Nixpkgs Security Tracker

Login with GitHub

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2024-4028
created 4 months ago
Keycloak-core: stored xss in keycloak when creating a items in admin console

A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting (XSS) attack.

Affected products

keycloak
  • <18.0.8
keycloak-core
rh-sso7-keycloak

Matching in nixpkgs

pkgs.keycloak

Identity and access management for modern applications and services

  • nixos-unstable -

pkgs.terraform-providers.keycloak

  • nixos-unstable -

pkgs.python312Packages.python-keycloak

Provides access to the Keycloak API

  • nixos-unstable -

pkgs.python313Packages.python-keycloak

Provides access to the Keycloak API

  • nixos-unstable -

Package maintainers: 4

CVE-2024-8176
created 4 months ago
Libexpat: expat: improper restriction of xml entity expansion depth in libexpat

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.

Affected products

expat
  • *
rhcos
firefox
libexpat
  • <2.7.0
xmlrpc-c
  • *
lua-expat
mingw-expat
thunderbird
compat-expat1
firefox:flatpak/firefox
discovery/discovery-ui-rhel9
  • *
thunderbird:flatpak/thunderbird
discovery/discovery-server-rhel9
  • *
devworkspace/devworkspace-project-clone-rhel9
  • *
registry.redhat.io/discovery/discovery-ui-rhel9
  • *
registry.redhat.io/discovery/discovery-server-rhel9
  • *
registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9
  • *

Matching in nixpkgs

pkgs.expat

Stream-oriented XML parser library written in C

  • nixos-unstable -

pkgs.hexpatch

Binary patcher and editor written in Rust with a terminal user interface

  • nixos-unstable -

pkgs.xmlrpc_c

Lightweight RPC library based on XML and HTTP

pkgs.xulrunner

Web browser built from Firefox source tree

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

  • nixos-unstable -

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

  • nixos-unstable -

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

  • nixos-unstable -

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account

  • nixos-unstable -

pkgs.luaPackages.luaexpat

XML Expat parsing

pkgs.firefox-esr-unwrapped

Web browser built from Firefox source tree

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

pkgs.haskellPackages.hexpat

XML parser/formatter based on expat

pkgs.lua51Packages.luaexpat

XML Expat parsing

pkgs.lua52Packages.luaexpat

XML Expat parsing

pkgs.lua53Packages.luaexpat

XML Expat parsing

pkgs.lua54Packages.luaexpat

XML Expat parsing

pkgs.luajitPackages.luaexpat

XML Expat parsing

pkgs.haskellPackages.hxt-expat

Expat parser for HXT

  • nixos-unstable -

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

pkgs.haskellPackages.hexpat-pickle

XML picklers based on hexpat, source-code-similar to those of the HXT package

  • nixos-unstable -

pkgs.haskellPackages.hexpat-tagsoup

Parse (possibly malformed) HTML to hexpat tree

  • nixos-unstable -

pkgs.gnomeExtensions.firefox-profiles

Easily launch Firefox with your favorite profile right from the indicator menu!

  • nixos-unstable -
    • nixpkgs-unstable 4

pkgs.chickenPackages_5.chickenEggs.expat

An interface to James Clark's Expat XML parser

  • nixos-unstable -

pkgs.roundcubePlugins.thunderbird_labels

  • nixos-unstable -

pkgs.thunderbirdPackages.thunderbird-128

Full-featured e-mail client

pkgs.thunderbirdPackages.thunderbird-esr

Full-featured e-mail client

pkgs.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

  • nixos-unstable -

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

  • nixos-unstable -

Package maintainers: 19

CVE-2025-0650
created 4 months ago
Ovn: egress acls may be bypassed via specially crafted udp packet

A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.

