Dismissed suggestions Untriaged suggestions Draft issues Published issues Automatically generated suggestions Create Draft to queue a suggestion for refinement. Dismiss to remove a suggestion from the queue. CVE-2024-10295 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 3 months, 4 weeks ago Gateway: apicast basic auth bypass via malformed base64 headerssending non-base64 'basic' auth with special characters causes apicast to incorrectly authenticate a request A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue can occur due to a failure in the base64 decoding process, which causes APICast to skip the rest of the authentication checks and proceed with routing the request upstream. gateway =<2.14.2 3scale-amp-apicast-gateway-container pkgs.grpc-gateway A gRPC to JSON proxy generator plugin for Google Protocol Buffers nixos-24.11 2.22.0 pkgs.janus-gateway General purpose WebRTC server nixos-24.11 1.3.0 pkgs.ingress2gateway Convert Ingress resources to Gateway API resources nixos-24.11 0.3.0 pkgs.jetbrains.gateway Remote development for JetBrains products nixos-24.11 2024.3 pkgs.prometheus-pushgateway Allows ephemeral and batch jobs to expose metrics to Prometheus nixos-24.11 1.10.0 pkgs.python311Packages.dask-gateway Client library for interacting with a dask-gateway server nixos-24.11 2023.1.1 pkgs.python312Packages.dask-gateway Client library for interacting with a dask-gateway server nixos-24.11 2023.1.1 pkgs.azure-cli-extensions.arcgateway Microsoft Azure Command-Line Tools Arcgateway Extension nixos-24.11 1.0.0b1 pkgs.python311Packages.aioruuvigateway Asyncio-native library for requesting data from a Ruuvi Gateway nixos-24.11 0.1.0 pkgs.python311Packages.pyxiaomigateway Python library to communicate with the Xiaomi Gateway nixos-24.11 0.14.3 pkgs.python311Packages.quantum-gateway Python library for interacting with Verizon Fios Quantum gateway devices nixos-24.11 0.0.8 pkgs.python312Packages.aioruuvigateway Asyncio-native library for requesting data from a Ruuvi Gateway nixos-24.11 0.1.0 pkgs.python312Packages.pyxiaomigateway Python library to communicate with the Xiaomi Gateway nixos-24.11 0.14.3 pkgs.python312Packages.quantum-gateway Python library for interacting with Verizon Fios Quantum gateway devices nixos-24.11 0.0.8 pkgs.haskellPackages.amazonka-apigateway Amazon API Gateway SDK nixos-24.11 2.0 pkgs.haskellPackages.amazonka-apigatewayv2 Amazon ApiGatewayV2 SDK nixos-24.11 apigatewayv2-2.0 pkgs.python311Packages.dask-gateway-server Multi-tenant server for securely deploying and managing multiple Dask clusters nixos-24.11 2023.9.0 pkgs.python312Packages.dask-gateway-server Multi-tenant server for securely deploying and managing multiple Dask clusters nixos-24.11 2023.9.0 pkgs.haskellPackages.amazonka-backup-gateway Amazon Backup Gateway SDK nixos-24.11 2.0 pkgs.haskellPackages.amazonka-storagegateway Amazon Storage Gateway SDK nixos-24.11 2.0 pkgs.python311Packages.mypy-boto3-apigateway Type annotations for boto3 apigateway nixos-24.11 boto3-apigateway-1.35.25 pkgs.python312Packages.mypy-boto3-apigateway Type annotations for boto3 apigateway nixos-24.11 boto3-apigateway-1.35.25 pkgs.python311Packages.mypy-boto3-apigatewayv2 Type annotations for boto3 apigatewayv2 nixos-24.11 boto3-apigatewayv2-1.35.0 pkgs.python312Packages.mypy-boto3-apigatewayv2 Type annotations for boto3 apigatewayv2 nixos-24.11 boto3-apigatewayv2-1.35.0 pkgs.python311Packages.mypy-boto3-backup-gateway Type annotations for boto3 backup-gateway nixos-24.11 boto3-backup-gateway-1.35.0 pkgs.python311Packages.mypy-boto3-storagegateway Type annotations for boto3 storagegateway nixos-24.11 boto3-storagegateway-1.35.50 pkgs.python312Packages.mypy-boto3-backup-gateway Type annotations for