Dismissed suggestions Untriaged suggestions Draft issues Published issues Automatically generated suggestions Create Draft to queue a suggestion for refinement. Dismiss to remove a suggestion from the queue. CVE-2025-32911 9.0 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 2 weeks ago Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. libsoup * <3.6.3 libsoup3 mingw-freetype * spice-client-win * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru> CVE-2024-2182 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Ovn: insufficient validation of bfd packets may lead to denial of service A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service. ovn * ovn2.11 ovn2.12 ovn2.13 ovn-2021 * ovn22.03 * ovn22.06 ovn22.09 ovn22.12 * ovn23.03 * ovn23.06 * ovn23.09 * pkgs.ovn Open Virtual Network nixos-unstable 24.09.1 nixos-unstable-small 24.09.1 nixpkgs-unstable 24.09.1 pkgs.novnc VNC client web application nixos-unstable 1.5.0 nixos-unstable-small 1.5.0 nixpkgs-unstable 1.5.0 pkgs.turbovnc High-speed version of VNC derived from TightVNC nixos-unstable 3.1.3 nixos-unstable-small 3.1.3 nixpkgs-unstable 3.1.3 pkgs.nanovna-saver A tool for reading, displaying and saving data from the NanoVNA nixos-unstable 0.6.5 nixos-unstable-small 0.6.5 nixpkgs-unstable 0.6.5 pkgs.python311Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-unstable 0.6.0 nixos-unstable-small 0.6.0 nixpkgs-unstable 0.6.0 Package maintainers: 6 @adamcstephens Adam C. Stephens <happy.plan4249@valkor.net> @nh2 Niklas Hambüchen <mail@nh2.me> @NeverBehave Xinhao Luo <i@never.pet> @zaninime Francesco Zanini <francesco@zanini.me> @hesiod Tobias Markus <tobias@markus-regensburg.de> @npatsakula Patsakula Nikita <nikita.patsakula@gmail.com> CVE-2025-3576 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): NONE created 4 months, 2 weeks ago Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. krb5 * <1.22 rhcos aap-cloud-metrics-collector-container ansible-automation-platform-24/ee-minimal-rhel9 ansible-automation-platform-24/ee-supported-rhel8 ansible-automation-platform-24/ee-supported-rhel9 registry.redhat.io/discovery/discovery-server-rhel9 * ansible-automation-platform-25/ansible-builder-rhel8 ansible-automation-platform-24/platform-resource-runner-rhel8 pkgs.krb5 MIT Kerberos 5 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.libkrb5 MIT Kerberos 5 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.pam_krb5 PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC nixos-unstable krb5-4.11 nixos-unstable-small krb5-4.11 nixpkgs-unstable krb5-4.11 pkgs.libkrb5.x86_64-linux MIT Kerberos 5 nixos-unstable ??? nixos-unstable-small 1.21.3 pkgs.libkrb5.aarch64-darwin MIT Kerberos 5 nixos-unstable ??? nixos-unstable-small 1.21.3 pkgs.python311Packages.krb5 Kerberos API bindings for Python nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 pkgs.python312Packages.krb5 Kerberos API bindings for Python nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 pkgs.python312Packages.krb5.x86_64-linux Kerberos API bindings for Python nixos-unstable krb5-0.7.0 pkgs.python312Packages.krb5.aarch64-linux Kerberos API bindings for Python nixos-unstable krb5-0.7.0 Package maintainers: 2 @invokes-su Souvik Sen <nixpkgs-commits@deshaw.com> @de11n Elliot Cameron <nixpkgs-commits@deshaw.com> CVE-2025-32909 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): LOW created 4 months, 2 weeks ago Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash. libsoup <3.6.2 libsoup3 mingw-freetype * spice-client-win * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru> CVE-2023-52356 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. iv tkimg libtiff <4.6.0 * mingw-libtiff compat-libtiff3 pkgs.libtiff Library and utilities for working with the TIFF image file format nixos-unstable 4.7.0 nixos-unstable-small 4.7.0 nixpkgs-unstable 4.7.0 pkgs.libtiff.x86_64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.aarch64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.x86_64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.aarch64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 Package maintainers: 7 @nh2 Niklas Hambüchen <mail@nh2.me> @autra Augustin Trancart <augustin.trancart@gmail.com> @l0b0 Victor Engmark <victor@engmark.name> @willcohen Will Cohen @nialov Nikolas Ovaskainen <nikolasovaskainen@gmail.com> @imincik Ivan Mincik <ivan.mincik@gmail.com> @sikmir Nikolay Korotkiy <sikmir@disroot.org> CVE-2025-32914 7.4 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds. libsoup * <3.6.5 libsoup3 * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru> CVE-2025-31344 7.3 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): HIGH created 4 months, 2 weeks ago The giflib open-source component has a buffer overflow vulnerability Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2. giflib =<5.2.2 pkgs.giflib Library for reading and writing gif images nixos-unstable 5.2.2 nixos-unstable-small 5.2.2 nixpkgs-unstable 5.2.2 CVE-2020-27792 7.1 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 2 weeks