Dismissed suggestions Untriaged suggestions Draft issues Published issues Automatically generated suggestions Create Draft to queue a suggestion for refinement. Dismiss to remove a suggestion from the queue. CVE-2025-27288 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 week, 4 days ago WordPress File Icons Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BjornW File Icons allows Reflected XSS. This issue affects File Icons: from n/a through 2.1. file-icons =<2.1 pkgs.emacsPackages.magit-file-icons nixos-24.11 20240627.1228 nixpkgs-24.11-darwin 20240627.1228 nixos-24.11-small 20240627.1228 nixos-unstable 20240627.1228 nixos-unstable-small 20240627.1228 nixpkgs-unstable 20240627.1228 pkgs.vscode-extensions.file-icons.file-icons File-specific icons in VSCode for improved visual grepping nixos-24.05 1.0.29 nixpkgs-24.05-darwin 1.0.29 nixos-24.05-small 1.0.29 nixos-24.11 1.0.29 nixpkgs-24.11-darwin 1.0.29 nixos-24.11-small 1.0.29 nixos-unstable 1.0.29 nixos-unstable-small 1.0.29 nixpkgs-unstable 1.0.29 CVE-2025-39438 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE created 1 week, 4 days ago WordPress Theme Changer plugin <= 1.3 - Cross Site Request Forgery (CSRF) vulnerability Cross-Site Request Forgery (CSRF) vulnerability in momen2009 Theme Changer allows Cross Site Request Forgery. This issue affects Theme Changer: from n/a through 1.3. theme-changer =<1.3 pkgs.emacsPackages.theme-changer nixos-24.05 20230904.1706 nixpkgs-24.05-darwin 20230904.1706 nixos-24.05-small 20230904.1706 nixos-24.11 20230904.1706 nixpkgs-24.11-darwin 20230904.1706 nixos-24.11-small 20230904.1706 nixos-unstable 20230904.1706 nixos-unstable-small 20230904.1706 nixpkgs-unstable 20230904.1706 pkgs.gnomeExtensions.dm-theme-changer Automatically change theme styles when dark mode is enabled or disabled. nixos-24.11 4 nixpkgs-24.11-darwin 4 nixos-24.11-small 4 nixos-unstable 4 nixos-unstable-small 4 nixpkgs-unstable 4 Notify package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2024-22051 9.8 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 week, 4 days ago CommonMarker Integer Overflow Vulnerability CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker rows that contain more than UINT16_MAX columns. commonmarker <0.23.4 pkgs.rubyPackages.commonmarker nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 pkgs.rubyPackages_3_1.commonmarker nixos-24.05 0.23.10 nixpkgs-24.05-darwin 0.23.10 nixos-24.05-small 0.23.10 nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10 pkgs.rubyPackages_3_2.commonmarker nixos-24.05 0.23.10 nixpkgs-24.05-darwin 0.23.10 nixos-24.05-small 0.23.10 nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10 pkgs.rubyPackages_3_3.commonmarker nixos-24.05 0.23.10 nixpkgs-24.05-darwin 0.23.10 nixos-24.05-small 0.23.10 nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10 pkgs.rubyPackages_3_4.commonmarker nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10 CVE-2025-39436 9.1 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 week, 4 days ago WordPress I Draw <= 1.0 - Arbitrary File Upload Vulnerability Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw allows Using Malicious Files. This issue affects I Draw: from n/a through 1.0. idraw =<1.0 pkgs.kanjidraw Handwritten kanji recognition nixos-24.05 0.2.3 nixpkgs-24.05-darwin 0.2.3 nixos-24.05-small 0.2.3 nixos-24.11 0.2.3 nixpkgs-24.11-darwin 0.2.3 