boto3 backup-gateway nixos-24.11 boto3-backup-gateway-1.35.0 pkgs.python312Packages.mypy-boto3-storagegateway Type annotations for boto3 storagegateway nixos-24.11 boto3-storagegateway-1.35.50 pkgs.home-assistant-component-tests.ruuvi_gateway Open source home automation that puts local control and privacy first nixos-24.11 2024.11.1 pkgs.python311Packages.types-aiobotocore-apigateway Type annotations for aiobotocore apigateway nixos-24.11 2.15.2 pkgs.python312Packages.types-aiobotocore-apigateway Type annotations for aiobotocore apigateway nixos-24.11 2.15.2 pkgs.haskellPackages.amazonka-apigatewaymanagementapi Amazon ApiGatewayManagementApi SDK nixos-24.11 2.0 pkgs.home-assistant-custom-components.xiaomi_gateway3 Home Assistant custom component for control Xiaomi Multimode Gateway (aka Gateway 3), Xiaomi Multimode Gateway 2, Aqara Hub E1 on default firmwares over LAN nixos-24.11 xiaomi_gateway3-4.0.6 pkgs.python311Packages.types-aiobotocore-apigatewayv2 Type annotations for aiobotocore apigatewayv2 nixos-24.11 apigatewayv2-2.15.2 pkgs.python312Packages.types-aiobotocore-apigatewayv2 Type annotations for aiobotocore apigatewayv2 nixos-24.11 apigatewayv2-2.15.2 pkgs.python311Packages.types-aiobotocore-backup-gateway Type annotations for aiobotocore backup-gateway nixos-24.11 2.15.2 pkgs.python311Packages.types-aiobotocore-storagegateway Type annotations for aiobotocore storagegateway nixos-24.11 2.15.2 pkgs.python312Packages.types-aiobotocore-backup-gateway Type annotations for aiobotocore backup-gateway nixos-24.11 2.15.2 pkgs.python312Packages.types-aiobotocore-storagegateway Type annotations for aiobotocore storagegateway nixos-24.11 2.15.2 pkgs.python311Packages.mypy-boto3-apigatewaymanagementapi Type annotations for boto3 apigatewaymanagementapi nixos-24.11 boto3-apigatewaymanagementapi-1.35.0 pkgs.python312Packages.mypy-boto3-apigatewaymanagementapi Type annotations for boto3 apigatewaymanagementapi nixos-24.11 boto3-apigatewaymanagementapi-1.35.0 pkgs.python311Packages.types-aiobotocore-apigatewaymanagementapi Type annotations for aiobotocore apigatewaymanagementapi nixos-24.11 2.15.2 pkgs.python312Packages.types-aiobotocore-apigatewaymanagementapi Type annotations for aiobotocore apigatewaymanagementapi nixos-24.11 2.15.2 Notify package maintainers: 11 @happyalu Alok Parlikar <alok@parlikar.com> @fpletz Franz Pletz <fpletz@fnordicwalking.de> @arikgrahl Arik Grahl <mail@arik-grahl.de> @benley Benjamin Staffin <benley@gmail.com> @ulrikstrid Ulrik Strid <ulrik.strid@outlook.com> @katexochen Paul Meyer @mweinelt Martin Weinelt <hexa@darmstadt.ccc.de> @fabaff Fabian Affolter <mail@fabian-affolter.ch> @mbalatsko Maksym Balatsko <mbalatsko@gmail.com> @Mic92 Jörg Thalheim <joerg@thalheim.io> @azuwis Zhong Jianxin <azuwis@gmail.com> CVE-2010-3872 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 3 months, 4 weeks ago Httpd: mod_fcgid: stack-based buffer overflow in fcgid_header_bucket_read() in modules/fcgid/fcgid_bucket.c A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application crash. mod_fcgid CVE-2024-9979 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 4 months ago Pyo3: risk of use-after-free in `borrowed` reads from python weak references A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references. pyo3 <0.22.4 python3.11-nh3 python3.11-rpds-py python3.11-cryptography python3.12-cryptography
