CVE-2023-3961 created 4 months ago Samba: smbd allows client access to unix domain sockets on the file system as root A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes. Affected products samba * samba4 Matching in nixpkgs pkgs.samba4 Standard Windows interoperability suite of programs for Linux and Unix nixos-unstable - nixpkgs-unstable 4.22.3 pkgs.sambamba SAM/BAM processing tool nixos-unstable - nixpkgs-unstable 1.0.1 pkgs.sambaFull Standard Windows interoperability suite of programs for Linux and Unix nixos-unstable - nixpkgs-unstable 4.22.3 pkgs.samba4Full Standard Windows interoperability suite of programs for Linux and Unix nixos-unstable - nixpkgs-unstable 4.22.3 Package maintainers: 2 @aneeshusa Aneesh Agrawal <aneeshusa@gmail.com> @jbedo Justin Bedő <cu@cua0.org>
pkgs.samba4 Standard Windows interoperability suite of programs for Linux and Unix nixos-unstable - nixpkgs-unstable 4.22.3
pkgs.sambaFull Standard Windows interoperability suite of programs for Linux and Unix nixos-unstable - nixpkgs-unstable 4.22.3
pkgs.samba4Full Standard Windows interoperability suite of programs for Linux and Unix nixos-unstable - nixpkgs-unstable 4.22.3
CVE-2023-4256 created 4 months ago Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. Affected products tcpreplay Matching in nixpkgs pkgs.tcpreplay Suite of utilities for editing and replaying network traffic nixos-unstable - nixpkgs-unstable 4.5.2 Package maintainers: 1 @proteansec Dejan Lukan <dejan@proteansec.com>
pkgs.tcpreplay Suite of utilities for editing and replaying network traffic nixos-unstable - nixpkgs-unstable 4.5.2
CVE-2023-5764 created 4 months ago Ansible: template injection A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce code injection when supplying templating data. Affected products ansible ansible-core * Matching in nixpkgs pkgs.ansible-cmdb Generate host overview from ansible fact gathering output nixos-unstable - nixpkgs-unstable 1.31 pkgs.ansible-lint Best practices checker for Ansible nixos-unstable - nixpkgs-unstable 25.8.2 pkgs.ansible_2_16 Radically simple IT automation nixos-unstable - nixpkgs-unstable 2.16.14 pkgs.ansible_2_17 Radically simple IT automation nixos-unstable - nixpkgs-unstable 2.17.8 pkgs.ansible_2_18 Radically simple IT automation nixos-unstable - nixpkgs-unstable 2.18.8 pkgs.ansible_2_19 Radically simple IT automation nixos-unstable - nixpkgs-unstable 2.19.2 pkgs.ansible-doctor Annotation based documentation for your Ansible roles nixos-unstable - nixpkgs-unstable 7.2.0 pkgs.ansible-builder Ansible execution environment builder nixos-unstable - nixpkgs-unstable 3.1.0 pkgs.ansible-navigator Text-based user interface (TUI) for Ansible nixos-unstable - nixpkgs-unstable 25.8.0 pkgs.ansible-language-server Ansible Language Server nixos-unstable - nixpkgs-unstable 1.2.1 pkgs.python312Packages.ansible Radically simple IT automation nixos-unstable - nixpkgs-unstable 11.9.0 pkgs.python313Packages.ansible Radically simple IT automation nixos-unstable - nixpkgs-unstable 11.9.0 pkgs.terraform-providers.ansible nixos-unstable - nixpkgs-unstable 1.0.4 pkgs.python312Packages.ansible-core Radically simple IT automation nixos-unstable - nixpkgs-unstable 2.19.2 pkgs.python313Packages.ansible-core Radically simple IT automation nixos-unstable - nixpkgs-unstable 2.19.2 pkgs.python312Packages.ansible-compat Function collection that help interacting with various versions of Ansible nixos-unstable - nixpkgs-unstable 25.8.1 pkgs.python312Packages.ansible-kernel Ansible kernel for Jupyter nixos-unstable - nixpkgs-unstable 1.0.0 pkgs.python312Packages.ansible-runner Helps when interfacing with Ansible nixos-unstable - nixpkgs-unstable 2.4.1 pkgs.python312Packages.pytest-ansible Plugin for pytest to simplify calling ansible modules from tests or fixtures nixos-unstable - nixpkgs-unstable 25.8.0 pkgs.python313Packages.ansible-compat Function collection that help interacting with various versions of Ansible nixos-unstable - nixpkgs-unstable 25.8.1 pkgs.python313Packages.ansible-kernel Ansible kernel for Jupyter nixos-unstable - nixpkgs-unstable 1.0.0 pkgs.python313Packages.ansible-runner Helps when interfacing with Ansible nixos-unstable - nixpkgs-unstable 2.4.1 pkgs.python313Packages.pytest-ansible Plugin for pytest to simplify calling ansible modules from tests or fixtures nixos-unstable - nixpkgs-unstable 25.8.0 pkgs.vscode-extensions.redhat.ansible Ansible language support nixos-unstable - nixpkgs-unstable 25.8.1 pkgs.python312Packages.ansible-builder Ansible execution environment builder nixos-unstable - nixpkgs-unstable 3.1.0 pkgs.python313Packages.ansible-builder Ansible execution environment builder nixos-unstable - nixpkgs-unstable 3.1.0 pkgs.python312Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-unstable - nixpkgs-unstable 1.2.2 pkgs.python312Packages.ansible-vault-rw This project aim to R/W an ansible-vault yaml file nixos-unstable - nixpkgs-unstable 2.1.0 pkgs.python313Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-unstable - nixpkgs-unstable 1.2.2 pkgs.python313Packages.ansible-vault-rw This project aim to R/W an ansible-vault yaml file nixos-unstable - nixpkgs-unstable 2.1.0 pkgs.python312Packages.jinja2-ansible-filters Jinja2 Ansible Filters nixos-unstable - nixpkgs-unstable jinja2-ansible-filters-1.3.2 pkgs.python313Packages.jinja2-ansible-filters Jinja2 Ansible Filters nixos-unstable - nixpkgs-unstable jinja2-ansible-filters-1.3.2 Package maintainers: 13 @HarisDotParis Haris <nix.dev@haris.paris> @robsliwi Robert Sliwinski <r@sliwi.org> @Melkor333 Samuel Ruprecht <samuel@ton-kunst.ch> @tie Ivan Trubach <mr.trubach@icloud.com> @tboerger Thomas Boerger <thomas@webhippie.de> @mweinelt Martin Weinelt <hexa@darmstadt.ccc.de> @sengaya Thilo Uttendorfer <tlo@sengaya.de> @dawidd6 Dawid Dziurla <dawidd0811@gmail.com> @geluk Johan Geluk <johan+nix@geluk.io> @GaetanLepage Gaetan Lepage <gaetan@glepage.com> @StillerHarpo Florian Engel <engelflorian@posteo.de> @tjni Theodore Ni <43ngvg@masqt.com> @TheMaxMur Maxim Muravev <muravjev.mak@yandex.ru>
pkgs.ansible-cmdb Generate host overview from ansible fact gathering output nixos-unstable - nixpkgs-unstable 1.31
pkgs.ansible-doctor Annotation based documentation for your Ansible roles nixos-unstable - nixpkgs-unstable 7.2.0
pkgs.ansible-navigator Text-based user interface (TUI) for Ansible nixos-unstable - nixpkgs-unstable 25.8.0
pkgs.python312Packages.ansible Radically simple IT automation nixos-unstable - nixpkgs-unstable 11.9.0
pkgs.python313Packages.ansible Radically simple IT automation nixos-unstable - nixpkgs-unstable 11.9.0
pkgs.python312Packages.ansible-core Radically simple IT automation nixos-unstable - nixpkgs-unstable 2.19.2
pkgs.python313Packages.ansible-core Radically simple IT automation nixos-unstable - nixpkgs-unstable 2.19.2
pkgs.python312Packages.ansible-compat Function collection that help interacting with various versions of Ansible nixos-unstable - nixpkgs-unstable 25.8.1
pkgs.python312Packages.ansible-kernel Ansible kernel for Jupyter nixos-unstable - nixpkgs-unstable 1.0.0
pkgs.python312Packages.ansible-runner Helps when interfacing with Ansible nixos-unstable - nixpkgs-unstable 2.4.1
pkgs.python312Packages.pytest-ansible Plugin for pytest to simplify calling ansible modules from tests or fixtures nixos-unstable - nixpkgs-unstable 25.8.0
pkgs.python313Packages.ansible-compat Function collection that help interacting with various versions of Ansible nixos-unstable - nixpkgs-unstable 25.8.1
pkgs.python313Packages.ansible-kernel Ansible kernel for Jupyter nixos-unstable - nixpkgs-unstable 1.0.0
pkgs.python313Packages.ansible-runner Helps when interfacing with Ansible nixos-unstable - nixpkgs-unstable 2.4.1
pkgs.python313Packages.pytest-ansible Plugin for pytest to simplify calling ansible modules from tests or fixtures nixos-unstable - nixpkgs-unstable 25.8.0
pkgs.vscode-extensions.redhat.ansible Ansible language support nixos-unstable - nixpkgs-unstable 25.8.1
pkgs.python312Packages.ansible-builder Ansible execution environment builder nixos-unstable - nixpkgs-unstable 3.1.0
pkgs.python313Packages.ansible-builder Ansible execution environment builder nixos-unstable - nixpkgs-unstable 3.1.0
pkgs.python312Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-unstable - nixpkgs-unstable 1.2.2
pkgs.python312Packages.ansible-vault-rw This project aim to R/W an ansible-vault yaml file nixos-unstable - nixpkgs-unstable 2.1.0
pkgs.python313Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-unstable - nixpkgs-unstable 1.2.2
pkgs.python313Packages.ansible-vault-rw This project aim to R/W an ansible-vault yaml file nixos-unstable - nixpkgs-unstable 2.1.0
pkgs.python312Packages.jinja2-ansible-filters Jinja2 Ansible Filters nixos-unstable - nixpkgs-unstable jinja2-ansible-filters-1.3.2
pkgs.python313Packages.jinja2-ansible-filters Jinja2 Ansible Filters nixos-unstable - nixpkgs-unstable jinja2-ansible-filters-1.3.2
CVE-2023-4255 created 4 months ago W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223) An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition. Affected products w3m Matching in nixpkgs pkgs.w3m-nox Text-mode web browser nixos-unstable - nixpkgs-unstable 0.5.5 pkgs.w3m-full Text-mode web browser nixos-unstable - nixpkgs-unstable 0.5.5 pkgs.w3m-batch Text-mode web browser nixos-unstable - nixpkgs-unstable 0.5.5 pkgs.w3m-nographics Text-mode web browser nixos-unstable - nixpkgs-unstable 0.5.5 Package maintainers: 2 @toastal toastal <toastal+nix@posteo.net> @anthonyroussel Anthony Roussel <anthony@roussel.dev>