GNOME Remote Desktop server nixos-24.11 47.2 nixpkgs-24.11-darwin 47.2 nixos-24.11-small 47.2 nixos-unstable 48.1 nixos-unstable-small 47.2 nixpkgs-unstable 48.1 pkgs.gnome.gnome-remote-desktop GNOME Remote Desktop server nixos-24.05 46.2 nixos-24.05-small 46.2 pkgs.gnome-remote-desktop.x86_64-linux GNOME Remote Desktop server nixos-24.11 47.1 nixos-unstable 47.2 pkgs.gnome-remote-desktop.aarch64-linux GNOME Remote Desktop server nixos-24.11 47.1 nixos-unstable 47.2 pkgs.gnome.gnome-remote-desktop.x86_64-linux GNOME Remote Desktop server nixos-24.05 46.2 nixpkgs-24.05-darwin 46.2 pkgs.gnome.gnome-remote-desktop.aarch64-linux GNOME Remote Desktop server nixos-24.05 46.2 nixpkgs-24.05-darwin 46.2 Package maintainers: 4 @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @jtojnar Jan Tojnar <jtojnar@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
pkgs.gnome-remote-desktop GNOME Remote Desktop server nixos-24.11 47.2 nixpkgs-24.11-darwin 47.2 nixos-24.11-small 47.2 nixos-unstable 48.1 nixos-unstable-small 47.2 nixpkgs-unstable 48.1
pkgs.gnome-remote-desktop.x86_64-linux GNOME Remote Desktop server nixos-24.11 47.1 nixos-unstable 47.2
pkgs.gnome-remote-desktop.aarch64-linux GNOME Remote Desktop server nixos-24.11 47.1 nixos-unstable 47.2
pkgs.gnome.gnome-remote-desktop.x86_64-linux GNOME Remote Desktop server nixos-24.05 46.2 nixpkgs-24.05-darwin 46.2
pkgs.gnome.gnome-remote-desktop.aarch64-linux GNOME Remote Desktop server nixos-24.05 46.2 nixpkgs-24.05-darwin 46.2