Nixpkgs Security Tracker

Login with GitHub

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2025-6170
created 4 months ago
Libxml2: stack buffer overflow in xmllint interactive shell command handling

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

Affected products

rhcos
libxml2
  • <2.14.5

Matching in nixpkgs

pkgs.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.libxml2_13

XML parsing library for C

  • nixos-unstable -

pkgs.libxml2Python

  • nixos-unstable -

pkgs.python312Packages.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.python313Packages.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.tests.pkg-config.defaultPkgConfigPackages."libxml-2.0"

Test whether libxml2-2.14.5 exposes pkg-config modules libxml-2.0

Package maintainers: 7

CVE-2025-49795
created 4 months ago
Libxml: null pointer dereference leads to denial of service (dos)

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.

Affected products

libxml2
  • *
  • <2.15.0

Matching in nixpkgs

pkgs.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.libxml2_13

XML parsing library for C

  • nixos-unstable -

pkgs.libxml2Python

  • nixos-unstable -

pkgs.python312Packages.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.python313Packages.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.tests.pkg-config.defaultPkgConfigPackages."libxml-2.0"

Test whether libxml2-2.14.5 exposes pkg-config modules libxml-2.0

Package maintainers: 7

CVE-2025-49796
created 4 months ago
Libxml: type confusion leads to denial of service (dos)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

Affected products

rhcos
  • *
libxml2
  • *
  • <2.15.0
discovery/discovery-server-rhel9
  • *
web-terminal/web-terminal-tooling-rhel9
  • *
cert-manager/jetstack-cert-manager-rhel9
  • *
web-terminal/web-terminal-rhel9-operator
  • *
insights-proxy/insights-proxy-container-rhel9
  • *
compliance/openshift-file-integrity-rhel8-operator
  • *
registry.redhat.io/discovery/discovery-server-rhel9
  • *
registry.redhat.io/insights-proxy/insights-proxy-container-rhel9
  • *

Matching in nixpkgs

pkgs.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.libxml2_13

XML parsing library for C

  • nixos-unstable -

pkgs.libxml2Python

  • nixos-unstable -

pkgs.python312Packages.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.python313Packages.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.tests.pkg-config.defaultPkgConfigPackages."libxml-2.0"

Test whether libxml2-2.14.5 exposes pkg-config modules libxml-2.0

Package maintainers: 7

CVE-2025-6035
created 4 months ago
Gimp: gimp integer overflow

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.

Affected products

gimp
  • <3.0.4
gimp:2.8/gimp

Matching in nixpkgs

pkgs.zigimports

Automatically remove unused imports and globals from Zig files

  • nixos-unstable -

pkgs.gimpPlugins.bimp

Batch Image Manipulation Plugin for GIMP

  • nixos-unstable -

pkgs.gimpPlugins.gimp

GNU Image Manipulation Program

pkgs.gimpPlugins.gmic

GIMP plugin for the G'MIC image processing framework

  • nixos-unstable -

pkgs.gimp-with-plugins

GNU Image Manipulation Program

pkgs.gimp3Plugins.gimp

GNU Image Manipulation Program

  • nixos-unstable -

pkgs.gimp3Plugins.gmic

GIMP plugin for the G'MIC image processing framework

  • nixos-unstable -

pkgs.gimp3-with-plugins

GNU Image Manipulation Program

  • nixos-unstable -

pkgs.gimpPlugins.fourier

GIMP plug-in to do the fourier transform

  • nixos-unstable -

pkgs.gimpPlugins.farbfeld

Gimp plug-in for the farbfeld image format

pkgs.gimpPlugins.lightning

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.gimpPlugins.lqrPlugin

  • nixos-unstable -

pkgs.gimp3Plugins.lightning

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.gimpPlugins.gimplensfun

GIMP plugin to correct lens distortion using the lensfun library and database

pkgs.gimpPlugins.resynthesizer

  • nixos-unstable -

pkgs.gimpPlugins.waveletSharpen

  • nixos-unstable -

Package maintainers: 3

CVE-2025-6052
created 4 months ago
Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.