CVE-2024-10295 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 3 months, 4 weeks ago Gateway: apicast basic auth bypass via malformed base64 headerssending non-base64 'basic' auth with special characters causes apicast to incorrectly authenticate a request A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue can occur due to a failure in the base64 decoding process, which causes APICast to skip the rest of the authentication checks and proceed with routing the request upstream. gateway =<2.14.2 3scale-amp-apicast-gateway-container pkgs.grpc-gateway A gRPC to JSON proxy generator plugin for Google Protocol Buffers nixos-24.11 2.22.0 pkgs.janus-gateway General purpose WebRTC server nixos-24.11 1.3.0 pkgs.ingress2gateway Convert Ingress resources to Gateway API resources nixos-24.11 0.3.0 pkgs.jetbrains.gateway Remote development for JetBrains products nixos-24.11 2024.3 pkgs.prometheus-pushgateway Allows ephemeral and batch jobs to expose metrics to Prometheus nixos-24.11 1.10.0 pkgs.python311Packages.dask-gateway Client library for interacting with a dask-gateway server nixos-24.11 2023.1.1 pkgs.python312Packages.dask-gateway Client library for interacting with a dask-gateway server nixos-24.11 2023.1.1 pkgs.azure-cli-extensions.arcgateway Microsoft Azure Command-Line Tools Arcgateway Extension nixos-24.11 1.0.0b1 pkgs.python311Packages.aioruuvigateway Asyncio-native library for requesting data from a Ruuvi Gateway nixos-24.11 0.1.0 pkgs.python311Packages.pyxiaomigateway Python library to communicate with the Xiaomi Gateway nixos-24.11 0.14.3 pkgs.python311Packages.quantum-gateway Python library for interacting with Verizon Fios Quantum gateway devices nixos-24.11 0.0.8 pkgs.python312Packages.aioruuvigateway Asyncio-native library for requesting data from a Ruuvi Gateway nixos-24.11 0.1.0 pkgs.python312Packages.pyxiaomigateway Python library to communicate with the Xiaomi Gateway nixos-24.11 0.14.3 pkgs.python312Packages.quantum-gateway Python library for interacting with Verizon Fios Quantum gateway devices nixos-24.11 0.0.8 pkgs.haskellPackages.amazonka-apigateway Amazon API Gateway SDK nixos-24.11 2.0 pkgs.haskellPackages.amazonka-apigatewayv2 Amazon ApiGatewayV2 SDK nixos-24.11 apigatewayv2-2.0 pkgs.python311Packages.dask-gateway-server Multi-tenant server for securely deploying and managing multiple Dask clusters nixos-24.11 2023.9.0 pkgs.python312Packages.dask-gateway-server Multi-tenant server for securely deploying and managing multiple Dask clusters nixos-24.11 2023.9.0 pkgs.haskellPackages.amazonka-backup-gateway Amazon Backup Gateway SDK nixos-24.11 2.0 pkgs.haskellPackages.amazonka-storagegateway Amazon Storage Gateway SDK nixos-24.11 2.0 pkgs.python311Packages.mypy-boto3-apigateway Type annotations for boto3 apigateway nixos-24.11 boto3-apigateway-1.35.25 pkgs.python312Packages.mypy-boto3-apigateway Type annotations for boto3 apigateway nixos-24.11 boto3-apigateway-1.35.25 pkgs.python311Packages.mypy-boto3-apigatewayv2 Type annotations for boto3 apigatewayv2 nixos-24.11 boto3-apigatewayv2-1.35.0 pkgs.python312Packages.mypy-boto3-apigatewayv2 Type annotations for boto3 apigatewayv2 nixos-24.11 boto3-apigatewayv2-1.35.0 pkgs.python311Packages.mypy-boto3-backup-gateway Type annotations for boto3 backup-gateway nixos-24.11 boto3-backup-gateway-1.35.0 pkgs.python311Packages.mypy-boto3-storagegateway Type annotations for boto3 storagegateway nixos-24.11 boto3-storagegateway-1.35.50 pkgs.python312Packages.mypy-boto3-backup-gateway Type annotations for boto3 backup-gateway nixos-24.11 boto3-backup-gateway-1.35.0 pkgs.python312Packages.mypy-boto3-storagegateway Type annotations for boto3 storagegateway nixos-24.11 boto3-storagegateway-1.35.50 pkgs.home-assistant-component-tests.ruuvi_gateway Open source home automation that puts local control and privacy first nixos-24.11 2024.11.1 pkgs.python311Packages.types-aiobotocore-apigateway Type annotations for aiobotocore apigateway nixos-24.11 2.15.2 pkgs.python312Packages.types-aiobotocore-apigateway Type annotations for aiobotocore apigateway nixos-24.11 2.15.2 