Dismissed suggestions Untriaged suggestions Draft issues Published issues Automatically generated suggestions Create Draft to queue a suggestion for refinement. Dismiss to remove a suggestion from the queue. CVE-2023-3597 5.0 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 22 hours ago Keycloak: secondary factor bypass in step-up authentication A flaw was found in Keycloak, where it does not correctly validate its client step-up authentication in org.keycloak.authentication. This flaw allows a remote user authenticated with a password to register a false second authentication factor along with an existing one and bypass authentication. keycloak <22.0.10 <24.0.3 rhbk/keycloak-rhel9 * rhbk/keycloak-rhel9-operator * rhbk/keycloak-operator-bundle * pkgs.keycloak Identity and access management for modern applications and services nixos-24.05 25.0.6 nixpkgs-24.05-darwin 25.0.6 nixos-24.05-small 25.0.6 nixos-24.11 26.0.6 nixpkgs-24.11-darwin 26.0.7 nixos-24.11-small 26.0.7 nixos-unstable 26.0.6 nixos-unstable-small 26.0.7 nixpkgs-unstable 26.0.6 pkgs.terraform-providers.keycloak nixos-24.05 4.4.0 nixpkgs-24.05-darwin 4.4.0 nixos-24.05-small 4.4.0 nixos-24.11 4.4.0 nixpkgs-24.11-darwin 4.4.0 nixos-24.11-small 4.4.0 nixos-unstable 4.4.0 nixos-unstable-small 4.4.0 nixpkgs-unstable 4.4.0 pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 Notify package maintainers: 3 @talyz Kim Lindberger <kim.lindberger@gmail.com> @NickCao Nick Cao <nickcao@nichi.co> @ngerstle Nicholas Gerstle <ngerstle@gmail.com> CVE-2024-9774 created 22 hours ago Python-sql: python-sql unary operators does not escape non-expression A vulnerability was found in python-sql where unary operators do not escape non-Expression. python-sql <1.5.2 pkgs.python311Packages.python-sql Library to write SQL queries in a pythonic way nixos-24.05 1.4.3 nixpkgs-24.05-darwin 1.4.3 nixos-24.05-small 1.4.3 nixos-24.11 1.5.1 nixpkgs-24.11-darwin 1.5.1 nixos-24.11-small 1.5.1 nixos-unstable 1.5.1 nixos-unstable-small 1.5.1 nixpkgs-unstable 1.5.1 pkgs.python312Packages.python-sql Library to write SQL queries in a pythonic way nixos-24.05 1.4.3 nixpkgs-24.05-darwin 1.4.3 nixos-24.05-small 1.4.3 nixos-24.11 1.5.1 nixpkgs-24.11-darwin 1.5.1 nixos-24.11-small 1.5.1 nixos-unstable 1.5.1 nixos-unstable-small 1.5.1 nixpkgs-unstable 1.5.1 pkgs.python311Packages.ipython-sql Introduces a %sql (or %%sql) magic nixos-24.05 0.5.0 nixpkgs-24.05-darwin 0.5.0 nixos-24.05-small 0.5.0 nixos-24.11 0.5.0 nixpkgs-24.11-darwin 0.5.0 nixos-24.11-small 0.5.0 nixos-unstable 0.5.0 nixos-unstable-small 0.5.0 nixpkgs-unstable 0.5.0 pkgs.python312Packages.ipython-sql Introduces a %sql (or %%sql) magic nixos-24.11 0.5.0 nixpkgs-24.11-darwin 0.5.0 nixos-24.11-small 0.5.0 nixos-unstable 0.5.0 nixos-unstable-small 0.5.0 nixpkgs-unstable 0.5.0 Notify package maintainers: 2 @johbo Johannes Bornhold <johannes@bornhold.name> @cpcloud Phillip Cloud CVE-2024-45620 3.9 LOW CVSS version: 3.1 Attack vector (AV): PHYSICAL Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 day, 22 hours ago Libopensc: incorrect handling of the length of buffers or files in pkcs15init A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. opensc libopensc pkgs.opensc Set of libraries and utilities to access smart cards nixos-24.05 0.26.0 nixpkgs-24.05-darwin 0.26.0 nixos-24.05-small 0.26.0 nixos-24.11 0.26.0 nixpkgs-24.11-darwin 0.26.0 nixos-24.11-small 0.26.0 nixos-unstable 0.26.0 nixos-unstable-small 0.26.0 nixpkgs-unstable 0.26.0 pkgs.openscad 3D parametric model compiler nixos-24.05 2021.01 nixpkgs-24.05-darwin 2021.01 nixos-24.05-small 2021.01 nixos-24.11 2021.01 nixpkgs-24.11-darwin 2021.01 nixos-24.11-small 2021.01 nixos-unstable 2021.01 nixos-unstable-small 2021.01 nixpkgs-unstable 2021.01 pkgs.openscap NIST Certified SCAP 1.2 toolkit nixos-24.11 1.3.10 nixpkgs-24.11-darwin 1.3.10 nixos-24.11-small 1.3.10 nixos-unstable 1.3.10 nixos-unstable-small 1.3.10 nixpkgs-unstable 1.3.10 pkgs.openscad-lsp LSP (Language Server Protocol) server for OpenSCAD nixos-24.05 1.2.5 nixpkgs-24.05-darwin 1.2.5 nixos-24.05-small 1.2.5 nixos-24.11 1.2.5 nixpkgs-24.11-darwin 1.2.5 nixos-24.11-small 1.2.5 nixos-unstable 1.2.5 nixos-unstable-small 1.2.5 nixpkgs-unstable 1.2.5 pkgs.openscenegraph 3D graphics toolkit nixos-24.05 3.6.5 nixpkgs-24.05-darwin 3.6.5 nixos-24.05-small 3.6.5 nixos-24.11 3.6.5 nixpkgs-24.11-darwin 3.6.5 nixos-24.11-small 3.6.5 nixos-unstable 3.6.5 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.openscad-unstable 3D parametric model compiler (unstable) nixos-24.05 2024-03-10 nixpkgs-24.05-darwin 2024-03-10 nixos-24.05-small 2024-03-10 nixos-24.11 2024-11-10 nixpkgs-24.11-darwin 2024-11-10 nixos-24.11-small 2024-11-10 nixos-unstable 2024-12-06 nixos-unstable-small 2024-12-06 nixpkgs-unstable 2024-12-06 pkgs.vimPlugins.vim-openscad nixos-24.05 2022-07-26 nixpkgs-24.05-darwin 2022-07-26 nixos-24.05-small 2022-07-26 nixos-24.11 2022-07-26 nixpkgs-24.11-darwin 2022-07-26 nixos-24.11-small 2022-07-26 nixos-unstable 2022-07-26 nixos-unstable-small 2022-07-26 nixpkgs-unstable 2022-07-26 pkgs.vimPlugins.openscad-nvim nixos-24.05 2024-04-13 nixpkgs-24.05-darwin 2024-04-13 nixos-24.05-small 2024-04-13 nixos-24.11 2024-04-13 nixpkgs-24.11-darwin 2024-04-13 nixos-24.11-small 2024-04-13 nixos-unstable 2024-04-13 nixos-unstable-small 2024-04-13 nixpkgs-unstable 2024-04-13 pkgs.kakounePlugins.openscad-kak nixos-24.05 2020-12-10 nixpkgs-24.05-darwin 2020-12-10 nixos-24.05-small 2020-12-10 nixos-24.11 2020-12-10 nixpkgs-24.11-darwin 2020-12-10 nixos-24.11-small 2020-12-10 nixos-unstable 2020-12-10 nixos-unstable-small 2020-12-10 nixpkgs-unstable 2020-12-10 pkgs.vscode-extensions.antyos.openscad OpenSCAD highlighting, snippets, and more for VSCode nixos-24.05 1.1.1 nixpkgs-24.05-darwin 1.1.1 nixos-24.05-small 1.1.1 nixos-24.11 1.3.1 nixpkgs-24.11-darwin 1.3.1 nixos-24.11-small 1.3.1 nixos-unstable 1.3.1 nixos-unstable-small 1.3.1 nixpkgs-unstable 1.3.1 Notify package maintainers: 8 @michaeladler Michael Adler <therisen06@gmail.com> @bjornfor Bjørn Forsman <bjorn.forsman@gmail.com> @7c6f434c Michael Raskin <7c6f434c@mail.ru> @gebner Gabriel Ebner <gebner@gebner.org> @Tochiaha Tochukwu Ahanonu <tochiahan@proton.me> @c-h-johnson Charles Johnson <charles@charlesjohnson.name> @aanderse Aaron Andersen <aaron@fosslib.net> @pca006132 pca006132 <john.lck40@gmail.com> CVE-2024-45619 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): PHYSICAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 day, 22 hours ago Libopensc: incorrect handling length of buffers or files in libopensc A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. opensc libopensc pkgs.opensc Set of libraries and utilities to access smart cards nixos-24.05 0.26.0 nixpkgs-24.05-darwin 0.26.0 nixos-24.05-small 0.26.0 nixos-24.11 0.26.0 nixpkgs-24.11-darwin 0.26.0 nixos-24.11-small 0.26.0 nixos-unstable 0.26.0 nixos-unstable-small 