Affected products

bootc
glib2
loupe
librsvg2
rpm-ostree
mingw-glib2
glycin-loaders

Matching in nixpkgs

pkgs.bootc

Boot and upgrade via container images

  • nixos-unstable -

pkgs.loupe

Simple image viewer application written with GTK4 and Rust

  • nixos-unstable -

pkgs.rpm-ostree

Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model

  • nixos-unstable -

pkgs.podman-bootc

Streamlining podman+bootc interactions

  • nixos-unstable -

pkgs.mlxbf-bootctl

Control BlueField boot partitions

pkgs.glycin-loaders

Glycin loaders for several formats

  • nixos-unstable -

pkgs.systemd-bootchart

Boot performance graphing tool from systemd

  • nixos-unstable -

pkgs.rubyPackages.glib2

pkgs.rubyPackages_3_1.glib2

pkgs.rubyPackages_3_2.glib2

pkgs.rubyPackages_3_3.glib2

pkgs.rubyPackages_3_4.glib2

Package maintainers: 10

CVE-2025-6021
created 4 months ago
Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Affected products

rhcos
  • *
libxml2
  • <2.14.4
  • *
discovery/discovery-server-rhel9
  • *
insights-proxy/insights-proxy-container-rhel9
  • *
registry.redhat.io/discovery/discovery-server-rhel9
  • *
registry.redhat.io/insights-proxy/insights-proxy-container-rhel9
  • *

Matching in nixpkgs

pkgs.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.libxml2_13

XML parsing library for C

  • nixos-unstable -

pkgs.libxml2Python

  • nixos-unstable -

pkgs.python312Packages.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.python313Packages.libxml2

XML parsing library for C

  • nixos-unstable -

pkgs.tests.pkg-config.defaultPkgConfigPackages."libxml-2.0"

Test whether libxml2-2.14.5 exposes pkg-config modules libxml-2.0

Package maintainers: 7

CVE-2025-40914
created 4 months ago
Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow

Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.

Affected products

CryptX
  • =<0.086

Matching in nixpkgs

pkgs.perlPackages.CryptX

Cryptographic toolkit

  • nixos-unstable -

pkgs.perl538Packages.CryptX

Cryptographic toolkit

  • nixos-unstable -

pkgs.perl540Packages.CryptX

Cryptographic toolkit

  • nixos-unstable -
CVE-2025-40912
created 4 months ago
CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode

CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode. CryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362.

Affected products

CryptX
  • <0.065

Matching in nixpkgs

pkgs.perlPackages.CryptX

Cryptographic toolkit

  • nixos-unstable -

pkgs.perl538Packages.CryptX

Cryptographic toolkit

  • nixos-unstable -

pkgs.perl540Packages.CryptX

Cryptographic toolkit

  • nixos-unstable -
CVE-2025-47712
created 4 months ago
Nbd: nbdkit: integer overflow triggers an assertion resulting in denial of service

A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service.

Affected products

nbdkit
  • <1.40.6
  • <1.42.3
  • <1.38.6
virt:av/nbdkit
virt:8.2/nbdkit
virt:rhel/nbdkit

Matching in nixpkgs

pkgs.nbdkit

NBD server with stable plugin ABI and permissive license

  • nixos-unstable -

Package maintainers: 1

CVE-2025-5917
created 4 months ago
Libarchive: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation.

Affected products

rhcos
libarchive
  • <3.8.0

Matching in nixpkgs

pkgs.libarchive

Multi-format archive and compression library

  • nixos-unstable -

pkgs.libarchive-qt

Qt based archiving solution with libarchive backend

  • nixos-unstable -

pkgs.haskellPackages.libarchive

Haskell interface to libarchive

pkgs.kodiPackages.vfs-libarchive

LibArchive Virtual Filesystem add-on for Kodi

  • nixos-unstable -

pkgs.python312Packages.libarchive-c

Python interface to libarchive

  • nixos-unstable -

pkgs.python313Packages.libarchive-c

Python interface to libarchive

  • nixos-unstable -

pkgs.haskellPackages.archive-libarchive

Common interface using libarchive

pkgs.haskellPackages.libarchive-conduit

Read many archive formats with libarchive and conduit

pkgs.python312Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

pkgs.python313Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

Package maintainers: 8