nixos-24.11-small 0.2.3 nixos-unstable 0.2.3 nixos-unstable-small 0.2.3 nixpkgs-unstable 0.2.3 pkgs.jitsi-excalidraw Excalidraw collaboration backend for Jitsi nixos-24.05 17 nixpkgs-24.05-darwin 17 nixos-24.05-small 17 nixos-24.11 21 nixpkgs-24.11-darwin 21 nixos-24.11-small 21 nixos-unstable 21 nixos-unstable-small 21 nixpkgs-unstable 21 pkgs.excalidraw_export CLI to export Excalidraw drawings to SVG and PDF nixos-unstable 1.1.0 nixos-unstable-small 1.1.0 nixpkgs-unstable 1.1.0 pkgs.tests.pkg-config.defaultPkgConfigPackages.hidapi-hidraw Test whether hidapi-0.14.0 exposes pkg-config modules hidapi-hidraw. nixos-24.05 ??? nixpkgs-24.05-darwin nixos-24.05-small nixos-24.11 ??? nixpkgs-24.11-darwin nixos-24.11-small nixos-unstable ??? nixos-unstable-small nixpkgs-unstable Notify package maintainers: 4 @obfusk FC Stegerman <flx@obfusk.net> @camillemndn Camille M. <camillemondon@free.fr> @venikx Kevin De Baerdemaeker <code@venikx.com> @prusnak Pavol Rusnak <pavol@rusnak.io> CVE-2025-27324 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 week, 4 days ago WordPress 17TRACK for WooCommerce Plugin <= 1.2.10 - Reflected Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 17track 17TRACK for WooCommerce allows Reflected XSS. This issue affects 17TRACK for WooCommerce: from n/a through 1.2.10. 17track =<1.2.10 pkgs.python311Packages.py17track Python library to track package info from 17track.com nixos-24.05 py17track-2021.12.2 nixpkgs-24.05-darwin py17track-2021.12.2 nixos-24.05-small py17track-2021.12.2 pkgs.python312Packages.py17track Python library to track package info from 17track.com nixos-24.05 py17track-2021.12.2 nixpkgs-24.05-darwin py17track-2021.12.2 nixos-24.05-small py17track-2021.12.2 Notify package maintainers: 1 @fabaff Fabian Affolter <mail@fabian-affolter.ch> CVE-2025-39580 5.8 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): NONE created 1 week, 4 days ago WordPress Dashi <= 3.1.8 - Broken Access Control Vulnerability Missing Authorization vulnerability in jidaikobo Dashi allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dashi: from n/a through 3.1.8. dashi =<3.1.8 pkgs.dashing A Dash Generator Script for Any HTML nixos-24.05 0.4.0 nixpkgs-24.05-darwin 0.4.0 nixos-24.05-small 0.4.0 nixos-24.11 0.4.0 nixpkgs-24.11-darwin 0.4.0 nixos-24.11-small 0.4.0 nixos-unstable 0.4.0 nixos-unstable-small 0.4.0 nixpkgs-unstable 0.4.0 pkgs.python311Packages.dashing Terminal dashboards for Python nixos-24.05 0.1.0 nixpkgs-24.05-darwin 0.1.0 nixos-24.05-small 0.1.0 nixos-24.11 0.1.0 nixpkgs-24.11-darwin 0.1.0 nixos-24.11-small 0.1.0 nixos-unstable 0.1.0 nixos-unstable-small 0.1.0 nixpkgs-unstable 0.1.0 pkgs.python312Packages.dashing Terminal dashboards for Python nixos-24.05 0.1.0 nixpkgs-24.05-darwin 0.1.0 nixos-24.05-small 0.1.0 nixos-24.11 0.1.0 nixpkgs-24.11-darwin 0.1.0 nixos-24.11-small 0.1.0 nixos-unstable 0.1.0 nixos-unstable-small 0.1.0 nixpkgs-unstable 0.1.0 Notify package maintainers: 1 @juliusrickert Julius Rickert <nixpkgs@juliusrickert.de> CVE-2025-24655 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 week, 4 days ago WordPress Wishlist Plugin <= 1.0.39 - Reflected Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist allows Reflected XSS. This issue affects Wishlist: from n/a through 1.0.39. wishlist =<1.0.39 pkgs.wishlist A single entrypoint for multiple SSH endpoints nixos-24.05 0.14.1 nixpkgs-24.05-darwin 