Automatically generated suggestions

Create Draft to queue a suggestion for refinement.

Dismiss to remove a suggestion from the queue.

CVE-2025-30192
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 month, 1 week ago
A Recursor configured to send out ECS enabled queries can be sensitive to spoofing attempts

An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and enforcing stricter validation of the received answers. The most strict mitigation done when the new setting outgoing.edns_subnet_harden (old style name edns-subnet-harden) is enabled.

pdns-recursor
==5.1.6
==5.0.12
==5.2.4

pkgs.pdns-recursor

Recursive DNS server
Package maintainers: 1
CVE-2025-7783 created 1 month, 1 week ago
Usage of unsafe random function in form-data for choosing boundary

Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.

form-data
==4.0.0 - 4.0.3
==3.0.0 - 3.0.3
==< 2.5.4

pkgs.python312Packages.streaming-form-data

Streaming parser for multipart/form-data

pkgs.python313Packages.streaming-form-data

Streaming parser for multipart/form-data

pkgs.chickenPackages_5.chickenEggs.multipart-form-data

Reads & decodes HTTP multipart/form-data requests.
Package maintainers: 1
CVE-2025-3753
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 1 week ago
Unsafe use of eval() method in rosbag tool

A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() function to process unsanitized, user-supplied input in the 'rosbag filter' command. This flaw enables attackers to craft and execute arbitrary Python code.

rosbag
==Indigo Igloo
==Noetic Ninjemys
==Melodic Morenia
==Kinetic Kame

pkgs.python312Packages.rosbags

Pure Python library to read, modify, convert, and write rosbag files

pkgs.python313Packages.rosbags

Pure Python library to read, modify, convert, and write rosbag files
Package maintainers: 1
CVE-2025-40924
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 month, 1 week ago
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a (usually SHA-1) hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems.

Catalyst-Plugin-Session
<0.44

pkgs.perlPackages.CatalystPluginSession

Generic Session plugin - ties together server side storage and client side state required to maintain session data

pkgs.perl538Packages.CatalystPluginSession

Generic Session plugin - ties together server side storage and client side state required to maintain session data

pkgs.perl540Packages.CatalystPluginSession

Generic Session plugin - ties together server side storage and client side state required to maintain session data

pkgs.perlPackages.CatalystPluginSessionStoreFile

File storage backend for session data

pkgs.perlPackages.CatalystPluginSessionStateCookie

Maintain session IDs using cookies

pkgs.perl538Packages.CatalystPluginSessionStoreFile

File storage backend for session data

pkgs.perl540Packages.CatalystPluginSessionStoreFile

File storage backend for session data

pkgs.perlPackages.CatalystPluginSessionDynamicExpiry

Per-session custom expiry times

pkgs.perlPackages.CatalystPluginSessionStoreFastMmap

FastMmap session storage backend

pkgs.perl538Packages.CatalystPluginSessionStateCookie

Maintain session IDs using cookies

pkgs.perl540Packages.CatalystPluginSessionStateCookie

Maintain session IDs using cookies

pkgs.perl538Packages.CatalystPluginSessionDynamicExpiry

Per-session custom expiry times

pkgs.perl538Packages.CatalystPluginSessionStoreFastMmap

FastMmap session storage backend

pkgs.perl540Packages.CatalystPluginSessionDynamicExpiry

Per-session custom expiry times

pkgs.perl540Packages.CatalystPluginSessionStoreFastMmap

FastMmap session storage backend
CVE-2025-40918
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 month, 1 week ago
Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely

Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. According to RFC 2831, The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.

Authen-SASL
=<2.1800

pkgs.perlPackages.AuthenSASL

SASL Authentication framework

pkgs.perl538Packages.AuthenSASL

SASL Authentication framework

pkgs.perl540Packages.AuthenSASL

SASL Authentication framework

pkgs.perlPackages.AuthenSASLSASLprep

Stringprep Profile for User Names and Passwords (RFC 4013)

pkgs.perl538Packages.AuthenSASLSASLprep

Stringprep Profile for User Names and Passwords (RFC 4013)

pkgs.perl540Packages.AuthenSASLSASLprep

Stringprep Profile for User Names and Passwords (RFC 4013)
Package maintainers: 1
CVE-2025-52803
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 month, 1 week ago
WordPress Sala theme <= 1.1.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in uxper Sala allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Sala: from n/a through 1.1.3.

sala
=<1.1.3

pkgs.python312Packages.datasalad

Pure-Python library with a collection of utilities for working with Git and git-annex

pkgs.python313Packages.datasalad

Pure-Python library with a collection of utilities for working with Git and git-annex

pkgs.python312Packages.schema-salad

Semantic Annotations for Linked Avro Data

pkgs.python313Packages.schema-salad

Semantic Annotations for Linked Avro Data
Package maintainers: 2
CVE-2025-40923
7.3 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 month, 1 week ago
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely

Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems.