ago Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service. ghostscript * pkgs.ghostscriptX PostScript interpreter (mainline version) nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0 pkgs.ghostscript_headless PostScript interpreter (mainline version) nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0 pkgs.haskellPackages.ghostscript-parallel Let Ghostscript render pages in parallel nixos-unstable 0.0.1 nixos-unstable-small 0.0.1 nixpkgs-unstable 0.0.1 Package maintainers: 1 @tobim Tobias Mayer <nix@tobim.fastmail.fm> CVE-2025-32906 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Libsoup: out of bounds reads in soup_headers_parse_request() A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. libsoup * <3.6.5 libsoup3 * mingw-freetype * spice-client-win * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru> CVE-2025-32908 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Libsoup: denial of service on libsoup through http/2 server A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS). libsoup <3.6.5 libsoup3 * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru>
CVE-2025-32911 9.0 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 2 weeks ago Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. libsoup * <3.6.3 libsoup3 mingw-freetype * spice-client-win * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru>
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2024-2182 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Ovn: insufficient validation of bfd packets may lead to denial of service A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service. ovn * ovn2.11 ovn2.12 ovn2.13 ovn-2021 * ovn22.03 * ovn22.06 ovn22.09 ovn22.12 * ovn23.03 * ovn23.06 * ovn23.09 * pkgs.ovn Open Virtual Network nixos-unstable 24.09.1 nixos-unstable-small 24.09.1 nixpkgs-unstable 24.09.1 pkgs.novnc VNC client web application nixos-unstable 1.5.0 nixos-unstable-small 1.5.0 nixpkgs-unstable 1.5.0 pkgs.turbovnc High-speed version of VNC derived from TightVNC nixos-unstable 3.1.3 nixos-unstable-small 3.1.3 nixpkgs-unstable 3.1.3 pkgs.nanovna-saver A tool for reading, displaying and saving data from the NanoVNA nixos-unstable 0.6.5 nixos-unstable-small 0.6.5 nixpkgs-unstable 0.6.5 pkgs.python311Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-unstable 0.6.0 nixos-unstable-small 0.6.0 nixpkgs-unstable 0.6.0 Package maintainers: 6 @adamcstephens Adam C. Stephens <happy.plan4249@valkor.net> @nh2 Niklas Hambüchen <mail@nh2.me> @NeverBehave Xinhao Luo <i@never.pet> @zaninime Francesco Zanini <francesco@zanini.me> @hesiod Tobias Markus <tobias@markus-regensburg.de> @npatsakula Patsakula Nikita <nikita.patsakula@gmail.com>
pkgs.ovn Open Virtual Network nixos-unstable 24.09.1 nixos-unstable-small 24.09.1 nixpkgs-unstable 24.09.1
pkgs.novnc VNC client web application nixos-unstable 1.5.0 nixos-unstable-small 1.5.0 nixpkgs-unstable 1.5.0
pkgs.turbovnc High-speed version of VNC derived from TightVNC nixos-unstable 3.1.3 nixos-unstable-small 3.1.3 nixpkgs-unstable 3.1.3
pkgs.nanovna-saver A tool for reading, displaying and saving data from the NanoVNA nixos-unstable 0.6.5 nixos-unstable-small 0.6.5 nixpkgs-unstable 0.6.5
pkgs.python311Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-unstable 0.6.0 nixos-unstable-small 0.6.0 nixpkgs-unstable 0.6.0
CVE-2025-3576 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): NONE created 4 months, 2 weeks ago Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. krb5 * <1.22 rhcos aap-cloud-metrics-collector-container ansible-automation-platform-24/ee-minimal-rhel9 ansible-automation-platform-24/ee-supported-rhel8 ansible-automation-platform-24/ee-supported-rhel9 registry.redhat.io/discovery/discovery-server-rhel9 * ansible-automation-platform-25/ansible-builder-rhel8 ansible-automation-platform-24/platform-resource-runner-rhel8 pkgs.krb5 MIT Kerberos 5 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.libkrb5 MIT Kerberos 5 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.pam_krb5 PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC nixos-unstable krb5-4.11 nixos-unstable-small krb5-4.11 nixpkgs-unstable krb5-4.11 pkgs.libkrb5.x86_64-linux MIT Kerberos 5 nixos-unstable ??? nixos-unstable-small 1.21.3 pkgs.libkrb5.aarch64-darwin MIT Kerberos 5 nixos-unstable ??? nixos-unstable-small 1.21.3 pkgs.python311Packages.krb5 Kerberos API bindings for Python nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 pkgs.python312Packages.krb5 Kerberos API bindings for Python nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 pkgs.python312Packages.krb5.x86_64-linux Kerberos API bindings for Python nixos-unstable krb5-0.7.0 pkgs.python312Packages.krb5.aarch64-linux Kerberos API bindings for Python nixos-unstable krb5-0.7.0 Package maintainers: 2 @invokes-su Souvik Sen <nixpkgs-commits@deshaw.com> @de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
pkgs.libkrb5 MIT Kerberos 5 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3
pkgs.pam_krb5 PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC nixos-unstable krb5-4.11 nixos-unstable-small krb5-4.11 nixpkgs-unstable krb5-4.11