0.14.1 nixos-24.05-small 0.14.1 nixos-24.11 0.15.0 nixpkgs-24.11-darwin 0.15.0 nixos-24.11-small 0.15.0 nixos-unstable 0.15.0 nixos-unstable-small 0.15.0 nixpkgs-unstable 0.15.0 Notify package maintainers: 2 @caarlos0 Carlos A Becker <carlos@becker.software> @penguwin Nicolas Martin <penguwin@penguwin.eu> CVE-2025-32911 9.0 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 week, 6 days ago Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Notify package maintainers: 6 @lovek323 Jason O'Conal <jason@oconal.id.au> @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @7c6f434c Michael Raskin <7c6f434c@mail.ru> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk> CVE-2024-2182 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 week, 6 days ago Ovn: insufficient validation of bfd packets may lead to denial of service A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service. ovn * ovn2.11 ovn2.12 ovn2.13 ovn-2021 * ovn22.03 * ovn22.06 ovn22.09 ovn22.12 * ovn23.03 * ovn23.06 * ovn23.09 * pkgs.ovn Open Virtual Network nixos-24.11 24.09.1 nixpkgs-24.11-darwin 24.09.1 nixos-24.11-small 24.09.1 nixos-unstable 24.09.1 nixos-unstable-small 24.09.1 nixpkgs-unstable 24.09.1 pkgs.novnc VNC client web application nixos-24.05 1.4.0 nixpkgs-24.05-darwin 1.4.0 nixos-24.05-small 1.4.0 nixos-24.11 1.5.0 nixpkgs-24.11-darwin 1.5.0 nixos-24.11-small 1.5.0 nixos-unstable 1.5.0 nixos-unstable-small 1.5.0 nixpkgs-unstable 1.5.0 pkgs.ovn-lts Open Virtual Network nixos-24.05 24.03.2 nixpkgs-24.05-darwin 24.03.2 nixos-24.05-small 24.03.2 pkgs.turbovnc High-speed version of VNC derived from TightVNC nixos-24.05 3.1 nixpkgs-24.05-darwin 3.1 nixos-24.05-small 3.1 nixos-24.11 3.1.2 nixpkgs-24.11-darwin 3.1.2 nixos-24.11-small 3.1.2 nixos-unstable 3.1.3 nixos-unstable-small 3.1.3 nixpkgs-unstable 3.1.3 pkgs.nanovna-saver A tool for reading, displaying and saving data from the NanoVNA nixos-24.05 0.6.3 nixpkgs-24.05-darwin 0.6.3 nixos-24.05-small 0.6.3 nixos-24.11 0.6.4 nixpkgs-24.11-darwin 0.6.4 nixos-24.11-small 0.6.4 nixos-unstable 0.6.5 nixos-unstable-small 0.6.5 nixpkgs-unstable 0.6.5 pkgs.python311Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0 nixos-24.11 0.6.0 nixpkgs-24.11-darwin 0.6.0 nixos-24.11-small 0.6.0 nixos-unstable 0.6.0 nixos-unstable-small 0.6.0 nixpkgs-unstable 0.6.0 pkgs.python312Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0 Notify package maintainers: 6 @adamcstephens Adam C. Stephens <happy.plan4249@valkor.net> @NeverBehave Xinhao Luo <i@never.pet> @nh2 Niklas Hambüchen <mail@nh2.me> @zaninime Francesco Zanini <francesco@zanini.me> @hesiod Tobias Markus <tobias@markus-regensburg.de> @npatsakula Patsakula Nikita <nikita.patsakula@gmail.com> CVE-2025-3576 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): NONE created 1 week, 6 days ago Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. krb5 rhcos aap-cloud-metrics-collector-container ansible-automation-platform-24/ee-minimal-rhel9 ansible-automation-platform-24/ee-supported-rhel8 ansible-automation-platform-25/ansible-builder-rhel8 ansible-automation-platform-24/platform-resource-runner-rhel8 pkgs.krb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.libkrb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.pam_krb5 PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC nixos-24.05 krb5-4.11 nixpkgs-24.05-darwin krb5-4.11 nixos-24.05-small krb5-4.11 nixos-24.11 krb5-4.11 nixpkgs-24.11-darwin krb5-4.11 nixos-24.11-small krb5-4.11 nixos-unstable krb5-4.11 nixos-unstable-small krb5-4.11 nixpkgs-unstable krb5-4.11 pkgs.python311Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 pkgs.python312Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 Notify package maintainers: 2 @invokes-su Souvik Sen <nixpkgs-commits@deshaw.com> @de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