Plack-Middleware-Session
<0.35

pkgs.perlPackages.PlackMiddlewareSession

Middleware for session management

pkgs.perl538Packages.PlackMiddlewareSession

Middleware for session management

pkgs.perl540Packages.PlackMiddlewareSession

Middleware for session management
CVE-2025-7519
6.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 1 week ago
Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

rhcos
polkit
=<126

pkgs.polkit

Toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes

pkgs.cmd-polkit

Easily create polkit authentication agents by using commands

pkgs.polkit_gnome

Dbus session bus service that is used to bring up authentication dialogs

pkgs.hyprpolkitagent

Polkit authentication agent written in QT/QML

pkgs.mate.mate-polkit

Integrates polkit authentication for MATE desktop

pkgs.pcscliteWithPolkit

Middleware to access a smart card using SCard API (PC/SC)

pkgs.libsForQt5.polkit-qt

Qt wrapper around PolKit

pkgs.kdePackages.polkit-qt-1

Qt wrapper around Polkit-1 client libraries

pkgs.plasma5Packages.polkit-qt

Qt wrapper around PolKit

pkgs.lomiri.lomiri-polkit-agent

Policy kit agent for the Lomiri desktop

pkgs.kdePackages.polkit-kde-agent-1

Daemon providing a Polkit authentication UI for Plasma

pkgs.pantheon.pantheon-agent-polkit

Polkit Agent for the Pantheon Desktop
Package maintainers: 20
CVE-2025-6491
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 month, 1 week ago
NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.

soap
<8.2.29
<8.3.23
<8.1.33
<8.4.10

pkgs.gsoap

C/C++ toolkit for SOAP web services and XML-based applications

pkgs.soapui

Most Advanced REST & SOAP Testing Tool in the World

pkgs.liquidsoap

Swiss-army knife for multimedia streaming

pkgs.soapyaudio

SoapySDR plugin for amateur radio and audio devices

pkgs.soapyairspy

SoapySDR plugin for Airspy devices

pkgs.soapyhackrf

SoapySDR plugin for HackRF devices

pkgs.soapyrtlsdr

SoapySDR plugin for RTL-SDR devices

pkgs.soapybladerf

SoapySDR plugin for BladeRF devices

pkgs.soapyplutosdr

SoapySDR plugin for Pluto SDR devices

pkgs.libsForQt5.kdsoap

Qt-based client-side and server-side SOAP component

pkgs.kdePackages.kdsoap

Qt-based client-side and server-side SOAP component

pkgs.qt6Packages.kdsoap

Qt-based client-side and server-side SOAP component

pkgs.php81Extensions.soap

PHP upstream extension: soap

pkgs.php82Extensions.soap

PHP upstream extension: soap

pkgs.php83Extensions.soap

PHP upstream extension: soap

pkgs.php84Extensions.soap

PHP upstream extension: soap

pkgs.plasma5Packages.kdsoap

Qt-based client-side and server-side SOAP component

pkgs.python312Packages.pysimplesoap

Python simple and lightweight SOAP Library

pkgs.python313Packages.pysimplesoap

Python simple and lightweight SOAP Library

pkgs.kdePackages.kdsoap-ws-discovery-client

Library for finding WS-Discovery devices in the network using Qt5 and KDSoap.

pkgs.vimPlugins.nvim-treesitter-parsers.liquidsoap

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.pkg-config.defaultPkgConfigPackages.SoapySDR

Test whether soapysdr-0.8.1-unstable-2025-03-30-03 exposes pkg-config modules SoapySDR
  • nixos-unstable ???
    • nixpkgs-unstable
Package maintainers: 21
CVE-2025-7425
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 1 week ago
Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

rhcos
libxml2
*
libxslt
rhosdt/jaeger-agent-rhel8
*
rhosdt/jaeger-query-rhel8
*
rhosdt/jaeger-ingester-rhel8
*
rhosdt/jaeger-rhel8-operator
*
rhosdt/jaeger-collector-rhel8
*
rhosdt/jaeger-operator-bundle
*
rhosdt/jaeger-all-in-one-rhel8
*
rhosdt/jaeger-es-rollover-rhel8
*
discovery/discovery-server-rhel9
*
rhosdt/jaeger-es-index-cleaner-rhel8
*
web-terminal/web-terminal-tooling-rhel9
*
cert-manager/jetstack-cert-manager-rhel9
*
web-terminal/web-terminal-rhel9-operator
*
registry.redhat.io/rhosdt/jaeger-agent-rhel8
*
registry.redhat.io/rhosdt/jaeger-query-rhel8
*
insights-proxy/insights-proxy-container-rhel9
*
registry.redhat.io/rhosdt/jaeger-ingester-rhel8
*
registry.redhat.io/rhosdt/jaeger-rhel8-operator
*
registry.redhat.io/rhosdt/jaeger-collector-rhel8
*
registry.redhat.io/rhosdt/jaeger-operator-bundle
*
registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8
*
registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8
*
registry.redhat.io/discovery/discovery-server-rhel9
*
registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8
*
registry.redhat.io/insights-proxy/insights-proxy-container-rhel9
*

pkgs.libxslt

C library and tools to do XSL transformations

pkgs.python312Packages.libxslt

C library and tools to do XSL transformations

pkgs.python313Packages.libxslt

C library and tools to do XSL transformations
Package maintainers: 1