0.26.0 nixpkgs-unstable 0.26.0 pkgs.openscad 3D parametric model compiler nixos-24.05 2021.01 nixpkgs-24.05-darwin 2021.01 nixos-24.05-small 2021.01 nixos-24.11 2021.01 nixpkgs-24.11-darwin 2021.01 nixos-24.11-small 2021.01 nixos-unstable 2021.01 nixos-unstable-small 2021.01 nixpkgs-unstable 2021.01 pkgs.openscap NIST Certified SCAP 1.2 toolkit nixos-24.11 1.3.10 nixpkgs-24.11-darwin 1.3.10 nixos-24.11-small 1.3.10 nixos-unstable 1.3.10 nixos-unstable-small 1.3.10 nixpkgs-unstable 1.3.10 pkgs.openscad-lsp LSP (Language Server Protocol) server for OpenSCAD nixos-24.05 1.2.5 nixpkgs-24.05-darwin 1.2.5 nixos-24.05-small 1.2.5 nixos-24.11 1.2.5 nixpkgs-24.11-darwin 1.2.5 nixos-24.11-small 1.2.5 nixos-unstable 1.2.5 nixos-unstable-small 1.2.5 nixpkgs-unstable 1.2.5 pkgs.openscenegraph 3D graphics toolkit nixos-24.05 3.6.5 nixpkgs-24.05-darwin 3.6.5 nixos-24.05-small 3.6.5 nixos-24.11 3.6.5 nixpkgs-24.11-darwin 3.6.5 nixos-24.11-small 3.6.5 nixos-unstable 3.6.5 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.openscad-unstable 3D parametric model compiler (unstable) nixos-24.05 2024-03-10 nixpkgs-24.05-darwin 2024-03-10 nixos-24.05-small 2024-03-10 nixos-24.11 2024-11-10 nixpkgs-24.11-darwin 2024-11-10 nixos-24.11-small 2024-11-10 nixos-unstable 2024-12-06 nixos-unstable-small 2024-12-06 nixpkgs-unstable 2024-12-06 pkgs.vimPlugins.vim-openscad nixos-24.05 2022-07-26 nixpkgs-24.05-darwin 2022-07-26 nixos-24.05-small 2022-07-26 nixos-24.11 2022-07-26 nixpkgs-24.11-darwin 2022-07-26 nixos-24.11-small 2022-07-26 nixos-unstable 2022-07-26 nixos-unstable-small 2022-07-26 nixpkgs-unstable 2022-07-26 pkgs.vimPlugins.openscad-nvim nixos-24.05 2024-04-13 nixpkgs-24.05-darwin 2024-04-13 nixos-24.05-small 2024-04-13 nixos-24.11 2024-04-13 nixpkgs-24.11-darwin 2024-04-13 nixos-24.11-small 2024-04-13 nixos-unstable 2024-04-13 nixos-unstable-small 2024-04-13 nixpkgs-unstable 2024-04-13 pkgs.kakounePlugins.openscad-kak nixos-24.05 2020-12-10 nixpkgs-24.05-darwin 2020-12-10 nixos-24.05-small 2020-12-10 nixos-24.11 2020-12-10 nixpkgs-24.11-darwin 2020-12-10 nixos-24.11-small 2020-12-10 nixos-unstable 2020-12-10 nixos-unstable-small 2020-12-10 nixpkgs-unstable 2020-12-10 pkgs.vscode-extensions.antyos.openscad OpenSCAD highlighting, snippets, and more for VSCode nixos-24.05 1.1.1 nixpkgs-24.05-darwin 1.1.1 nixos-24.05-small 1.1.1 nixos-24.11 1.3.1 nixpkgs-24.11-darwin 1.3.1 nixos-24.11-small 1.3.1 nixos-unstable 1.3.1 nixos-unstable-small 1.3.1 nixpkgs-unstable 1.3.1 Notify package maintainers: 8 @michaeladler Michael Adler <therisen06@gmail.com> @bjornfor Bjørn Forsman <bjorn.forsman@gmail.com> @7c6f434c Michael Raskin <7c6f434c@mail.ru> @gebner Gabriel Ebner <gebner@gebner.org> @Tochiaha Tochukwu Ahanonu <tochiahan@proton.me> @c-h-johnson Charles Johnson <charles@charlesjohnson.name> @aanderse Aaron Andersen <aaron@fosslib.net> @pca006132 pca006132 <john.lck40@gmail.com> CVE-2024-45618 3.9 LOW CVSS version: 3.1 Attack vector (AV): PHYSICAL Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 day, 22 hours ago Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized. opensc libopensc pkgs.opensc Set of libraries and utilities to access smart cards nixos-24.05 0.26.0 nixpkgs-24.05-darwin 0.26.0 nixos-24.05-small 0.26.0 nixos-24.11 0.26.0 nixpkgs-24.11-darwin 0.26.0 nixos-24.11-small 0.26.0 nixos-unstable 0.26.0 nixos-unstable-small 0.26.0 nixpkgs-unstable 0.26.0 pkgs.openscad 3D parametric model compiler nixos-24.05 2021.01 nixpkgs-24.05-darwin 2021.01 nixos-24.05-small 2021.01 nixos-24.11 2021.01 nixpkgs-24.11-darwin 2021.01 nixos-24.11-small 2021.01 nixos-unstable 2021.01 nixos-unstable-small 2021.01 nixpkgs-unstable 2021.01 pkgs.openscap NIST Certified SCAP 1.2 toolkit nixos-24.11 1.3.10 nixpkgs-24.11-darwin 1.3.10 nixos-24.11-small 1.3.10 nixos-unstable 1.3.10 nixos-unstable-small 1.3.10 nixpkgs-unstable 1.3.10 pkgs.openscad-lsp LSP (Language Server Protocol) server for OpenSCAD nixos-24.05 1.2.5 nixpkgs-24.05-darwin 1.2.5 nixos-24.05-small 1.2.5 nixos-24.11 1.2.5 nixpkgs-24.11-darwin 1.2.5 nixos-24.11-small 1.2.5 nixos-unstable 1.2.5 nixos-unstable-small 1.2.5 nixpkgs-unstable 1.2.5 pkgs.openscenegraph 3D graphics toolkit nixos-24.05 3.6.5 nixpkgs-24.05-darwin 3.6.5 nixos-24.05-small 3.6.5 nixos-24.11 3.6.5 nixpkgs-24.11-darwin 3.6.5 nixos-24.11-small 3.6.5 nixos-unstable 3.6.5 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.openscad-unstable 3D parametric model compiler (unstable) nixos-24.05 2024-03-10 nixpkgs-24.05-darwin 2024-03-10 nixos-24.05-small 2024-03-10 nixos-24.11 2024-11-10 nixpkgs-24.11-darwin 2024-11-10 nixos-24.11-small 2024-11-10 nixos-unstable 2024-12-06 nixos-unstable-small 2024-12-06 nixpkgs-unstable 2024-12-06 pkgs.vimPlugins.vim-openscad nixos-24.05 2022-07-26 nixpkgs-24.05-darwin 2022-07-26 nixos-24.05-small 2022-07-26 nixos-24.11 2022-07-26 nixpkgs-24.11-darwin 2022-07-26 nixos-24.11-small 2022-07-26 nixos-unstable 2022-07-26 nixos-unstable-small 2022-07-26 nixpkgs-unstable 2022-07-26 pkgs.vimPlugins.openscad-nvim nixos-24.05 2024-04-13 nixpkgs-24.05-darwin 2024-04-13 nixos-24.05-small 2024-04-13 nixos-24.11 2024-04-13 nixpkgs-24.11-darwin 2024-04-13 nixos-24.11-small 2024-04-13 nixos-unstable 2024-04-13 nixos-unstable-small 2024-04-13 nixpkgs-unstable 2024-04-13 pkgs.kakounePlugins.openscad-kak nixos-24.05 2020-12-10 nixpkgs-24.05-darwin 2020-12-10 nixos-24.05-small 2020-12-10 nixos-24.11 2020-12-10 nixpkgs-24.11-darwin 2020-12-10 nixos-24.11-small 2020-12-10 nixos-unstable 2020-12-10 nixos-unstable-small 2020-12-10 nixpkgs-unstable 2020-12-10 pkgs.vscode-extensions.antyos.openscad OpenSCAD highlighting, snippets, and more for VSCode nixos-24.05 1.1.1 nixpkgs-24.05-darwin 1.1.1 nixos-24.05-small 1.1.1 nixos-24.11 1.3.1 nixpkgs-24.11-darwin 1.3.1 nixos-24.11-small 1.3.1 nixos-unstable 1.3.1 nixos-unstable-small 1.3.1 nixpkgs-unstable 1.3.1 Notify package maintainers: 8 @michaeladler Michael Adler <therisen06@gmail.com> @bjornfor Bjørn Forsman <bjorn.forsman@gmail.com> @7c6f434c Michael Raskin <7c6f434c@mail.ru> @gebner Gabriel Ebner <gebner@gebner.org> @Tochiaha Tochukwu Ahanonu <tochiahan@proton.me> @c-h-johnson Charles Johnson <charles@charlesjohnson.name> @aanderse Aaron Andersen <aaron@fosslib.net> @pca006132 pca006132 <john.lck40@gmail.com> CVE-2024-2905 6.2 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 3 days, 22 hours ago Rpm-ostree: world-readable /etc/shadow file A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access. rpm-ostree ==1.2024.4 * pkgs.rpm-ostree Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model nixos-24.05 2024.6 nixpkgs-24.05-darwin 2024.6 nixos-24.05-small 2024.6 nixos-24.11 2024.8 nixpkgs-24.11-darwin 2024.8 nixos-24.11-small 2024.8 nixos-unstable 2024.8 nixos-unstable-small 2024.8 nixpkgs-unstable 2024.8 Notify package maintainers: 1 @copumpkin Dan Peebles <pumpkingod@gmail.com> CVE-2024-3049 