CVE-2025-27288 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 week, 4 days ago WordPress File Icons Plugin <= 2.1 - Reflected Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BjornW File Icons allows Reflected XSS. This issue affects File Icons: from n/a through 2.1. file-icons =<2.1 pkgs.emacsPackages.magit-file-icons nixos-24.11 20240627.1228 nixpkgs-24.11-darwin 20240627.1228 nixos-24.11-small 20240627.1228 nixos-unstable 20240627.1228 nixos-unstable-small 20240627.1228 nixpkgs-unstable 20240627.1228 pkgs.vscode-extensions.file-icons.file-icons File-specific icons in VSCode for improved visual grepping nixos-24.05 1.0.29 nixpkgs-24.05-darwin 1.0.29 nixos-24.05-small 1.0.29 nixos-24.11 1.0.29 nixpkgs-24.11-darwin 1.0.29 nixos-24.11-small 1.0.29 nixos-unstable 1.0.29 nixos-unstable-small 1.0.29 nixpkgs-unstable 1.0.29
pkgs.emacsPackages.magit-file-icons nixos-24.11 20240627.1228 nixpkgs-24.11-darwin 20240627.1228 nixos-24.11-small 20240627.1228 nixos-unstable 20240627.1228 nixos-unstable-small 20240627.1228 nixpkgs-unstable 20240627.1228
pkgs.vscode-extensions.file-icons.file-icons File-specific icons in VSCode for improved visual grepping nixos-24.05 1.0.29 nixpkgs-24.05-darwin 1.0.29 nixos-24.05-small 1.0.29 nixos-24.11 1.0.29 nixpkgs-24.11-darwin 1.0.29 nixos-24.11-small 1.0.29 nixos-unstable 1.0.29 nixos-unstable-small 1.0.29 nixpkgs-unstable 1.0.29
CVE-2025-39438 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE created 1 week, 4 days ago WordPress Theme Changer plugin <= 1.3 - Cross Site Request Forgery (CSRF) vulnerability Cross-Site Request Forgery (CSRF) vulnerability in momen2009 Theme Changer allows Cross Site Request Forgery. This issue affects Theme Changer: from n/a through 1.3. theme-changer =<1.3 pkgs.emacsPackages.theme-changer nixos-24.05 20230904.1706 nixpkgs-24.05-darwin 20230904.1706 nixos-24.05-small 20230904.1706 nixos-24.11 20230904.1706 nixpkgs-24.11-darwin 20230904.1706 nixos-24.11-small 20230904.1706 nixos-unstable 20230904.1706 nixos-unstable-small 20230904.1706 nixpkgs-unstable 20230904.1706 pkgs.gnomeExtensions.dm-theme-changer Automatically change theme styles when dark mode is enabled or disabled. nixos-24.11 4 nixpkgs-24.11-darwin 4 nixos-24.11-small 4 nixos-unstable 4 nixos-unstable-small 4 nixpkgs-unstable 4 Notify package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.emacsPackages.theme-changer nixos-24.05 20230904.1706 nixpkgs-24.05-darwin 20230904.1706 nixos-24.05-small 20230904.1706 nixos-24.11 20230904.1706 nixpkgs-24.11-darwin 20230904.1706 nixos-24.11-small 20230904.1706 nixos-unstable 20230904.1706 nixos-unstable-small 20230904.1706 nixpkgs-unstable 20230904.1706
pkgs.gnomeExtensions.dm-theme-changer Automatically change theme styles when dark mode is enabled or disabled. nixos-24.11 4 nixpkgs-24.11-darwin 4 nixos-24.11-small 4 nixos-unstable 4 nixos-unstable-small 4 nixpkgs-unstable 4