pkgs.haskellPackages.amazonka-apigatewaymanagementapi Amazon ApiGatewayManagementApi SDK nixos-24.11 2.0 pkgs.home-assistant-custom-components.xiaomi_gateway3 Home Assistant custom component for control Xiaomi Multimode Gateway (aka Gateway 3), Xiaomi Multimode Gateway 2, Aqara Hub E1 on default firmwares over LAN nixos-24.11 xiaomi_gateway3-4.0.6 pkgs.python311Packages.types-aiobotocore-apigatewayv2 Type annotations for aiobotocore apigatewayv2 nixos-24.11 apigatewayv2-2.15.2 pkgs.python312Packages.types-aiobotocore-apigatewayv2 Type annotations for aiobotocore apigatewayv2 nixos-24.11 apigatewayv2-2.15.2 pkgs.python311Packages.types-aiobotocore-backup-gateway Type annotations for aiobotocore backup-gateway nixos-24.11 2.15.2 pkgs.python311Packages.types-aiobotocore-storagegateway Type annotations for aiobotocore storagegateway nixos-24.11 2.15.2 pkgs.python312Packages.types-aiobotocore-backup-gateway Type annotations for aiobotocore backup-gateway nixos-24.11 2.15.2 pkgs.python312Packages.types-aiobotocore-storagegateway Type annotations for aiobotocore storagegateway nixos-24.11 2.15.2 pkgs.python311Packages.mypy-boto3-apigatewaymanagementapi Type annotations for boto3 apigatewaymanagementapi nixos-24.11 boto3-apigatewaymanagementapi-1.35.0 pkgs.python312Packages.mypy-boto3-apigatewaymanagementapi Type annotations for boto3 apigatewaymanagementapi nixos-24.11 boto3-apigatewaymanagementapi-1.35.0 pkgs.python311Packages.types-aiobotocore-apigatewaymanagementapi Type annotations for aiobotocore apigatewaymanagementapi nixos-24.11 2.15.2 pkgs.python312Packages.types-aiobotocore-apigatewaymanagementapi Type annotations for aiobotocore apigatewaymanagementapi nixos-24.11 2.15.2 Notify package maintainers: 11 @happyalu Alok Parlikar <alok@parlikar.com> @fpletz Franz Pletz <fpletz@fnordicwalking.de> @arikgrahl Arik Grahl <mail@arik-grahl.de> @benley Benjamin Staffin <benley@gmail.com> @ulrikstrid Ulrik Strid <ulrik.strid@outlook.com> @katexochen Paul Meyer @mweinelt Martin Weinelt <hexa@darmstadt.ccc.de> @fabaff Fabian Affolter <mail@fabian-affolter.ch> @mbalatsko Maksym Balatsko <mbalatsko@gmail.com> @Mic92 Jörg Thalheim <joerg@thalheim.io> @azuwis Zhong Jianxin <azuwis@gmail.com>
pkgs.grpc-gateway A gRPC to JSON proxy generator plugin for Google Protocol Buffers nixos-24.11 2.22.0
pkgs.prometheus-pushgateway Allows ephemeral and batch jobs to expose metrics to Prometheus nixos-24.11 1.10.0
pkgs.python311Packages.dask-gateway Client library for interacting with a dask-gateway server nixos-24.11 2023.1.1
pkgs.python312Packages.dask-gateway Client library for interacting with a dask-gateway server nixos-24.11 2023.1.1
pkgs.azure-cli-extensions.arcgateway Microsoft Azure Command-Line Tools Arcgateway Extension nixos-24.11 1.0.0b1
pkgs.python311Packages.aioruuvigateway Asyncio-native library for requesting data from a Ruuvi Gateway nixos-24.11 0.1.0
pkgs.python311Packages.pyxiaomigateway Python library to communicate with the Xiaomi Gateway nixos-24.11 0.14.3
pkgs.python311Packages.quantum-gateway Python library for interacting with Verizon Fios Quantum gateway devices nixos-24.11 0.0.8
pkgs.python312Packages.aioruuvigateway Asyncio-native library for requesting data from a Ruuvi Gateway nixos-24.11 0.1.0
pkgs.python312Packages.pyxiaomigateway Python library to communicate with the Xiaomi Gateway nixos-24.11 0.14.3
pkgs.python312Packages.quantum-gateway Python library for interacting with Verizon Fios Quantum gateway devices nixos-24.11 0.0.8
pkgs.python311Packages.dask-gateway-server Multi-tenant server for securely deploying and managing multiple Dask clusters nixos-24.11 2023.9.0
pkgs.python312Packages.dask-gateway-server Multi-tenant server for securely deploying and managing multiple Dask clusters nixos-24.11 2023.9.0