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): NONE created 3 days, 22 hours ago Booth: specially crafted hash can lead to invalid hmac being accepted by booth server A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server. booth * ==1.0-283.1 pkgs.libsForQt5.booth Camera application nixos-24.05 1.1.3 nixpkgs-24.05-darwin 1.1.3 nixos-24.05-small 1.1.3 nixos-24.11 1.1.3 nixpkgs-24.11-darwin 1.1.3 nixos-24.11-small 1.1.3 nixos-unstable 1.1.3 nixos-unstable-small 1.1.3 nixpkgs-unstable 1.1.3 pkgs.plasma5Packages.booth Camera application nixos-24.05 1.1.3 nixpkgs-24.05-darwin 1.1.3 nixos-24.05-small 1.1.3 nixos-24.11 1.1.3 nixpkgs-24.11-darwin 1.1.3 nixos-24.11-small 1.1.3 nixos-unstable 1.1.3 nixos-unstable-small 1.1.3 nixpkgs-unstable 1.1.3 Notify package maintainers: 1 @milahu Milan Hauth <milahu@gmail.com> CVE-2024-47515 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): NONE created 3 days, 22 hours ago Pagure: generate_archive() follows symbolic links in temporary clones A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance. pagure ==5.14.1 pkgs.haskellPackages.pagure Pagure REST client library nixos-24.05 0.1.2 nixpkgs-24.05-darwin 0.1.2 nixos-24.05-small 0.1.2 nixos-24.11 0.1.2 nixpkgs-24.11-darwin 0.1.2 nixos-24.11-small 0.1.2 nixos-unstable 0.1.2 nixos-unstable-small 0.1.2 nixpkgs-unstable 0.1.2 pkgs.haskellPackages.pagure-cli Pagure client nixos-24.05 0.2.1 nixpkgs-24.05-darwin 0.2.1 nixos-24.05-small 0.2.1 nixos-24.11 0.2.1 nixpkgs-24.11-darwin 0.2.1 nixos-24.11-small 0.2.1 nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1 CVE-2024-4871 6.8 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): NONE created 3 days, 22 hours ago Foreman: host ssh key not being checked in remote execution A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses "-o StrictHostKeyChecking=no". This flaw can lead to a man-in-the-middle attack (MITM), denial of service, leaking of secrets the remote execution job contains, or other issues that may arise from the attacker's ability to forge an SSH key. This issue does not directly allow unauthorized remote execution on the Satellite, although it can leak secrets that may lead to it. foreman ==3.9.1.8 * candlepin * satellite * python-pulpcore * rubygem-dynflow * rubygem-katello * foreman-installer * python-pulp-container * rubygem-foreman_ansible * rubygem-foreman_remote_execution * rubygem-smart_proxy_container_gateway * rubygem-smart_proxy_remote_execution_ssh * pkgs.foreman Process manager for applications with multiple components nixos-24.05 0.87.2 nixpkgs-24.05-darwin 0.87.2 nixos-24.05-small 0.87.2 nixos-24.11 0.87.2 nixpkgs-24.11-darwin 0.87.2 nixos-24.11-small 0.87.2 nixos-unstable 0.87.2 nixos-unstable-small 0.87.2 nixpkgs-unstable 0.87.2 pkgs.satellite A program for showing navigation satellite data nixos-24.05 0.4.3 nixpkgs-24.05-darwin 0.4.3 nixos-24.05-small 0.4.3 nixos-24.11 0.5.0 nixpkgs-24.11-darwin 0.5.0 nixos-24.11-small 0.5.0 nixos-unstable 0.9.0 nixos-unstable-small 0.9.0 nixpkgs-unstable 0.9.0 pkgs.wyoming-satellite Remote voice satellite using Wyoming protocol nixos-24.05 1.2.0 nixpkgs-24.05-darwin 1.2.0 nixos-24.05-small 1.2.0 nixos-24.11 1.2.0 nixpkgs-24.11-darwin 1.2.0 nixos-24.11-small 1.2.0 nixos-unstable 1.2.0 nixos-unstable-small 1.2.0 nixpkgs-unstable 1.2.0 pkgs.xwayland-satellite Xwayland outside your Wayland compositor nixos-24.11 0.5 nixpkgs-24.11-darwin 0.5 nixos-24.11-small 0.5 nixos-unstable 0.5 nixos-unstable-small 0.5 nixpkgs-unstable 0.5 pkgs.homeassistant-satellite Streaming audio satellite for Home Assistant nixos-24.05 2.3.0 nixpkgs-24.05-darwin 2.3.0 nixos-24.05-small 2.3.0 nixos-24.11 2.3.0 nixpkgs-24.11-darwin 2.3.0 nixos-24.11-small 2.3.0 nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.vimPlugins.satellite-nvim nixos-24.05 2024-02-16 nixpkgs-24.05-darwin 2024-02-16 nixos-24.05-small 2024-02-16 nixos-24.11 2024-09-30 nixpkgs-24.11-darwin 2024-09-30 nixos-24.11-small 2024-09-30 nixos-unstable 2024-11-20 nixos-unstable-small 2024-12-05 nixpkgs-unstable 2024-11-20 pkgs.emacsPackages.foreman-mode nixos-24.05 20170725.1422 nixpkgs-24.05-darwin 20170725.1422 nixos-24.05-small 20170725.1422 nixos-24.11 20170725.1422 nixpkgs-24.11-darwin 20170725.1422 nixos-24.11-small 20170725.1422 nixos-unstable 20170725.1422 nixos-unstable-small 20170725.1422 nixpkgs-unstable 20170725.1422 pkgs.home-assistant-component-tests.assist_satellite Open source home automation that puts local control and privacy first nixos-24.11 2024.11.1 nixpkgs-24.11-darwin 2024.11.1 nixos-24.11-small 2024.11.1 nixos-unstable 2024.11.3 nixos-unstable-small 2024.11.3 nixpkgs-unstable 2024.11.3 Notify package maintainers: 8 @zimbatm zimbatm <zimbatm@zimbatm.com> @Luflosi Luflosi <luflosi@luflosi.de> @mweinelt Martin Weinelt <hexa@darmstadt.ccc.de> @if-loop69420 Jeremy Sztavinovszki <j.sztavi@pm.me> @getchoo Seth <getchoo@tuta.io> @sodiboo sodiboo @fabaff Fabian Affolter <mail@fabian-affolter.ch> @Mic92 Jörg Thalheim <joerg@thalheim.io> CVE-2024-9666 4.7 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 3 days, 22 hours ago Org.keycloak/keycloak-quarkus-server: keycloak proxy header handling denial-of-service (dos) vulnerability A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service (DoS) attack due to improper handling of proxy headers. When Keycloak is configured to accept incoming proxy headers, it may accept non-IP values, such as obfuscated identifiers, without proper validation. This issue can lead to costly DNS resolution operations, which an attacker could exploit to tie up IO threads and potentially cause a denial of service. The attacker must have access to send requests to a Keycloak instance that is configured to accept proxy headers, specifically when reverse proxies do not overwrite incoming headers, and Keycloak is configured to trust these headers. keycloak <24.0.9 <26.0.6 rhbk/keycloak-rhel9 * rhbk/keycloak-rhel9-operator * rhbk/keycloak-operator-bundle * org.keycloak/keycloak-quarkus-server pkgs.keycloak Identity and access management for modern applications and services nixos-24.05 25.0.6 nixpkgs-24.05-darwin 25.0.6 nixos-24.05-small 25.0.6 nixos-24.11 26.0.6 nixpkgs-24.11-darwin 26.0.7 nixos-24.11-small 26.0.7 nixos-unstable 26.0.6 nixos-unstable-small 26.0.7 nixpkgs-unstable 26.0.6 pkgs.terraform-providers.keycloak nixos-24.05 4.4.0 nixpkgs-24.05-darwin 4.4.0 nixos-24.05-small 4.4.0 nixos-24.11 4.4.0 nixpkgs-24.11-darwin 4.4.0 nixos-24.11-small 4.4.0 nixos-unstable 4.4.0 nixos-unstable-small 4.4.0 nixpkgs-unstable 4.4.0 pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 Notify package maintainers: 3 @talyz Kim Lindberger <kim.lindberger@gmail.com> @NickCao Nick Cao <nickcao@nichi.co> @ngerstle Nicholas Gerstle <ngerstle@gmail.com>
