⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

Create Draft to queue a suggestion for refinement.

Dismiss to remove a suggestion from the queue.

CVE-2025-4478
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): HIGH
created 1 month, 3 weeks ago
Gnome-remote-desktop: unauthenticated rdp packet causes segfault in gnome-remote-desktop leading to denial of service

A flaw was found in the gnome-remote-desktop used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.

freerdp
gnome-remote-desktop

pkgs.gnome-remote-desktop

GNOME Remote Desktop server

pkgs.gnome.gnome-remote-desktop

GNOME Remote Desktop server

pkgs.gnome-remote-desktop.x86_64-linux

GNOME Remote Desktop server

pkgs.gnome-remote-desktop.aarch64-linux

GNOME Remote Desktop server

pkgs.gnome.gnome-remote-desktop.x86_64-linux

GNOME Remote Desktop server

pkgs.gnome.gnome-remote-desktop.aarch64-linux

GNOME Remote Desktop server
Package maintainers: 4
CVE-2025-40906
9.8 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 3 weeks ago
BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities

BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities. Those include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755. BSON-XS was the official Perl XS implementation of MongoDB's BSON serialization, but this distribution has reached its end of life as of August 13, 2020 and is no longer supported.

BSON-XS
=<0.8.4

pkgs.perl536Packages.BSONXS

XS implementation of MongoDB's BSON serialization (EOL)

pkgs.perl540Packages.BSONXS

XS implementation of MongoDB's BSON serialization (EOL)

pkgs.perl536Packages.BSONXS.x86_64-linux

XS implementation of MongoDB's BSON serialization (EOL)

pkgs.perl538Packages.BSONXS.x86_64-linux

XS implementation of MongoDB's BSON serialization (EOL)

pkgs.perl540Packages.BSONXS.x86_64-linux

XS implementation of MongoDB's BSON serialization (EOL)

pkgs.perl536Packages.BSONXS.aarch64-linux

XS implementation of MongoDB's BSON serialization (EOL)

pkgs.perl538Packages.BSONXS.aarch64-linux

XS implementation of MongoDB's BSON serialization (EOL)

pkgs.perl540Packages.BSONXS.aarch64-linux

XS implementation of MongoDB's BSON serialization (EOL)
CVE-2025-40907
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 month, 3 weeks ago
FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.