CVE-2024-22051 9.8 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 week, 4 days ago CommonMarker Integer Overflow Vulnerability CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker rows that contain more than UINT16_MAX columns. commonmarker <0.23.4 pkgs.rubyPackages.commonmarker nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 pkgs.rubyPackages_3_1.commonmarker nixos-24.05 0.23.10 nixpkgs-24.05-darwin 0.23.10 nixos-24.05-small 0.23.10 nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10 pkgs.rubyPackages_3_2.commonmarker nixos-24.05 0.23.10 nixpkgs-24.05-darwin 0.23.10 nixos-24.05-small 0.23.10 nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10 pkgs.rubyPackages_3_3.commonmarker nixos-24.05 0.23.10 nixpkgs-24.05-darwin 0.23.10 nixos-24.05-small 0.23.10 nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10 pkgs.rubyPackages_3_4.commonmarker nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10
pkgs.rubyPackages_3_1.commonmarker nixos-24.05 0.23.10 nixpkgs-24.05-darwin 0.23.10 nixos-24.05-small 0.23.10 nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10
pkgs.rubyPackages_3_2.commonmarker nixos-24.05 0.23.10 nixpkgs-24.05-darwin 0.23.10 nixos-24.05-small 0.23.10 nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10
pkgs.rubyPackages_3_3.commonmarker nixos-24.05 0.23.10 nixpkgs-24.05-darwin 0.23.10 nixos-24.05-small 0.23.10 nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10
pkgs.rubyPackages_3_4.commonmarker nixos-24.11 0.23.10 nixpkgs-24.11-darwin 0.23.10 nixos-24.11-small 0.23.10 nixos-unstable 0.23.10 nixos-unstable-small 0.23.10 nixpkgs-unstable 0.23.10
CVE-2025-39436 9.1 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 week, 4 days ago WordPress I Draw <= 1.0 - Arbitrary File Upload Vulnerability Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw allows Using Malicious Files. This issue affects I Draw: from n/a through 1.0. idraw =<1.0 pkgs.kanjidraw Handwritten kanji recognition nixos-24.05 0.2.3 nixpkgs-24.05-darwin 0.2.3 nixos-24.05-small 0.2.3 nixos-24.11 0.2.3 nixpkgs-24.11-darwin 0.2.3 nixos-24.11-small 0.2.3 nixos-unstable 0.2.3 nixos-unstable-small 0.2.3 nixpkgs-unstable 0.2.3 pkgs.jitsi-excalidraw Excalidraw collaboration backend for Jitsi nixos-24.05 17 nixpkgs-24.05-darwin 17 nixos-24.05-small 17 nixos-24.11 21 nixpkgs-24.11-darwin 21 nixos-24.11-small 21 nixos-unstable 21 nixos-unstable-small 21 nixpkgs-unstable 21 pkgs.excalidraw_export CLI to export Excalidraw drawings to SVG and PDF nixos-unstable 1.1.0 nixos-unstable-small 1.1.0 nixpkgs-unstable 1.1.0 pkgs.tests.pkg-config.defaultPkgConfigPackages.hidapi-hidraw Test whether hidapi-0.14.0 exposes pkg-config modules hidapi-hidraw. nixos-24.05 ??? nixpkgs-24.05-darwin nixos-24.05-small nixos-24.11 ??? nixpkgs-24.11-darwin nixos-24.11-small nixos-unstable ??? nixos-unstable-small nixpkgs-unstable Notify package maintainers: 4 @obfusk FC Stegerman <flx@obfusk.net> @camillemndn Camille M. <camillemondon@free.fr> @venikx Kevin De Baerdemaeker <code@venikx.com> @prusnak Pavol Rusnak <pavol@rusnak.io>
pkgs.kanjidraw Handwritten kanji recognition nixos-24.05 0.2.3 nixpkgs-24.05-darwin 0.2.3 nixos-24.05-small 0.2.3 nixos-24.11 0.2.3 nixpkgs-24.11-darwin 0.2.3 nixos-24.11-small 0.2.3 nixos-unstable 0.2.3 nixos-unstable-small 0.2.3 nixpkgs-unstable 0.2.3
pkgs.jitsi-excalidraw Excalidraw collaboration backend for Jitsi nixos-24.05 17 nixpkgs-24.05-darwin 17 nixos-24.05-small 17 nixos-24.11 21 nixpkgs-24.11-darwin 21 nixos-24.11-small 21 nixos-unstable 21 nixos-unstable-small 21 nixpkgs-unstable 21