CVE-2023-3597 5.0 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 22 hours ago Keycloak: secondary factor bypass in step-up authentication A flaw was found in Keycloak, where it does not correctly validate its client step-up authentication in org.keycloak.authentication. This flaw allows a remote user authenticated with a password to register a false second authentication factor along with an existing one and bypass authentication. keycloak <22.0.10 <24.0.3 rhbk/keycloak-rhel9 * rhbk/keycloak-rhel9-operator * rhbk/keycloak-operator-bundle * pkgs.keycloak Identity and access management for modern applications and services nixos-24.05 25.0.6 nixpkgs-24.05-darwin 25.0.6 nixos-24.05-small 25.0.6 nixos-24.11 26.0.6 nixpkgs-24.11-darwin 26.0.7 nixos-24.11-small 26.0.7 nixos-unstable 26.0.6 nixos-unstable-small 26.0.7 nixpkgs-unstable 26.0.6 pkgs.terraform-providers.keycloak nixos-24.05 4.4.0 nixpkgs-24.05-darwin 4.4.0 nixos-24.05-small 4.4.0 nixos-24.11 4.4.0 nixpkgs-24.11-darwin 4.4.0 nixos-24.11-small 4.4.0 nixos-unstable 4.4.0 nixos-unstable-small 4.4.0 nixpkgs-unstable 4.4.0 pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 Notify package maintainers: 3 @talyz Kim Lindberger <kim.lindberger@gmail.com> @NickCao Nick Cao <nickcao@nichi.co> @ngerstle Nicholas Gerstle <ngerstle@gmail.com>
pkgs.keycloak Identity and access management for modern applications and services nixos-24.05 25.0.6 nixpkgs-24.05-darwin 25.0.6 nixos-24.05-small 25.0.6 nixos-24.11 26.0.6 nixpkgs-24.11-darwin 26.0.7 nixos-24.11-small 26.0.7 nixos-unstable 26.0.6 nixos-unstable-small 26.0.7 nixpkgs-unstable 26.0.6
pkgs.terraform-providers.keycloak nixos-24.05 4.4.0 nixpkgs-24.05-darwin 4.4.0 nixos-24.05-small 4.4.0 nixos-24.11 4.4.0 nixpkgs-24.11-darwin 4.4.0 nixos-24.11-small 4.4.0 nixos-unstable 4.4.0 nixos-unstable-small 4.4.0 nixpkgs-unstable 4.4.0
pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
CVE-2024-9774 created 22 hours ago Python-sql: python-sql unary operators does not escape non-expression A vulnerability was found in python-sql where unary operators do not escape non-Expression. python-sql <1.5.2 pkgs.python311Packages.python-sql Library to write SQL queries in a pythonic way nixos-24.05 1.4.3 nixpkgs-24.05-darwin 1.4.3 nixos-24.05-small 1.4.3 nixos-24.11 1.5.1 nixpkgs-24.11-darwin 1.5.1 nixos-24.11-small 1.5.1 nixos-unstable 1.5.1 nixos-unstable-small 1.5.1 nixpkgs-unstable 1.5.1 pkgs.python312Packages.python-sql Library to write SQL queries in a pythonic way nixos-24.05 1.4.3 nixpkgs-24.05-darwin 1.4.3 nixos-24.05-small 1.4.3 nixos-24.11 1.5.1 nixpkgs-24.11-darwin 1.5.1 nixos-24.11-small 1.5.1 nixos-unstable 1.5.1 nixos-unstable-small 1.5.1 nixpkgs-unstable 1.5.1 pkgs.python311Packages.ipython-sql Introduces a %sql (or %%sql) magic nixos-24.05 0.5.0 nixpkgs-24.05-darwin 0.5.0 nixos-24.05-small 0.5.0 nixos-24.11 0.5.0 nixpkgs-24.11-darwin 0.5.0 nixos-24.11-small 0.5.0 nixos-unstable 0.5.0 nixos-unstable-small 0.5.0 nixpkgs-unstable 0.5.0 pkgs.python312Packages.ipython-sql Introduces a %sql (or %%sql) magic nixos-24.11 0.5.0 nixpkgs-24.11-darwin 0.5.0 nixos-24.11-small 0.5.0 nixos-unstable 0.5.0 nixos-unstable-small 0.5.0 nixpkgs-unstable 0.5.0 Notify package maintainers: 2 @johbo Johannes Bornhold <johannes@bornhold.name> @cpcloud Phillip Cloud
pkgs.python311Packages.python-sql Library to write SQL queries in a pythonic way nixos-24.05 1.4.3 nixpkgs-24.05-darwin 1.4.3 nixos-24.05-small 1.4.3 nixos-24.11 1.5.1 nixpkgs-24.11-darwin 1.5.1 nixos-24.11-small 1.5.1 nixos-unstable 1.5.1 nixos-unstable-small 1.5.1 nixpkgs-unstable 1.5.1
pkgs.python312Packages.python-sql Library to write SQL queries in a pythonic way nixos-24.05 1.4.3 nixpkgs-24.05-darwin 1.4.3 nixos-24.05-small 1.4.3 nixos-24.11 1.5.1 nixpkgs-24.11-darwin 1.5.1 nixos-24.11-small 1.5.1 nixos-unstable 1.5.1 nixos-unstable-small 1.5.1 nixpkgs-unstable 1.5.1
pkgs.python311Packages.ipython-sql Introduces a %sql (or %%sql) magic nixos-24.05 0.5.0 nixpkgs-24.05-darwin 0.5.0 nixos-24.05-small 0.5.0 nixos-24.11 0.5.0 nixpkgs-24.11-darwin 0.5.0 nixos-24.11-small 0.5.0 nixos-unstable 0.5.0 nixos-unstable-small 0.5.0 nixpkgs-unstable 0.5.0
pkgs.python312Packages.ipython-sql Introduces a %sql (or %%sql) magic nixos-24.11 0.5.0 nixpkgs-24.11-darwin 0.5.0 nixos-24.11-small 0.5.0 nixos-unstable 0.5.0 nixos-unstable-small 0.5.0 nixpkgs-unstable 0.5.0
CVE-2024-45620 3.9 LOW CVSS version: 3.1 Attack vector (AV): PHYSICAL Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 day, 22 hours ago Libopensc: incorrect handling of the length of buffers or files in pkcs15init A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. opensc libopensc pkgs.opensc Set of libraries and utilities to access smart cards nixos-24.05 0.26.0 nixpkgs-24.05-darwin 0.26.0 nixos-24.05-small 0.26.0 nixos-24.11 0.26.0 nixpkgs-24.11-darwin 0.26.0 nixos-24.11-small 0.26.0 nixos-unstable 0.26.0 nixos-unstable-small 0.26.0 nixpkgs-unstable 0.26.0 pkgs.openscad 3D parametric model compiler nixos-24.05 2021.01 nixpkgs-24.05-darwin 2021.01 nixos-24.05-small 2021.01 nixos-24.11 2021.01 nixpkgs-24.11-darwin 2021.01 nixos-24.11-small 2021.01 nixos-unstable 2021.01 nixos-unstable-small 2021.01 nixpkgs-unstable 2021.01 pkgs.openscap NIST Certified SCAP 1.2 toolkit nixos-24.11 1.3.10 nixpkgs-24.11-darwin 1.3.10 nixos-24.11-small 1.3.10 nixos-unstable 1.3.10 nixos-unstable-small 1.3.10 nixpkgs-unstable 1.3.10 pkgs.openscad-lsp LSP (Language Server Protocol) server for OpenSCAD nixos-24.05 1.2.5 nixpkgs-24.05-darwin 1.2.5 nixos-24.05-small 1.2.5 nixos-24.11 1.2.5 nixpkgs-24.11-darwin 1.2.5 nixos-24.11-small 1.2.5 nixos-unstable 1.2.5 nixos-unstable-small 1.2.5 nixpkgs-unstable 1.2.5 pkgs.openscenegraph 3D graphics toolkit nixos-24.05 3.6.5 nixpkgs-24.05-darwin 3.6.5 nixos-24.05-small 3.6.5 nixos-24.11 3.6.5 nixpkgs-24.11-darwin 3.6.5 nixos-24.11-small 3.6.5 nixos-unstable 3.6.5 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.openscad-unstable 3D parametric model compiler (unstable) nixos-24.05 2024-03-10 nixpkgs-24.05-darwin 2024-03-10 nixos-24.05-small 2024-03-10 nixos-24.11 2024-11-10 nixpkgs-24.11-darwin 2024-11-10 nixos-24.11-small 2024-11-10 nixos-unstable 2024-12-06 nixos-unstable-small 2024-12-06 nixpkgs-unstable 2024-12-06 pkgs.vimPlugins.vim-openscad nixos-24.05 2022-07-26 nixpkgs-24.05-darwin 2022-07-26 nixos-24.05-small 2022-07-26 nixos-24.11 2022-07-26 nixpkgs-24.11-darwin 2022-07-26 nixos-24.11-small 2022-07-26 nixos-unstable 2022-07-26 nixos-unstable-small 2022-07-26 nixpkgs-unstable 2022-07-26 pkgs.vimPlugins.openscad-nvim nixos-24.05 2024-04-13 nixpkgs-24.05-darwin 2024-04-13 nixos-24.05-small 2024-04-13 nixos-24.11 2024-04-13 nixpkgs-24.11-darwin 2024-04-13 nixos-24.11-small 2024-04-13 nixos-unstable 2024-04-13 nixos-unstable-small 2024-04-13 nixpkgs-unstable 2024-04-13 pkgs.kakounePlugins.openscad-kak nixos-24.05 2020-12-10 nixpkgs-24.05-darwin 2020-12-10 nixos-24.05-small 2020-12-10 nixos-24.11 2020-12-10 nixpkgs-24.11-darwin 2020-12-10 nixos-24.11-small 2020-12-10 nixos-unstable 2020-12-10 nixos-unstable-small 2020-12-10 nixpkgs-unstable 2020-12-10 pkgs.vscode-extensions.antyos.openscad OpenSCAD highlighting, snippets, and more for VSCode nixos-24.05 1.1.1 nixpkgs-24.05-darwin 1.1.1 nixos-24.05-small 1.1.1 nixos-24.11 1.3.1 nixpkgs-24.11-darwin 1.3.1 nixos-24.11-small 1.3.1 nixos-unstable 1.3.1 nixos-unstable-small 1.3.1 nixpkgs-unstable 1.3.1 Notify package maintainers: 8 @michaeladler Michael Adler <therisen06@gmail.com> @bjornfor Bjørn Forsman <bjorn.forsman@gmail.com> @7c6f434c Michael Raskin <7c6f434c@mail.ru> @gebner Gabriel Ebner <gebner@gebner.org> @Tochiaha Tochukwu Ahanonu <tochiahan@proton.me> @c-h-johnson Charles Johnson <charles@charlesjohnson.name> @aanderse Aaron Andersen <aaron@fosslib.net> @pca006132 pca006132 <john.lck40@gmail.com>