Affected products

ovn
  • ==24.03.5
  • ==24.09.2
  • ==22.03.8
ovn2.11
ovn2.12
ovn2.13
ovn-2021
ovn22.03
  • *
ovn22.06
  • *
ovn22.09
  • *
ovn22.12
  • *
ovn23.03
  • *
ovn23.06
  • *
ovn23.09
  • *
ovn24.03
  • *
ovn24.09
  • *

Matching in nixpkgs

pkgs.ovn

Open Virtual Network

pkgs.novnc

VNC client web application

  • nixos-unstable -

pkgs.turbovnc

High-speed version of VNC derived from TightVNC

  • nixos-unstable -

pkgs.nanovna-qt

PC GUI software for NanoVNA V2 series

pkgs.nanovna-saver

Tool for reading, displaying and saving data from the NanoVNA

  • nixos-unstable -

Package maintainers: 7

CVE-2025-1828
created 4 months ago
Perl's Crypt::Random module after 1.05 and before 1.56 may use rand() function for cryptographic functions

Crypt::Random Perl package 1.05 through 1.55 may use rand() function, which is not cryptographically strong, for cryptographic functions. Crypt::Random::rand 1.05 through 1.55 uses the rand() function. If the Provider is not specified and /dev/urandom or an Entropy Gathering Daemon (egd) service is not available Crypt::Random will default to use the insecure Crypt::Random::rand provider. In particular, Windows versions of perl will encounter this issue by default.

Affected products

Crypt-Random
  • <1.56

Matching in nixpkgs

pkgs.perlPackages.CryptRandom

Interface to /dev/random and /dev/urandom

  • nixos-unstable -

pkgs.perl538Packages.CryptRandom

Interface to /dev/random and /dev/urandom

  • nixos-unstable -

pkgs.perl540Packages.CryptRandom

Interface to /dev/random and /dev/urandom

  • nixos-unstable -

pkgs.perlPackages.CryptRandomSeed

Provide strong randomness for seeding

  • nixos-unstable -

pkgs.perlPackages.CryptRandomSource

Get weak or strong random data from pluggable sources

  • nixos-unstable -

pkgs.perlPackages.CryptRandomTESHA2

Random numbers using timer/schedule entropy, aka userspace voodoo entropy

pkgs.perl538Packages.CryptRandomSeed

Provide strong randomness for seeding

  • nixos-unstable -

pkgs.perl540Packages.CryptRandomSeed

Provide strong randomness for seeding

  • nixos-unstable -

pkgs.perl538Packages.CryptRandomSource

Get weak or strong random data from pluggable sources

  • nixos-unstable -

pkgs.perl538Packages.CryptRandomTESHA2

Random numbers using timer/schedule entropy, aka userspace voodoo entropy

pkgs.perl540Packages.CryptRandomSource

Get weak or strong random data from pluggable sources

  • nixos-unstable -

pkgs.perl540Packages.CryptRandomTESHA2

Random numbers using timer/schedule entropy, aka userspace voodoo entropy

Package maintainers: 1

CVE-2025-1125
created 4 months ago
Grub2: fs/hfs: integer overflow may lead to heap based out-of-bounds write

When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result the hfsplus_open_compressed_real() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution by-passing secure boot protections.

Affected products

grub2
  • =<2.12
rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

Package maintainers: 4

CVE-2025-0689
created 4 months ago
Grub2: udf: heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution

When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections.

Affected products

grub2
  • =<2.12
rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

Package maintainers: 4

CVE-2025-0685
created 4 months ago
Grub2: jfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data

A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_jfs_lookup_symlink() function will write past the internal buffer length during grub_jfs_read_file(). This issue can be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.

Affected products

grub2
  • =<2.12
rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

Package maintainers: 4

CVE-2025-27274
created 4 months ago
WordPress GPX Viewer plugin <= 2.2.11 - Path Traversal vulnerability

Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX Viewer: from n/a through 2.2.11.

Affected products

gpx-viewer
  • =<2.2.11

Matching in nixpkgs

pkgs.gpx-viewer

Simple tool to visualize tracks and waypoints stored in a gpx file

  • nixos-unstable -

Package maintainers: 1

CVE-2024-45778
created 4 months ago
Grub2: fs/bfs: integer overflow in the bfs parser.

A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.

Affected products

grub2
  • =<2.12
rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

Package maintainers: 4

CVE-2024-45782
created 4 months ago
Grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382)

A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually leading to a secure boot protection bypass.

Affected products

grub2
  • =<2.12
rhcos

Matching in nixpkgs

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable

Package maintainers: 4