FCGI
=<0.82

pkgs.perl536Packages.FCGI

Fast CGI module

pkgs.perl540Packages.FCGI

Fast CGI module

pkgs.perl536Packages.FCGIClient

Client library for fastcgi protocol

pkgs.perl538Packages.FCGIClient

Client library for fastcgi protocol

pkgs.perl540Packages.FCGIClient

Client library for fastcgi protocol

pkgs.perl536Packages.FCGIProcManager

A perl-based FastCGI process manager

pkgs.perl538Packages.FCGIProcManager

Perl-based FastCGI process manager

pkgs.perl540Packages.FCGIProcManager

Perl-based FastCGI process manager

pkgs.perl536Packages.FCGI.x86_64-linux

Fast CGI module

pkgs.perl538Packages.FCGI.x86_64-linux

Fast CGI module

pkgs.perl540Packages.FCGI.x86_64-linux

Fast CGI module

pkgs.perl536Packages.FCGI.aarch64-linux

Fast CGI module

pkgs.perl536Packages.FCGI.x86_64-darwin

Fast CGI module

pkgs.perl538Packages.FCGI.aarch64-linux

Fast CGI module

pkgs.perl538Packages.FCGI.x86_64-darwin

Fast CGI module

pkgs.perl540Packages.FCGI.aarch64-linux

Fast CGI module

pkgs.perl540Packages.FCGI.x86_64-darwin

Fast CGI module

pkgs.perl536Packages.FCGI.aarch64-darwin

Fast CGI module

pkgs.perl538Packages.FCGI.aarch64-darwin

Fast CGI module

pkgs.perl540Packages.FCGI.aarch64-darwin

Fast CGI module

pkgs.perl536Packages.FCGIClient.x86_64-linux

Client library for fastcgi protocol

pkgs.perl538Packages.FCGIClient.x86_64-linux

Client library for fastcgi protocol

pkgs.perl540Packages.FCGIClient.x86_64-linux

Client library for fastcgi protocol

pkgs.perl536Packages.FCGIClient.aarch64-linux

Client library for fastcgi protocol

pkgs.perl536Packages.FCGIClient.x86_64-darwin

Client library for fastcgi protocol

pkgs.perl538Packages.FCGIClient.aarch64-linux

Client library for fastcgi protocol

pkgs.perl538Packages.FCGIClient.x86_64-darwin

Client library for fastcgi protocol

pkgs.perl540Packages.FCGIClient.aarch64-linux

Client library for fastcgi protocol

pkgs.perl540Packages.FCGIClient.x86_64-darwin

Client library for fastcgi protocol

pkgs.perl536Packages.FCGIClient.aarch64-darwin

Client library for fastcgi protocol

pkgs.perl538Packages.FCGIClient.aarch64-darwin

Client library for fastcgi protocol

pkgs.perl540Packages.FCGIClient.aarch64-darwin

Client library for fastcgi protocol

pkgs.perl536Packages.FCGIProcManager.x86_64-linux

A perl-based FastCGI process manager

pkgs.perl538Packages.FCGIProcManager.x86_64-linux

Perl-based FastCGI process manager

pkgs.perl540Packages.FCGIProcManager.x86_64-linux

Perl-based FastCGI process manager

pkgs.perl536Packages.FCGIProcManager.aarch64-linux

A perl-based FastCGI process manager

pkgs.perl536Packages.FCGIProcManager.x86_64-darwin

A perl-based FastCGI process manager

pkgs.perl538Packages.FCGIProcManager.aarch64-linux

Perl-based FastCGI process manager

pkgs.perl538Packages.FCGIProcManager.x86_64-darwin

Perl-based FastCGI process manager

pkgs.perl540Packages.FCGIProcManager.aarch64-linux

Perl-based FastCGI process manager

pkgs.perl540Packages.FCGIProcManager.x86_64-darwin

Perl-based FastCGI process manager

pkgs.perl536Packages.FCGIProcManager.aarch64-darwin

A perl-based FastCGI process manager

pkgs.perl538Packages.FCGIProcManager.aarch64-darwin

Perl-based FastCGI process manager

pkgs.perl540Packages.FCGIProcManager.aarch64-darwin

Perl-based FastCGI process manager
CVE-2025-4476
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 month, 3 weeks ago
Libsoup: null pointer dereference in libsoup may lead to denial of service

A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 (Unauthorized) HTTP response containing a specifically crafted domain parameter within the WWW-Authenticate header. Processing this malformed header can lead to a crash of the client application using libsoup. An attacker could exploit this by setting up a malicious HTTP server. If a user's application using the vulnerable libsoup library connects to this malicious server, it could result in a denial-of-service. Successful exploitation requires tricking a user's client application into connecting to the attacker's malicious server.

libsoup
libsoup3

pkgs.libsoup_2_4

HTTP client/server library for GNOME

pkgs.gnome.libsoup

HTTP client/server library for GNOME

pkgs.libsoup.x86_64-linux

HTTP client/server library for GNOME

pkgs.libsoup.aarch64-linux

HTTP client/server library for GNOME

pkgs.libsoup.x86_64-darwin

HTTP client/server library for GNOME

pkgs.libsoup.aarch64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_3.x86_64-linux

HTTP client/server library for GNOME

pkgs.libsoup_3.aarch64-linux

HTTP client/server library for GNOME

pkgs.libsoup_3.x86_64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_2_4.x86_64-linux