pkgs.opensc Set of libraries and utilities to access smart cards nixos-24.05 0.26.0 nixpkgs-24.05-darwin 0.26.0 nixos-24.05-small 0.26.0 nixos-24.11 0.26.0 nixpkgs-24.11-darwin 0.26.0 nixos-24.11-small 0.26.0 nixos-unstable 0.26.0 nixos-unstable-small 0.26.0 nixpkgs-unstable 0.26.0
pkgs.openscad 3D parametric model compiler nixos-24.05 2021.01 nixpkgs-24.05-darwin 2021.01 nixos-24.05-small 2021.01 nixos-24.11 2021.01 nixpkgs-24.11-darwin 2021.01 nixos-24.11-small 2021.01 nixos-unstable 2021.01 nixos-unstable-small 2021.01 nixpkgs-unstable 2021.01
pkgs.openscap NIST Certified SCAP 1.2 toolkit nixos-24.11 1.3.10 nixpkgs-24.11-darwin 1.3.10 nixos-24.11-small 1.3.10 nixos-unstable 1.3.10 nixos-unstable-small 1.3.10 nixpkgs-unstable 1.3.10
pkgs.openscad-lsp LSP (Language Server Protocol) server for OpenSCAD nixos-24.05 1.2.5 nixpkgs-24.05-darwin 1.2.5 nixos-24.05-small 1.2.5 nixos-24.11 1.2.5 nixpkgs-24.11-darwin 1.2.5 nixos-24.11-small 1.2.5 nixos-unstable 1.2.5 nixos-unstable-small 1.2.5 nixpkgs-unstable 1.2.5
pkgs.openscenegraph 3D graphics toolkit nixos-24.05 3.6.5 nixpkgs-24.05-darwin 3.6.5 nixos-24.05-small 3.6.5 nixos-24.11 3.6.5 nixpkgs-24.11-darwin 3.6.5 nixos-24.11-small 3.6.5 nixos-unstable 3.6.5 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5
pkgs.openscad-unstable 3D parametric model compiler (unstable) nixos-24.05 2024-03-10 nixpkgs-24.05-darwin 2024-03-10 nixos-24.05-small 2024-03-10 nixos-24.11 2024-11-10 nixpkgs-24.11-darwin 2024-11-10 nixos-24.11-small 2024-11-10 nixos-unstable 2024-12-06 nixos-unstable-small 2024-12-06 nixpkgs-unstable 2024-12-06
pkgs.vimPlugins.vim-openscad nixos-24.05 2022-07-26 nixpkgs-24.05-darwin 2022-07-26 nixos-24.05-small 2022-07-26 nixos-24.11 2022-07-26 nixpkgs-24.11-darwin 2022-07-26 nixos-24.11-small 2022-07-26 nixos-unstable 2022-07-26 nixos-unstable-small 2022-07-26 nixpkgs-unstable 2022-07-26
pkgs.vimPlugins.openscad-nvim nixos-24.05 2024-04-13 nixpkgs-24.05-darwin 2024-04-13 nixos-24.05-small 2024-04-13 nixos-24.11 2024-04-13 nixpkgs-24.11-darwin 2024-04-13 nixos-24.11-small 2024-04-13 nixos-unstable 2024-04-13 nixos-unstable-small 2024-04-13 nixpkgs-unstable 2024-04-13
pkgs.kakounePlugins.openscad-kak nixos-24.05 2020-12-10 nixpkgs-24.05-darwin 2020-12-10 nixos-24.05-small 2020-12-10 nixos-24.11 2020-12-10 nixpkgs-24.11-darwin 2020-12-10 nixos-24.11-small 2020-12-10 nixos-unstable 2020-12-10 nixos-unstable-small 2020-12-10 nixpkgs-unstable 2020-12-10
pkgs.vscode-extensions.antyos.openscad OpenSCAD highlighting, snippets, and more for VSCode nixos-24.05 1.1.1 nixpkgs-24.05-darwin 1.1.1 nixos-24.05-small 1.1.1 nixos-24.11 1.3.1 nixpkgs-24.11-darwin 1.3.1 nixos-24.11-small 1.3.1 nixos-unstable 1.3.1 nixos-unstable-small 1.3.1 nixpkgs-unstable 1.3.1
CVE-2024-45619 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): PHYSICAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 day, 22 hours ago Libopensc: incorrect handling length of buffers or files in libopensc A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. opensc libopensc pkgs.opensc Set of libraries and utilities to access smart cards nixos-24.05 0.26.0 nixpkgs-24.05-darwin 0.26.0 nixos-24.05-small 0.26.0 nixos-24.11 0.26.0 nixpkgs-24.11-darwin 0.26.0 nixos-24.11-small 0.26.0 nixos-unstable 0.26.0 nixos-unstable-small 0.26.0 nixpkgs-unstable 0.26.0 pkgs.openscad 3D parametric model compiler nixos-24.05 2021.01 nixpkgs-24.05-darwin 2021.01 nixos-24.05-small 2021.01 nixos-24.11 2021.01 nixpkgs-24.11-darwin 2021.01 nixos-24.11-small 2021.01 nixos-unstable 2021.01 nixos-unstable-small 2021.01 nixpkgs-unstable 2021.01 pkgs.openscap NIST Certified SCAP 1.2 toolkit nixos-24.11 1.3.10 nixpkgs-24.11-darwin 1.3.10 nixos-24.11-small 1.3.10 nixos-unstable 1.3.10 nixos-unstable-small 1.3.10 nixpkgs-unstable 1.3.10 pkgs.openscad-lsp LSP (Language Server Protocol) server for OpenSCAD nixos-24.05 1.2.5 nixpkgs-24.05-darwin 1.2.5 nixos-24.05-small 1.2.5 nixos-24.11 1.2.5 nixpkgs-24.11-darwin 1.2.5 nixos-24.11-small 1.2.5 nixos-unstable 1.2.5 nixos-unstable-small 1.2.5 nixpkgs-unstable 1.2.5 pkgs.openscenegraph 3D graphics toolkit nixos-24.05 3.6.5 nixpkgs-24.05-darwin 3.6.5 nixos-24.05-small 3.6.5 nixos-24.11 3.6.5 nixpkgs-24.11-darwin 3.6.5 nixos-24.11-small 3.6.5 nixos-unstable 3.6.5 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.openscad-unstable 3D parametric model compiler (unstable) nixos-24.05 2024-03-10 nixpkgs-24.05-darwin 2024-03-10 nixos-24.05-small 2024-03-10 nixos-24.11 2024-11-10 nixpkgs-24.11-darwin 2024-11-10 nixos-24.11-small 2024-11-10 nixos-unstable 2024-12-06 nixos-unstable-small 2024-12-06 nixpkgs-unstable 2024-12-06 pkgs.vimPlugins.vim-openscad nixos-24.05 2022-07-26 nixpkgs-24.05-darwin 2022-07-26 nixos-24.05-small 2022-07-26 nixos-24.11 2022-07-26 nixpkgs-24.11-darwin 2022-07-26 nixos-24.11-small 2022-07-26 nixos-unstable 2022-07-26 nixos-unstable-small 2022-07-26 nixpkgs-unstable 2022-07-26 pkgs.vimPlugins.openscad-nvim nixos-24.05 2024-04-13 nixpkgs-24.05-darwin 2024-04-13 nixos-24.05-small 2024-04-13 nixos-24.11 2024-04-13 nixpkgs-24.11-darwin 2024-04-13 nixos-24.11-small 2024-04-13 nixos-unstable 2024-04-13 nixos-unstable-small 2024-04-13 nixpkgs-unstable 2024-04-13 pkgs.kakounePlugins.openscad-kak nixos-24.05 2020-12-10 nixpkgs-24.05-darwin 2020-12-10 nixos-24.05-small 2020-12-10 nixos-24.11 2020-12-10 nixpkgs-24.11-darwin 2020-12-10 nixos-24.11-small 2020-12-10 nixos-unstable 2020-12-10 nixos-unstable-small 2020-12-10 nixpkgs-unstable 2020-12-10 pkgs.vscode-extensions.antyos.openscad OpenSCAD highlighting, snippets, and more for VSCode nixos-24.05 1.1.1 nixpkgs-24.05-darwin 1.1.1 nixos-24.05-small 1.1.1 nixos-24.11 1.3.1 nixpkgs-24.11-darwin 1.3.1 nixos-24.11-small 1.3.1 nixos-unstable 1.3.1 nixos-unstable-small 1.3.1 nixpkgs-unstable 1.3.1 Notify package maintainers: 8 @michaeladler Michael Adler <therisen06@gmail.com> @bjornfor Bjørn Forsman <bjorn.forsman@gmail.com> @7c6f434c Michael Raskin <7c6f434c@mail.ru> @gebner Gabriel Ebner <gebner@gebner.org> @Tochiaha Tochukwu Ahanonu <tochiahan@proton.me> @c-h-johnson Charles Johnson <charles@charlesjohnson.name> @aanderse Aaron Andersen <aaron@fosslib.net> @pca006132 pca006132 <john.lck40@gmail.com>