pkgs.python311Packages.krb5 Kerberos API bindings for Python nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0
pkgs.python312Packages.krb5 Kerberos API bindings for Python nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0
CVE-2025-32909 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): LOW created 4 months, 2 weeks ago Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash. libsoup <3.6.2 libsoup3 mingw-freetype * spice-client-win * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru>
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2023-52356 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. iv tkimg libtiff <4.6.0 * mingw-libtiff compat-libtiff3 pkgs.libtiff Library and utilities for working with the TIFF image file format nixos-unstable 4.7.0 nixos-unstable-small 4.7.0 nixpkgs-unstable 4.7.0 pkgs.libtiff.x86_64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.aarch64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.x86_64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.aarch64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 Package maintainers: 7 @nh2 Niklas Hambüchen <mail@nh2.me> @autra Augustin Trancart <augustin.trancart@gmail.com> @l0b0 Victor Engmark <victor@engmark.name> @willcohen Will Cohen @nialov Nikolas Ovaskainen <nikolasovaskainen@gmail.com> @imincik Ivan Mincik <ivan.mincik@gmail.com> @sikmir Nikolay Korotkiy <sikmir@disroot.org>
pkgs.libtiff Library and utilities for working with the TIFF image file format nixos-unstable 4.7.0 nixos-unstable-small 4.7.0 nixpkgs-unstable 4.7.0
pkgs.libtiff.x86_64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0
pkgs.libtiff.aarch64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0
pkgs.libtiff.x86_64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0
pkgs.libtiff.aarch64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0
CVE-2025-32914 7.4 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds. libsoup * <3.6.5 libsoup3 * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru>
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2025-31344 7.3 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): HIGH created 4 months, 2 weeks ago The giflib open-source component has a buffer overflow vulnerability Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2. giflib =<5.2.2 pkgs.giflib Library for reading and writing gif images nixos-unstable 5.2.2 nixos-unstable-small 5.2.2 nixpkgs-unstable 5.2.2
pkgs.giflib Library for reading and writing gif images nixos-unstable 5.2.2 nixos-unstable-small 5.2.2 nixpkgs-unstable 5.2.2
CVE-2020-27792 7.1 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 2 weeks ago Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service. ghostscript * pkgs.ghostscriptX PostScript interpreter (mainline version) nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0 pkgs.ghostscript_headless PostScript interpreter (mainline version) nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0 pkgs.haskellPackages.ghostscript-parallel Let Ghostscript render pages in parallel nixos-unstable 0.0.1 nixos-unstable-small 0.0.1 nixpkgs-unstable 0.0.1 Package maintainers: 1 @tobim Tobias Mayer <nix@tobim.fastmail.fm>
pkgs.ghostscriptX PostScript interpreter (mainline version) nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0
pkgs.ghostscript_headless PostScript interpreter (mainline version) nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0
pkgs.haskellPackages.ghostscript-parallel Let Ghostscript render pages in parallel nixos-unstable 0.0.1 nixos-unstable-small 0.0.1 nixpkgs-unstable 0.0.1
CVE-2025-32906 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Libsoup: out of bounds reads in soup_headers_parse_request() A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. libsoup * <3.6.5 libsoup3 * mingw-freetype * spice-client-win * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru>
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2025-32908 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 2 weeks ago Libsoup: denial of service on libsoup through http/2 server A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS). libsoup <3.6.5 libsoup3 * pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0 pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Package maintainers: 6 @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @lovek323 Jason O'Conal <jason@oconal.id.au> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> @7c6f434c Michael Raskin <7c6f434c@mail.ru>
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.libsoup_3.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_3.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.x86_64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_3.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 3.6.0
pkgs.libsoup_2_4.aarch64-linux HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.x86_64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.libsoup_2_4.aarch64-darwin HTTP client/server library for GNOME nixos-unstable ??? nixos-unstable-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4