HTTP client/server library for GNOME

pkgs.libsoup_3.aarch64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_2_4.aarch64-linux

HTTP client/server library for GNOME

pkgs.libsoup_2_4.x86_64-darwin

HTTP client/server library for GNOME

pkgs.libsoup_2_4.aarch64-darwin

HTTP client/server library for GNOME

pkgs.gnome2.libsoup.x86_64-linux

HTTP client/server library for GNOME

pkgs.gnome2.libsoup.aarch64-linux

HTTP client/server library for GNOME

pkgs.gnome2.libsoup.x86_64-darwin

HTTP client/server library for GNOME

pkgs.gnome2.libsoup.aarch64-darwin

HTTP client/server library for GNOME

pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4"

Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4

pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4".x86_64-linux

Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4

pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4".aarch64-linux

Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4

pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4".x86_64-darwin

Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4

pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4".aarch64-darwin

Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4
Package maintainers: 6
CVE-2025-31639
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 month, 3 weeks ago
WordPress Spare <= 1.7 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare allows Cross Site Request Forgery. This issue affects Spare: from n/a through 1.7.

spare
=<1.7

pkgs.asciiquarium-transparent

An aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.texlivePackages.transparent

Using a color stack for transparency with pdfTeX

pkgs.texlivePackages.transparent-io

Show for approval the filenames used in input, openin, or openout

pkgs.gnomeExtensions.transparent-topbar

Transparent Topbar with Multi monitors support
  • nixos-24.05 4
    • nixos-24.05-small 4

pkgs.gnomeExtensions.transparent-top-bar

Bring back the transparent top bar when free-floating in GNOME Shell 3.32.

pkgs.asciiquarium-transparent.x86_64-linux

Aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.asciiquarium-transparent.aarch64-linux

Aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.asciiquarium-transparent.x86_64-darwin

Aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.asciiquarium-transparent.aarch64-darwin

Aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.texlivePackages.transparent.x86_64-linux

Using a color stack for transparency with pdfTeX

pkgs.gnomeExtensions.transparent-window-moving

Makes the window semi-transparent when moving or resizing

pkgs.texlivePackages.transparent-io.x86_64-linux

Show for approval the filenames used in input, openin, or openout

pkgs.gnomeExtensions.transparent-topbar.x86_64-linux

Transparent Topbar with Multi monitors support
  • nixos-24.05 4
    • nixpkgs-24.05-darwin 4

pkgs.gnomeExtensions.transparent-top-bar.x86_64-linux

Bring back the transparent top bar when free-floating in GNOME Shell 3.32.

pkgs.gnomeExtensions.transparent-topbar.aarch64-linux

Transparent Topbar with Multi monitors support
  • nixos-24.05 4
    • nixpkgs-24.05-darwin 4

pkgs.gnomeExtensions.transparent-top-bar.aarch64-linux

Bring back the transparent top bar when free-floating in GNOME Shell 3.32.

pkgs.gnomeExtensions.transparent-window-moving.x86_64-linux

Makes the window semi-transparent when moving or resizing

pkgs.gnomeExtensions.transparent-window-moving.aarch64-linux

Makes the window semi-transparent when moving or resizing

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency

Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency.x86_64-linux

Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency.aarch64-linux

Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar
Package maintainers: 4
CVE-2024-4981
7.6 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
updated 1 month, 3 weeks ago by @mweinelt Activity log
  • Created automatic suggestion
  • @fricklerhandwerk removed
    60 packages
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
  • @mweinelt dismissed
  • @mweinelt marked as untriaged
Pagure: _update_file_in_git() follows symbolic links in temporary clones

A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.