pkgs.opensc Set of libraries and utilities to access smart cards nixos-24.05 0.26.0 nixpkgs-24.05-darwin 0.26.0 nixos-24.05-small 0.26.0 nixos-24.11 0.26.0 nixpkgs-24.11-darwin 0.26.0 nixos-24.11-small 0.26.0 nixos-unstable 0.26.0 nixos-unstable-small 0.26.0 nixpkgs-unstable 0.26.0
pkgs.openscad 3D parametric model compiler nixos-24.05 2021.01 nixpkgs-24.05-darwin 2021.01 nixos-24.05-small 2021.01 nixos-24.11 2021.01 nixpkgs-24.11-darwin 2021.01 nixos-24.11-small 2021.01 nixos-unstable 2021.01 nixos-unstable-small 2021.01 nixpkgs-unstable 2021.01
pkgs.openscap NIST Certified SCAP 1.2 toolkit nixos-24.11 1.3.10 nixpkgs-24.11-darwin 1.3.10 nixos-24.11-small 1.3.10 nixos-unstable 1.3.10 nixos-unstable-small 1.3.10 nixpkgs-unstable 1.3.10
pkgs.openscad-lsp LSP (Language Server Protocol) server for OpenSCAD nixos-24.05 1.2.5 nixpkgs-24.05-darwin 1.2.5 nixos-24.05-small 1.2.5 nixos-24.11 1.2.5 nixpkgs-24.11-darwin 1.2.5 nixos-24.11-small 1.2.5 nixos-unstable 1.2.5 nixos-unstable-small 1.2.5 nixpkgs-unstable 1.2.5
pkgs.openscenegraph 3D graphics toolkit nixos-24.05 3.6.5 nixpkgs-24.05-darwin 3.6.5 nixos-24.05-small 3.6.5 nixos-24.11 3.6.5 nixpkgs-24.11-darwin 3.6.5 nixos-24.11-small 3.6.5 nixos-unstable 3.6.5 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5
pkgs.openscad-unstable 3D parametric model compiler (unstable) nixos-24.05 2024-03-10 nixpkgs-24.05-darwin 2024-03-10 nixos-24.05-small 2024-03-10 nixos-24.11 2024-11-10 nixpkgs-24.11-darwin 2024-11-10 nixos-24.11-small 2024-11-10 nixos-unstable 2024-12-06 nixos-unstable-small 2024-12-06 nixpkgs-unstable 2024-12-06
pkgs.vimPlugins.vim-openscad nixos-24.05 2022-07-26 nixpkgs-24.05-darwin 2022-07-26 nixos-24.05-small 2022-07-26 nixos-24.11 2022-07-26 nixpkgs-24.11-darwin 2022-07-26 nixos-24.11-small 2022-07-26 nixos-unstable 2022-07-26 nixos-unstable-small 2022-07-26 nixpkgs-unstable 2022-07-26
pkgs.vimPlugins.openscad-nvim nixos-24.05 2024-04-13 nixpkgs-24.05-darwin 2024-04-13 nixos-24.05-small 2024-04-13 nixos-24.11 2024-04-13 nixpkgs-24.11-darwin 2024-04-13 nixos-24.11-small 2024-04-13 nixos-unstable 2024-04-13 nixos-unstable-small 2024-04-13 nixpkgs-unstable 2024-04-13
pkgs.kakounePlugins.openscad-kak nixos-24.05 2020-12-10 nixpkgs-24.05-darwin 2020-12-10 nixos-24.05-small 2020-12-10 nixos-24.11 2020-12-10 nixpkgs-24.11-darwin 2020-12-10 nixos-24.11-small 2020-12-10 nixos-unstable 2020-12-10 nixos-unstable-small 2020-12-10 nixpkgs-unstable 2020-12-10
pkgs.vscode-extensions.antyos.openscad OpenSCAD highlighting, snippets, and more for VSCode nixos-24.05 1.1.1 nixpkgs-24.05-darwin 1.1.1 nixos-24.05-small 1.1.1 nixos-24.11 1.3.1 nixpkgs-24.11-darwin 1.3.1 nixos-24.11-small 1.3.1 nixos-unstable 1.3.1 nixos-unstable-small 1.3.1 nixpkgs-unstable 1.3.1
CVE-2024-45618 3.9 LOW CVSS version: 3.1 Attack vector (AV): PHYSICAL Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 day, 22 hours ago Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized. opensc libopensc pkgs.opensc Set of libraries and utilities to access smart cards nixos-24.05 0.26.0 nixpkgs-24.05-darwin 0.26.0 nixos-24.05-small 0.26.0 nixos-24.11 0.26.0 nixpkgs-24.11-darwin 0.26.0 nixos-24.11-small 0.26.0 nixos-unstable 0.26.0 nixos-unstable-small 0.26.0 nixpkgs-unstable 0.26.0 pkgs.openscad 3D parametric model compiler nixos-24.05 2021.01 nixpkgs-24.05-darwin 2021.01 nixos-24.05-small 2021.01 nixos-24.11 2021.01 nixpkgs-24.11-darwin 2021.01 nixos-24.11-small 2021.01 nixos-unstable 2021.01 nixos-unstable-small 2021.01 nixpkgs-unstable 2021.01 pkgs.openscap NIST Certified SCAP 1.2 toolkit nixos-24.11 1.3.10 nixpkgs-24.11-darwin 1.3.10 nixos-24.11-small 1.3.10 nixos-unstable 1.3.10 nixos-unstable-small 1.3.10 nixpkgs-unstable 1.3.10 pkgs.openscad-lsp LSP (Language Server Protocol) server for OpenSCAD nixos-24.05 1.2.5 nixpkgs-24.05-darwin 1.2.5 nixos-24.05-small 1.2.5 nixos-24.11 1.2.5 nixpkgs-24.11-darwin 1.2.5 nixos-24.11-small 1.2.5 nixos-unstable 1.2.5 nixos-unstable-small 1.2.5 nixpkgs-unstable 1.2.5 pkgs.openscenegraph 3D graphics toolkit nixos-24.05 3.6.5 nixpkgs-24.05-darwin 3.6.5 nixos-24.05-small 3.6.5 nixos-24.11 3.6.5 nixpkgs-24.11-darwin 3.6.5 nixos-24.11-small 3.6.5 nixos-unstable 3.6.5 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5 pkgs.openscad-unstable 3D parametric model compiler (unstable) nixos-24.05 2024-03-10 nixpkgs-24.05-darwin 2024-03-10 nixos-24.05-small 2024-03-10 nixos-24.11 2024-11-10 nixpkgs-24.11-darwin 2024-11-10 nixos-24.11-small 2024-11-10 nixos-unstable 2024-12-06 nixos-unstable-small 2024-12-06 nixpkgs-unstable 2024-12-06 pkgs.vimPlugins.vim-openscad nixos-24.05 2022-07-26 nixpkgs-24.05-darwin 2022-07-26 nixos-24.05-small 2022-07-26 nixos-24.11 2022-07-26 nixpkgs-24.11-darwin 2022-07-26 nixos-24.11-small 2022-07-26 nixos-unstable 2022-07-26 nixos-unstable-small 2022-07-26 nixpkgs-unstable 2022-07-26 pkgs.vimPlugins.openscad-nvim nixos-24.05 2024-04-13 nixpkgs-24.05-darwin 2024-04-13 nixos-24.05-small 2024-04-13 nixos-24.11 2024-04-13 nixpkgs-24.11-darwin 2024-04-13 nixos-24.11-small 2024-04-13 nixos-unstable 2024-04-13 nixos-unstable-small 2024-04-13 nixpkgs-unstable 2024-04-13 pkgs.kakounePlugins.openscad-kak nixos-24.05 2020-12-10 nixpkgs-24.05-darwin 2020-12-10 nixos-24.05-small 2020-12-10 nixos-24.11 2020-12-10 nixpkgs-24.11-darwin 2020-12-10 nixos-24.11-small 2020-12-10 nixos-unstable 2020-12-10 nixos-unstable-small 2020-12-10 nixpkgs-unstable 2020-12-10 pkgs.vscode-extensions.antyos.openscad OpenSCAD highlighting, snippets, and more for VSCode nixos-24.05 1.1.1 nixpkgs-24.05-darwin 1.1.1 nixos-24.05-small 1.1.1 nixos-24.11 1.3.1 nixpkgs-24.11-darwin 1.3.1 nixos-24.11-small 1.3.1 nixos-unstable 1.3.1 nixos-unstable-small 1.3.1 nixpkgs-unstable 1.3.1 Notify package maintainers: 8 @michaeladler Michael Adler <therisen06@gmail.com> @bjornfor Bjørn Forsman <bjorn.forsman@gmail.com> @7c6f434c Michael Raskin <7c6f434c@mail.ru> @gebner Gabriel Ebner <gebner@gebner.org> @Tochiaha Tochukwu Ahanonu <tochiahan@proton.me> @c-h-johnson Charles Johnson <charles@charlesjohnson.name> @aanderse Aaron Andersen <aaron@fosslib.net> @pca006132 pca006132 <john.lck40@gmail.com>
pkgs.opensc Set of libraries and utilities to access smart cards nixos-24.05 0.26.0 nixpkgs-24.05-darwin 0.26.0 nixos-24.05-small 0.26.0 nixos-24.11 0.26.0 nixpkgs-24.11-darwin 0.26.0 nixos-24.11-small 0.26.0 nixos-unstable 0.26.0 nixos-unstable-small 0.26.0 nixpkgs-unstable 0.26.0
pkgs.openscad 3D parametric model compiler nixos-24.05 2021.01 nixpkgs-24.05-darwin 2021.01 nixos-24.05-small 2021.01 nixos-24.11 2021.01 nixpkgs-24.11-darwin 2021.01 nixos-24.11-small 2021.01 nixos-unstable 2021.01 nixos-unstable-small 2021.01 nixpkgs-unstable 2021.01
pkgs.openscap NIST Certified SCAP 1.2 toolkit nixos-24.11 1.3.10 nixpkgs-24.11-darwin 1.3.10 nixos-24.11-small 1.3.10 nixos-unstable 1.3.10 nixos-unstable-small 1.3.10 nixpkgs-unstable 1.3.10