pkgs.excalidraw_export CLI to export Excalidraw drawings to SVG and PDF nixos-unstable 1.1.0 nixos-unstable-small 1.1.0 nixpkgs-unstable 1.1.0
pkgs.tests.pkg-config.defaultPkgConfigPackages.hidapi-hidraw Test whether hidapi-0.14.0 exposes pkg-config modules hidapi-hidraw. nixos-24.05 ??? nixpkgs-24.05-darwin nixos-24.05-small nixos-24.11 ??? nixpkgs-24.11-darwin nixos-24.11-small nixos-unstable ??? nixos-unstable-small nixpkgs-unstable
CVE-2025-27324 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 week, 4 days ago WordPress 17TRACK for WooCommerce Plugin <= 1.2.10 - Reflected Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 17track 17TRACK for WooCommerce allows Reflected XSS. This issue affects 17TRACK for WooCommerce: from n/a through 1.2.10. 17track =<1.2.10 pkgs.python311Packages.py17track Python library to track package info from 17track.com nixos-24.05 py17track-2021.12.2 nixpkgs-24.05-darwin py17track-2021.12.2 nixos-24.05-small py17track-2021.12.2 pkgs.python312Packages.py17track Python library to track package info from 17track.com nixos-24.05 py17track-2021.12.2 nixpkgs-24.05-darwin py17track-2021.12.2 nixos-24.05-small py17track-2021.12.2 Notify package maintainers: 1 @fabaff Fabian Affolter <mail@fabian-affolter.ch>
pkgs.python311Packages.py17track Python library to track package info from 17track.com nixos-24.05 py17track-2021.12.2 nixpkgs-24.05-darwin py17track-2021.12.2 nixos-24.05-small py17track-2021.12.2
pkgs.python312Packages.py17track Python library to track package info from 17track.com nixos-24.05 py17track-2021.12.2 nixpkgs-24.05-darwin py17track-2021.12.2 nixos-24.05-small py17track-2021.12.2
CVE-2025-39580 5.8 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): NONE created 1 week, 4 days ago WordPress Dashi <= 3.1.8 - Broken Access Control Vulnerability Missing Authorization vulnerability in jidaikobo Dashi allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dashi: from n/a through 3.1.8. dashi =<3.1.8 pkgs.dashing A Dash Generator Script for Any HTML nixos-24.05 0.4.0 nixpkgs-24.05-darwin 0.4.0 nixos-24.05-small 0.4.0 nixos-24.11 0.4.0 nixpkgs-24.11-darwin 0.4.0 nixos-24.11-small 0.4.0 nixos-unstable 0.4.0 nixos-unstable-small 0.4.0 nixpkgs-unstable 0.4.0 pkgs.python311Packages.dashing Terminal dashboards for Python nixos-24.05 0.1.0 nixpkgs-24.05-darwin 0.1.0 nixos-24.05-small 0.1.0 nixos-24.11 0.1.0 nixpkgs-24.11-darwin 0.1.0 nixos-24.11-small 0.1.0 nixos-unstable 0.1.0 nixos-unstable-small 0.1.0 nixpkgs-unstable 0.1.0 pkgs.python312Packages.dashing Terminal dashboards for Python nixos-24.05 0.1.0 nixpkgs-24.05-darwin 0.1.0 nixos-24.05-small 0.1.0 nixos-24.11 0.1.0 nixpkgs-24.11-darwin 0.1.0 nixos-24.11-small 0.1.0 nixos-unstable 0.1.0 nixos-unstable-small 0.1.0 nixpkgs-unstable 0.1.0 Notify package maintainers: 1 @juliusrickert Julius Rickert <nixpkgs@juliusrickert.de>
pkgs.dashing A Dash Generator Script for Any HTML nixos-24.05 0.4.0 nixpkgs-24.05-darwin 0.4.0 nixos-24.05-small 0.4.0 nixos-24.11 0.4.0 nixpkgs-24.11-darwin 0.4.0 nixos-24.11-small 0.4.0 nixos-unstable 0.4.0 nixos-unstable-small 0.4.0 nixpkgs-unstable 0.4.0
pkgs.python311Packages.dashing Terminal dashboards for Python nixos-24.05 0.1.0 nixpkgs-24.05-darwin 0.1.0 nixos-24.05-small 0.1.0 nixos-24.11 0.1.0 nixpkgs-24.11-darwin 0.1.0 nixos-24.11-small 0.1.0 nixos-unstable 0.1.0 nixos-unstable-small 0.1.0 nixpkgs-unstable 0.1.0