pagure
<5.14.1

pkgs.haskellPackages.pagure.x86_64-linux

Pagure REST client library

pkgs.haskellPackages.pagure.aarch64-linux

Pagure REST client library

pkgs.haskellPackages.pagure.x86_64-darwin

Pagure REST client library

pkgs.haskellPackages.pagure.aarch64-darwin

Pagure REST client library

pkgs.haskellPackages.pagure-cli.x86_64-linux

Pagure client

pkgs.haskellPackages.pagure-cli.aarch64-linux

Pagure client

pkgs.haskellPackages.pagure-cli.x86_64-darwin

Pagure client

pkgs.haskellPackages.pagure-cli.aarch64-darwin

Pagure client
CVE-2024-4982
7.6 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 month, 3 weeks ago
Pagure: path traversal in view_issue_raw_file()

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.

pagure
<5.14.1

pkgs.haskellPackages.pagure.x86_64-linux

Pagure REST client library

pkgs.haskellPackages.pagure.aarch64-linux

Pagure REST client library

pkgs.haskellPackages.pagure.x86_64-darwin

Pagure REST client library

pkgs.haskellPackages.pagure.aarch64-darwin

Pagure REST client library

pkgs.haskellPackages.pagure-cli.x86_64-linux

Pagure client

pkgs.haskellPackages.pagure-cli.aarch64-linux

Pagure client

pkgs.haskellPackages.pagure-cli.x86_64-darwin

Pagure client

pkgs.haskellPackages.pagure-cli.aarch64-darwin

Pagure client
CVE-2024-24762
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 month, 4 weeks ago
python-multipart vulnerable to content-type header Regular expression Denial of Service

`python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can't handle any more requests, leading to regular expression denial of service. This vulnerability has been patched in version 0.0.7.

fastapi
<0.109.1
startlette
<0.36.2
python-multipart
<0.0.7

pkgs.fastapi-cli

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.fastapi-cli.x86_64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.fastapi-cli.aarch64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.fastapi-cli.x86_64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.fastapi-cli.aarch64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-cli

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-sso

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-cli

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-sso

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python311Packages.fastapi-mail

Module for sending emails and attachments

pkgs.python311Packages.fastapi-cli.x86_64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-sso.x86_64-linux

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-cli.x86_64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-sso.x86_64-linux

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python311Packages.fastapi-cli.aarch64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-cli.x86_64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-sso.aarch64-linux

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python311Packages.fastapi-sso.x86_64-darwin

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-cli.aarch64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-cli.x86_64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-mail.x86_64-linux

Module for sending emails and attachments

pkgs.python312Packages.fastapi-sso.aarch64-linux

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-sso.x86_64-darwin

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python311Packages.fastapi-cli.aarch64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-sso.aarch64-darwin

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-cli.aarch64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-mail.aarch64-linux