pkgs.openscad-lsp LSP (Language Server Protocol) server for OpenSCAD nixos-24.05 1.2.5 nixpkgs-24.05-darwin 1.2.5 nixos-24.05-small 1.2.5 nixos-24.11 1.2.5 nixpkgs-24.11-darwin 1.2.5 nixos-24.11-small 1.2.5 nixos-unstable 1.2.5 nixos-unstable-small 1.2.5 nixpkgs-unstable 1.2.5
pkgs.openscenegraph 3D graphics toolkit nixos-24.05 3.6.5 nixpkgs-24.05-darwin 3.6.5 nixos-24.05-small 3.6.5 nixos-24.11 3.6.5 nixpkgs-24.11-darwin 3.6.5 nixos-24.11-small 3.6.5 nixos-unstable 3.6.5 nixos-unstable-small 3.6.5 nixpkgs-unstable 3.6.5
pkgs.openscad-unstable 3D parametric model compiler (unstable) nixos-24.05 2024-03-10 nixpkgs-24.05-darwin 2024-03-10 nixos-24.05-small 2024-03-10 nixos-24.11 2024-11-10 nixpkgs-24.11-darwin 2024-11-10 nixos-24.11-small 2024-11-10 nixos-unstable 2024-12-06 nixos-unstable-small 2024-12-06 nixpkgs-unstable 2024-12-06
pkgs.vimPlugins.vim-openscad nixos-24.05 2022-07-26 nixpkgs-24.05-darwin 2022-07-26 nixos-24.05-small 2022-07-26 nixos-24.11 2022-07-26 nixpkgs-24.11-darwin 2022-07-26 nixos-24.11-small 2022-07-26 nixos-unstable 2022-07-26 nixos-unstable-small 2022-07-26 nixpkgs-unstable 2022-07-26
pkgs.vimPlugins.openscad-nvim nixos-24.05 2024-04-13 nixpkgs-24.05-darwin 2024-04-13 nixos-24.05-small 2024-04-13 nixos-24.11 2024-04-13 nixpkgs-24.11-darwin 2024-04-13 nixos-24.11-small 2024-04-13 nixos-unstable 2024-04-13 nixos-unstable-small 2024-04-13 nixpkgs-unstable 2024-04-13
pkgs.kakounePlugins.openscad-kak nixos-24.05 2020-12-10 nixpkgs-24.05-darwin 2020-12-10 nixos-24.05-small 2020-12-10 nixos-24.11 2020-12-10 nixpkgs-24.11-darwin 2020-12-10 nixos-24.11-small 2020-12-10 nixos-unstable 2020-12-10 nixos-unstable-small 2020-12-10 nixpkgs-unstable 2020-12-10
pkgs.vscode-extensions.antyos.openscad OpenSCAD highlighting, snippets, and more for VSCode nixos-24.05 1.1.1 nixpkgs-24.05-darwin 1.1.1 nixos-24.05-small 1.1.1 nixos-24.11 1.3.1 nixpkgs-24.11-darwin 1.3.1 nixos-24.11-small 1.3.1 nixos-unstable 1.3.1 nixos-unstable-small 1.3.1 nixpkgs-unstable 1.3.1
CVE-2024-2905 6.2 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 3 days, 22 hours ago Rpm-ostree: world-readable /etc/shadow file A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access. rpm-ostree ==1.2024.4 * pkgs.rpm-ostree Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model nixos-24.05 2024.6 nixpkgs-24.05-darwin 2024.6 nixos-24.05-small 2024.6 nixos-24.11 2024.8 nixpkgs-24.11-darwin 2024.8 nixos-24.11-small 2024.8 nixos-unstable 2024.8 nixos-unstable-small 2024.8 nixpkgs-unstable 2024.8 Notify package maintainers: 1 @copumpkin Dan Peebles <pumpkingod@gmail.com>
pkgs.rpm-ostree Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model nixos-24.05 2024.6 nixpkgs-24.05-darwin 2024.6 nixos-24.05-small 2024.6 nixos-24.11 2024.8 nixpkgs-24.11-darwin 2024.8 nixos-24.11-small 2024.8 nixos-unstable 2024.8 nixos-unstable-small 2024.8 nixpkgs-unstable 2024.8
CVE-2024-3049 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): NONE created 3 days, 22 hours ago Booth: specially crafted hash can lead to invalid hmac being accepted by booth server A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server. booth * ==1.0-283.1 pkgs.libsForQt5.booth Camera application nixos-24.05 1.1.3 nixpkgs-24.05-darwin 1.1.3 nixos-24.05-small 1.1.3 nixos-24.11 1.1.3 nixpkgs-24.11-darwin 1.1.3 nixos-24.11-small 1.1.3 nixos-unstable 1.1.3 nixos-unstable-small 1.1.3 nixpkgs-unstable 1.1.3 pkgs.plasma5Packages.booth Camera application nixos-24.05 1.1.3 nixpkgs-24.05-darwin 1.1.3 nixos-24.05-small 1.1.3 nixos-24.11 1.1.3 nixpkgs-24.11-darwin 1.1.3 nixos-24.11-small 1.1.3 nixos-unstable 1.1.3 nixos-unstable-small 1.1.3 nixpkgs-unstable 1.1.3 Notify package maintainers: 1 @milahu Milan Hauth <milahu@gmail.com>
pkgs.libsForQt5.booth Camera application nixos-24.05 1.1.3 nixpkgs-24.05-darwin 1.1.3 nixos-24.05-small 1.1.3 nixos-24.11 1.1.3 nixpkgs-24.11-darwin 1.1.3 nixos-24.11-small 1.1.3 nixos-unstable 1.1.3 nixos-unstable-small 1.1.3 nixpkgs-unstable 1.1.3
pkgs.plasma5Packages.booth Camera application nixos-24.05 1.1.3 nixpkgs-24.05-darwin 1.1.3 nixos-24.05-small 1.1.3 nixos-24.11 1.1.3 nixpkgs-24.11-darwin 1.1.3 nixos-24.11-small 1.1.3 nixos-unstable 1.1.3 nixos-unstable-small 1.1.3 nixpkgs-unstable 1.1.3
CVE-2024-47515 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): NONE created 3 days, 22 hours ago Pagure: generate_archive() follows symbolic links in temporary clones A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance. pagure ==5.14.1 pkgs.haskellPackages.pagure Pagure REST client library nixos-24.05 0.1.2 nixpkgs-24.05-darwin 0.1.2 nixos-24.05-small 0.1.2 nixos-24.11 0.1.2 nixpkgs-24.11-darwin 0.1.2 nixos-24.11-small 0.1.2 nixos-unstable 0.1.2 nixos-unstable-small 0.1.2 nixpkgs-unstable 0.1.2 pkgs.haskellPackages.pagure-cli Pagure client nixos-24.05 0.2.1 nixpkgs-24.05-darwin 0.2.1 nixos-24.05-small 0.2.1 nixos-24.11 0.2.1 nixpkgs-24.11-darwin 0.2.1 nixos-24.11-small 0.2.1 nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1
pkgs.haskellPackages.pagure Pagure REST client library nixos-24.05 0.1.2 nixpkgs-24.05-darwin 0.1.2 nixos-24.05-small 0.1.2 nixos-24.11 0.1.2 nixpkgs-24.11-darwin 0.1.2 nixos-24.11-small 0.1.2 nixos-unstable 0.1.2 nixos-unstable-small 0.1.2 nixpkgs-unstable 0.1.2
pkgs.haskellPackages.pagure-cli Pagure client nixos-24.05 0.2.1 nixpkgs-24.05-darwin 0.2.1 nixos-24.05-small 0.2.1 nixos-24.11 0.2.1 nixpkgs-24.11-darwin 0.2.1 nixos-24.11-small 0.2.1 nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1
CVE-2024-4871 6.8 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): NONE created 3 days, 22 hours ago Foreman: host ssh key not being checked in remote execution A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses "-o StrictHostKeyChecking=no". This flaw can lead to a man-in-the-middle attack (MITM), denial of service, leaking of secrets the remote execution job contains, or other issues that may arise from the attacker's ability to forge an SSH key. This issue does not directly allow unauthorized remote execution on the Satellite, although it can leak secrets that may lead to it. foreman ==3.9.1.8 * candlepin * satellite * python-pulpcore * rubygem-dynflow * rubygem-katello * foreman-installer * python-pulp-container * rubygem-foreman_ansible * rubygem-foreman_remote_execution * rubygem-smart_proxy_container_gateway * rubygem-smart_proxy_remote_execution_ssh * pkgs.foreman Process manager for applications with multiple components nixos-24.05 0.87.2 nixpkgs-24.05-darwin 0.87.2 nixos-24.05-small 0.87.2 nixos-24.11 0.87.2 nixpkgs-24.11-darwin 0.87.2 nixos-24.11-small 0.87.2 nixos-unstable 0.87.2 nixos-unstable-small 0.87.2 nixpkgs-unstable 0.87.2 pkgs.satellite A program for showing navigation satellite data nixos-24.05 0.4.3 nixpkgs-24.05-darwin 0.4.3 nixos-24.05-small 0.4.3 nixos-24.11 0.5.0 nixpkgs-24.11-darwin 0.5.0 