pkgs.python311Packages.mypy-boto3-apigateway Type annotations for boto3 apigateway nixos-24.11 boto3-apigateway-1.35.25
pkgs.python312Packages.mypy-boto3-apigateway Type annotations for boto3 apigateway nixos-24.11 boto3-apigateway-1.35.25
pkgs.python311Packages.mypy-boto3-apigatewayv2 Type annotations for boto3 apigatewayv2 nixos-24.11 boto3-apigatewayv2-1.35.0
pkgs.python312Packages.mypy-boto3-apigatewayv2 Type annotations for boto3 apigatewayv2 nixos-24.11 boto3-apigatewayv2-1.35.0
pkgs.python311Packages.mypy-boto3-backup-gateway Type annotations for boto3 backup-gateway nixos-24.11 boto3-backup-gateway-1.35.0
pkgs.python311Packages.mypy-boto3-storagegateway Type annotations for boto3 storagegateway nixos-24.11 boto3-storagegateway-1.35.50
pkgs.python312Packages.mypy-boto3-backup-gateway Type annotations for boto3 backup-gateway nixos-24.11 boto3-backup-gateway-1.35.0
pkgs.python312Packages.mypy-boto3-storagegateway Type annotations for boto3 storagegateway nixos-24.11 boto3-storagegateway-1.35.50
pkgs.home-assistant-component-tests.ruuvi_gateway Open source home automation that puts local control and privacy first nixos-24.11 2024.11.1
pkgs.python311Packages.types-aiobotocore-apigateway Type annotations for aiobotocore apigateway nixos-24.11 2.15.2
pkgs.python312Packages.types-aiobotocore-apigateway Type annotations for aiobotocore apigateway nixos-24.11 2.15.2
pkgs.haskellPackages.amazonka-apigatewaymanagementapi Amazon ApiGatewayManagementApi SDK nixos-24.11 2.0
pkgs.home-assistant-custom-components.xiaomi_gateway3 Home Assistant custom component for control Xiaomi Multimode Gateway (aka Gateway 3), Xiaomi Multimode Gateway 2, Aqara Hub E1 on default firmwares over LAN nixos-24.11 xiaomi_gateway3-4.0.6
pkgs.python311Packages.types-aiobotocore-apigatewayv2 Type annotations for aiobotocore apigatewayv2 nixos-24.11 apigatewayv2-2.15.2
pkgs.python312Packages.types-aiobotocore-apigatewayv2 Type annotations for aiobotocore apigatewayv2 nixos-24.11 apigatewayv2-2.15.2
pkgs.python311Packages.types-aiobotocore-backup-gateway Type annotations for aiobotocore backup-gateway nixos-24.11 2.15.2
pkgs.python311Packages.types-aiobotocore-storagegateway Type annotations for aiobotocore storagegateway nixos-24.11 2.15.2
pkgs.python312Packages.types-aiobotocore-backup-gateway Type annotations for aiobotocore backup-gateway nixos-24.11 2.15.2
pkgs.python312Packages.types-aiobotocore-storagegateway Type annotations for aiobotocore storagegateway nixos-24.11 2.15.2
pkgs.python311Packages.mypy-boto3-apigatewaymanagementapi Type annotations for boto3 apigatewaymanagementapi nixos-24.11 boto3-apigatewaymanagementapi-1.35.0
pkgs.python312Packages.mypy-boto3-apigatewaymanagementapi Type annotations for boto3 apigatewaymanagementapi nixos-24.11 boto3-apigatewaymanagementapi-1.35.0
pkgs.python311Packages.types-aiobotocore-apigatewaymanagementapi Type annotations for aiobotocore apigatewaymanagementapi nixos-24.11 2.15.2
pkgs.python312Packages.types-aiobotocore-apigatewaymanagementapi Type annotations for aiobotocore apigatewaymanagementapi nixos-24.11 2.15.2
CVE-2010-3872 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 3 months, 4 weeks ago Httpd: mod_fcgid: stack-based buffer overflow in fcgid_header_bucket_read() in modules/fcgid/fcgid_bucket.c A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application crash. mod_fcgid
CVE-2024-9979 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 4 months ago Pyo3: risk of use-after-free in `borrowed` reads from python weak references A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references. pyo3 <0.22.4 python3.11-nh3 python3.11-rpds-py python3.11-cryptography python3.12-cryptography