pkgs.python312Packages.dashing Terminal dashboards for Python nixos-24.05 0.1.0 nixpkgs-24.05-darwin 0.1.0 nixos-24.05-small 0.1.0 nixos-24.11 0.1.0 nixpkgs-24.11-darwin 0.1.0 nixos-24.11-small 0.1.0 nixos-unstable 0.1.0 nixos-unstable-small 0.1.0 nixpkgs-unstable 0.1.0
CVE-2025-24655 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 1 week, 4 days ago WordPress Wishlist Plugin <= 1.0.39 - Reflected Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist allows Reflected XSS. This issue affects Wishlist: from n/a through 1.0.39. wishlist =<1.0.39 pkgs.wishlist A single entrypoint for multiple SSH endpoints nixos-24.05 0.14.1 nixpkgs-24.05-darwin 0.14.1 nixos-24.05-small 0.14.1 nixos-24.11 0.15.0 nixpkgs-24.11-darwin 0.15.0 nixos-24.11-small 0.15.0 nixos-unstable 0.15.0 nixos-unstable-small 0.15.0 nixpkgs-unstable 0.15.0 Notify package maintainers: 2 @caarlos0 Carlos A Becker <carlos@becker.software> @penguwin Nicolas Martin <penguwin@penguwin.eu>
pkgs.wishlist A single entrypoint for multiple SSH endpoints nixos-24.05 0.14.1 nixpkgs-24.05-darwin 0.14.1 nixos-24.05-small 0.14.1 nixos-24.11 0.15.0 nixpkgs-24.11-darwin 0.15.0 nixos-24.11-small 0.15.0 nixos-unstable 0.15.0 nixos-unstable-small 0.15.0 nixpkgs-unstable 0.15.0
CVE-2025-32911 9.0 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 week, 6 days ago Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 Notify package maintainers: 6 @lovek323 Jason O'Conal <jason@oconal.id.au> @jtojnar Jan Tojnar <jtojnar@gmail.com> @bobby285271 Bobby Rong <rjl931189261@126.com> @7c6f434c Michael Raskin <7c6f434c@mail.ru> @hedning Tor Hedin Brønner <torhedinbronner@gmail.com> @dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2024-2182 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 week, 6 days ago Ovn: insufficient validation of bfd packets may lead to denial of service A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service. ovn * ovn2.11 ovn2.12 ovn2.13 ovn-2021 * ovn22.03 * ovn22.06 ovn22.09 ovn22.12 * ovn23.03 * ovn23.06 * ovn23.09 * pkgs.ovn Open Virtual Network nixos-24.11 24.09.1 nixpkgs-24.11-darwin 24.09.1 nixos-24.11-small 24.09.1 nixos-unstable 24.09.1 nixos-unstable-small 24.09.1 nixpkgs-unstable 24.09.1 pkgs.novnc VNC client web application nixos-24.05 1.4.0 nixpkgs-24.05-darwin 1.4.0 nixos-24.05-small 1.4.0 nixos-24.11 1.5.0 nixpkgs-24.11-darwin 1.5.0 nixos-24.11-small 1.5.0 nixos-unstable 1.5.0 nixos-unstable-small 1.5.0 nixpkgs-unstable 1.5.0 pkgs.ovn-lts Open Virtual Network nixos-24.05 24.03.2 nixpkgs-24.05-darwin 24.03.2 nixos-24.05-small 24.03.2 pkgs.turbovnc High-speed version of VNC derived from TightVNC nixos-24.05 3.1 nixpkgs-24.05-darwin 3.1 nixos-24.05-small 3.1 nixos-24.11 3.1.2 nixpkgs-24.11-darwin 3.1.2 nixos-24.11-small 3.1.2 nixos-unstable 3.1.3 nixos-unstable-small 3.1.3 nixpkgs-unstable 3.1.3 pkgs.nanovna-saver A tool for reading, displaying and saving data from the NanoVNA nixos-24.05 0.6.3 nixpkgs-24.05-darwin 0.6.3 nixos-24.05-small 0.6.3 nixos-24.11 0.6.4 nixpkgs-24.11-darwin 0.6.4 nixos-24.11-small 0.6.4 nixos-unstable 0.6.5 nixos-unstable-small 0.6.5 nixpkgs-unstable 0.6.5 pkgs.python311Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0 nixos-24.11 0.6.0 nixpkgs-24.11-darwin 0.6.0 nixos-24.11-small 0.6.0 nixos-unstable 0.6.0 nixos-unstable-small 0.6.0 nixpkgs-unstable 0.6.0 pkgs.python312Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0 Notify package maintainers: 6 @adamcstephens Adam C. Stephens <happy.plan4249@valkor.net> @NeverBehave Xinhao Luo <i@never.pet> @nh2 Niklas Hambüchen <mail@nh2.me> @zaninime Francesco Zanini <francesco@zanini.me> @hesiod Tobias Markus <tobias@markus-regensburg.de> @npatsakula Patsakula Nikita <nikita.patsakula@gmail.com>