nixos-24.11-small 0.5.0 nixos-unstable 0.9.0 nixos-unstable-small 0.9.0 nixpkgs-unstable 0.9.0 pkgs.wyoming-satellite Remote voice satellite using Wyoming protocol nixos-24.05 1.2.0 nixpkgs-24.05-darwin 1.2.0 nixos-24.05-small 1.2.0 nixos-24.11 1.2.0 nixpkgs-24.11-darwin 1.2.0 nixos-24.11-small 1.2.0 nixos-unstable 1.2.0 nixos-unstable-small 1.2.0 nixpkgs-unstable 1.2.0 pkgs.xwayland-satellite Xwayland outside your Wayland compositor nixos-24.11 0.5 nixpkgs-24.11-darwin 0.5 nixos-24.11-small 0.5 nixos-unstable 0.5 nixos-unstable-small 0.5 nixpkgs-unstable 0.5 pkgs.homeassistant-satellite Streaming audio satellite for Home Assistant nixos-24.05 2.3.0 nixpkgs-24.05-darwin 2.3.0 nixos-24.05-small 2.3.0 nixos-24.11 2.3.0 nixpkgs-24.11-darwin 2.3.0 nixos-24.11-small 2.3.0 nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.vimPlugins.satellite-nvim nixos-24.05 2024-02-16 nixpkgs-24.05-darwin 2024-02-16 nixos-24.05-small 2024-02-16 nixos-24.11 2024-09-30 nixpkgs-24.11-darwin 2024-09-30 nixos-24.11-small 2024-09-30 nixos-unstable 2024-11-20 nixos-unstable-small 2024-12-05 nixpkgs-unstable 2024-11-20 pkgs.emacsPackages.foreman-mode nixos-24.05 20170725.1422 nixpkgs-24.05-darwin 20170725.1422 nixos-24.05-small 20170725.1422 nixos-24.11 20170725.1422 nixpkgs-24.11-darwin 20170725.1422 nixos-24.11-small 20170725.1422 nixos-unstable 20170725.1422 nixos-unstable-small 20170725.1422 nixpkgs-unstable 20170725.1422 pkgs.home-assistant-component-tests.assist_satellite Open source home automation that puts local control and privacy first nixos-24.11 2024.11.1 nixpkgs-24.11-darwin 2024.11.1 nixos-24.11-small 2024.11.1 nixos-unstable 2024.11.3 nixos-unstable-small 2024.11.3 nixpkgs-unstable 2024.11.3 Notify package maintainers: 8 @zimbatm zimbatm <zimbatm@zimbatm.com> @Luflosi Luflosi <luflosi@luflosi.de> @mweinelt Martin Weinelt <hexa@darmstadt.ccc.de> @if-loop69420 Jeremy Sztavinovszki <j.sztavi@pm.me> @getchoo Seth <getchoo@tuta.io> @sodiboo sodiboo @fabaff Fabian Affolter <mail@fabian-affolter.ch> @Mic92 Jörg Thalheim <joerg@thalheim.io>
pkgs.foreman Process manager for applications with multiple components nixos-24.05 0.87.2 nixpkgs-24.05-darwin 0.87.2 nixos-24.05-small 0.87.2 nixos-24.11 0.87.2 nixpkgs-24.11-darwin 0.87.2 nixos-24.11-small 0.87.2 nixos-unstable 0.87.2 nixos-unstable-small 0.87.2 nixpkgs-unstable 0.87.2
pkgs.satellite A program for showing navigation satellite data nixos-24.05 0.4.3 nixpkgs-24.05-darwin 0.4.3 nixos-24.05-small 0.4.3 nixos-24.11 0.5.0 nixpkgs-24.11-darwin 0.5.0 nixos-24.11-small 0.5.0 nixos-unstable 0.9.0 nixos-unstable-small 0.9.0 nixpkgs-unstable 0.9.0
pkgs.wyoming-satellite Remote voice satellite using Wyoming protocol nixos-24.05 1.2.0 nixpkgs-24.05-darwin 1.2.0 nixos-24.05-small 1.2.0 nixos-24.11 1.2.0 nixpkgs-24.11-darwin 1.2.0 nixos-24.11-small 1.2.0 nixos-unstable 1.2.0 nixos-unstable-small 1.2.0 nixpkgs-unstable 1.2.0
pkgs.xwayland-satellite Xwayland outside your Wayland compositor nixos-24.11 0.5 nixpkgs-24.11-darwin 0.5 nixos-24.11-small 0.5 nixos-unstable 0.5 nixos-unstable-small 0.5 nixpkgs-unstable 0.5
pkgs.homeassistant-satellite Streaming audio satellite for Home Assistant nixos-24.05 2.3.0 nixpkgs-24.05-darwin 2.3.0 nixos-24.05-small 2.3.0 nixos-24.11 2.3.0 nixpkgs-24.11-darwin 2.3.0 nixos-24.11-small 2.3.0 nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0
pkgs.vimPlugins.satellite-nvim nixos-24.05 2024-02-16 nixpkgs-24.05-darwin 2024-02-16 nixos-24.05-small 2024-02-16 nixos-24.11 2024-09-30 nixpkgs-24.11-darwin 2024-09-30 nixos-24.11-small 2024-09-30 nixos-unstable 2024-11-20 nixos-unstable-small 2024-12-05 nixpkgs-unstable 2024-11-20
pkgs.emacsPackages.foreman-mode nixos-24.05 20170725.1422 nixpkgs-24.05-darwin 20170725.1422 nixos-24.05-small 20170725.1422 nixos-24.11 20170725.1422 nixpkgs-24.11-darwin 20170725.1422 nixos-24.11-small 20170725.1422 nixos-unstable 20170725.1422 nixos-unstable-small 20170725.1422 nixpkgs-unstable 20170725.1422
pkgs.home-assistant-component-tests.assist_satellite Open source home automation that puts local control and privacy first nixos-24.11 2024.11.1 nixpkgs-24.11-darwin 2024.11.1 nixos-24.11-small 2024.11.1 nixos-unstable 2024.11.3 nixos-unstable-small 2024.11.3 nixpkgs-unstable 2024.11.3
CVE-2024-9666 4.7 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 3 days, 22 hours ago Org.keycloak/keycloak-quarkus-server: keycloak proxy header handling denial-of-service (dos) vulnerability A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service (DoS) attack due to improper handling of proxy headers. When Keycloak is configured to accept incoming proxy headers, it may accept non-IP values, such as obfuscated identifiers, without proper validation. This issue can lead to costly DNS resolution operations, which an attacker could exploit to tie up IO threads and potentially cause a denial of service. The attacker must have access to send requests to a Keycloak instance that is configured to accept proxy headers, specifically when reverse proxies do not overwrite incoming headers, and Keycloak is configured to trust these headers. keycloak <24.0.9 <26.0.6 rhbk/keycloak-rhel9 * rhbk/keycloak-rhel9-operator * rhbk/keycloak-operator-bundle * org.keycloak/keycloak-quarkus-server pkgs.keycloak Identity and access management for modern applications and services nixos-24.05 25.0.6 nixpkgs-24.05-darwin 25.0.6 nixos-24.05-small 25.0.6 nixos-24.11 26.0.6 nixpkgs-24.11-darwin 26.0.7 nixos-24.11-small 26.0.7 nixos-unstable 26.0.6 nixos-unstable-small 26.0.7 nixpkgs-unstable 26.0.6 pkgs.terraform-providers.keycloak nixos-24.05 4.4.0 nixpkgs-24.05-darwin 4.4.0 nixos-24.05-small 4.4.0 nixos-24.11 4.4.0 nixpkgs-24.11-darwin 4.4.0 nixos-24.11-small 4.4.0 nixos-unstable 4.4.0 nixos-unstable-small 4.4.0 nixpkgs-unstable 4.4.0 pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0 Notify package maintainers: 3 @talyz Kim Lindberger <kim.lindberger@gmail.com> @NickCao Nick Cao <nickcao@nichi.co> @ngerstle Nicholas Gerstle <ngerstle@gmail.com>
pkgs.keycloak Identity and access management for modern applications and services nixos-24.05 25.0.6 nixpkgs-24.05-darwin 25.0.6 nixos-24.05-small 25.0.6 nixos-24.11 26.0.6 nixpkgs-24.11-darwin 26.0.7 nixos-24.11-small 26.0.7 nixos-unstable 26.0.6 nixos-unstable-small 26.0.7 nixpkgs-unstable 26.0.6
pkgs.terraform-providers.keycloak nixos-24.05 4.4.0 nixpkgs-24.05-darwin 4.4.0 nixos-24.05-small 4.4.0 nixos-24.11 4.4.0 nixpkgs-24.11-darwin 4.4.0 nixos-24.11-small 4.4.0 nixos-unstable 4.4.0 nixos-unstable-small 4.4.0 nixpkgs-unstable 4.4.0
pkgs.python311Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0
pkgs.python312Packages.python-keycloak Provides access to the Keycloak API nixos-24.05 4.0.0 nixpkgs-24.05-darwin 4.0.0 nixos-24.05-small 4.0.0 nixos-24.11 4.0.0 nixpkgs-24.11-darwin 4.0.0 nixos-24.11-small 4.0.0 nixos-unstable 4.0.0 nixos-unstable-small 4.0.0 nixpkgs-unstable 4.0.0