Module for sending emails and attachments

pkgs.python312Packages.fastapi-mail.x86_64-darwin

Module for sending emails and attachments

pkgs.python312Packages.fastapi-sso.aarch64-darwin

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-mail.aarch64-darwin

Module for sending emails and attachments

pkgs.python311Packages.python-multipart.x86_64-linux

Streaming multipart parser for Python

pkgs.python311Packages.python-multipart.aarch64-linux

Streaming multipart parser for Python

pkgs.python311Packages.python-multipart.x86_64-darwin

Streaming multipart parser for Python

pkgs.python311Packages.python-multipart.aarch64-darwin

Streaming multipart parser for Python

pkgs.python311Packages.prometheus-fastapi-instrumentator

Instrument FastAPI with Prometheus metrics

pkgs.python312Packages.prometheus-fastapi-instrumentator

Instrument FastAPI with Prometheus metrics

pkgs.python311Packages.opentelemetry-instrumentation-fastapi

OpenTelemetry Instrumentation for fastapi

pkgs.python312Packages.opentelemetry-instrumentation-fastapi

OpenTelemetry Instrumentation for fastapi

pkgs.python311Packages.prometheus-fastapi-instrumentator.x86_64-linux

Instrument FastAPI with Prometheus metrics

pkgs.python312Packages.prometheus-fastapi-instrumentator.x86_64-linux

Instrument FastAPI with Prometheus metrics

pkgs.python311Packages.prometheus-fastapi-instrumentator.aarch64-linux

Instrument FastAPI with Prometheus metrics

pkgs.python312Packages.prometheus-fastapi-instrumentator.aarch64-linux

Instrument FastAPI with Prometheus metrics

pkgs.python312Packages.opentelemetry-instrumentation-fastapi.x86_64-linux

OpenTelemetry Instrumentation for fastapi

pkgs.python311Packages.opentelemetry-instrumentation-fastapi.aarch64-linux

OpenTelemetry Instrumentation for fastapi

pkgs.python311Packages.opentelemetry-instrumentation-fastapi.x86_64-darwin

OpenTelemetry Instrumentation for fastapi

pkgs.python312Packages.opentelemetry-instrumentation-fastapi.aarch64-linux

OpenTelemetry Instrumentation for fastapi

pkgs.python312Packages.opentelemetry-instrumentation-fastapi.x86_64-darwin

OpenTelemetry Instrumentation for fastapi

pkgs.python311Packages.opentelemetry-instrumentation-fastapi.aarch64-darwin

OpenTelemetry Instrumentation for fastapi

pkgs.python312Packages.opentelemetry-instrumentation-fastapi.aarch64-darwin

OpenTelemetry Instrumentation for fastapi
Package maintainers: 7
CVE-2025-47509
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 2 months ago
WordPress Top 10 <= 4.1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Top 10 allows Stored XSS. This issue affects Top 10: from n/a through 4.1.0.

top-10
=<4.1.0

pkgs.darwin.top

pkgs.budgie.budgie-desktop

A feature-rich, modern desktop designed to keep out the way of the user

pkgs.darwin.top.x86_64-darwin

pkgs.darwin.top.aarch64-darwin

pkgs.gnomeExtensions.pip-on-top

Makes "Picture-in-Picture" windows stay on top (even on Wayland session). Compatible with Firefox, but may work with few other browsers too.

pkgs.budgie-desktop.x86_64-linux

Feature-rich, modern desktop designed to keep out the way of the user

pkgs.budgie-desktop.aarch64-linux

Feature-rich, modern desktop designed to keep out the way of the user

pkgs.gnomeExtensions.show-apps-at-top

Put show apps icon at top in Gnome default dash

pkgs.budgie.budgie-desktop.x86_64-linux

A feature-rich, modern desktop designed to keep out the way of the user

pkgs.budgie.budgie-desktop.aarch64-linux

A feature-rich, modern desktop designed to keep out the way of the user

pkgs.gnomeExtensions.pip-on-top.x86_64-linux

Makes "Picture-in-Picture" windows stay on top (even on Wayland session). Compatible with Firefox, but may work with few other browsers too.

pkgs.gnomeExtensions.pip-on-top.aarch64-linux

Makes "Picture-in-Picture" windows stay on top (even on Wayland session). Compatible with Firefox, but may work with few other browsers too.

pkgs.gnomeExtensions.show-apps-at-top.x86_64-linux

Put show apps icon at top in Gnome default dash

pkgs.gnomeExtensions.show-apps-at-top.aarch64-linux

Put show apps icon at top in Gnome default dash
Package maintainers: 4
CVE-2025-47441
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 2 months ago
WordPress Progress Bar <= 2.2.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Reynolds Progress Bar allows Stored XSS. This issue affects Progress Bar: from n/a through 2.2.3.

progress-bar
=<2.2.3

pkgs.haskellPackages.terminal-progress-bar.x86_64-linux

A progress bar in the terminal

pkgs.haskellPackages.terminal-progress-bar.aarch64-linux

A progress bar in the terminal

pkgs.haskellPackages.terminal-progress-bar.x86_64-darwin

A progress bar in the terminal

pkgs.haskellPackages.terminal-progress-bar.aarch64-darwin

A progress bar in the terminal