pkgs.ovn Open Virtual Network nixos-24.11 24.09.1 nixpkgs-24.11-darwin 24.09.1 nixos-24.11-small 24.09.1 nixos-unstable 24.09.1 nixos-unstable-small 24.09.1 nixpkgs-unstable 24.09.1
pkgs.novnc VNC client web application nixos-24.05 1.4.0 nixpkgs-24.05-darwin 1.4.0 nixos-24.05-small 1.4.0 nixos-24.11 1.5.0 nixpkgs-24.11-darwin 1.5.0 nixos-24.11-small 1.5.0 nixos-unstable 1.5.0 nixos-unstable-small 1.5.0 nixpkgs-unstable 1.5.0
pkgs.ovn-lts Open Virtual Network nixos-24.05 24.03.2 nixpkgs-24.05-darwin 24.03.2 nixos-24.05-small 24.03.2
pkgs.turbovnc High-speed version of VNC derived from TightVNC nixos-24.05 3.1 nixpkgs-24.05-darwin 3.1 nixos-24.05-small 3.1 nixos-24.11 3.1.2 nixpkgs-24.11-darwin 3.1.2 nixos-24.11-small 3.1.2 nixos-unstable 3.1.3 nixos-unstable-small 3.1.3 nixpkgs-unstable 3.1.3
pkgs.nanovna-saver A tool for reading, displaying and saving data from the NanoVNA nixos-24.05 0.6.3 nixpkgs-24.05-darwin 0.6.3 nixos-24.05-small 0.6.3 nixos-24.11 0.6.4 nixpkgs-24.11-darwin 0.6.4 nixos-24.11-small 0.6.4 nixos-unstable 0.6.5 nixos-unstable-small 0.6.5 nixpkgs-unstable 0.6.5
pkgs.python311Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0 nixos-24.11 0.6.0 nixpkgs-24.11-darwin 0.6.0 nixos-24.11-small 0.6.0 nixos-unstable 0.6.0 nixos-unstable-small 0.6.0 nixpkgs-unstable 0.6.0
pkgs.python312Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0
CVE-2025-3576 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): NONE created 1 week, 6 days ago Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. krb5 rhcos aap-cloud-metrics-collector-container ansible-automation-platform-24/ee-minimal-rhel9 ansible-automation-platform-24/ee-supported-rhel8 ansible-automation-platform-25/ansible-builder-rhel8 ansible-automation-platform-24/platform-resource-runner-rhel8 pkgs.krb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.libkrb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.pam_krb5 PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC nixos-24.05 krb5-4.11 nixpkgs-24.05-darwin krb5-4.11 nixos-24.05-small krb5-4.11 nixos-24.11 krb5-4.11 nixpkgs-24.11-darwin krb5-4.11 nixos-24.11-small krb5-4.11 nixos-unstable krb5-4.11 nixos-unstable-small krb5-4.11 nixpkgs-unstable krb5-4.11 pkgs.python311Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 pkgs.python312Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 Notify package maintainers: 2 @invokes-su Souvik Sen <nixpkgs-commits@deshaw.com> @de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
pkgs.krb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3
pkgs.libkrb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3
pkgs.pam_krb5 PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC nixos-24.05 krb5-4.11 nixpkgs-24.05-darwin krb5-4.11 nixos-24.05-small krb5-4.11 nixos-24.11 krb5-4.11 nixpkgs-24.11-darwin krb5-4.11 nixos-24.11-small krb5-4.11 nixos-unstable krb5-4.11 nixos-unstable-small krb5-4.11 nixpkgs-unstable krb5-4.11
pkgs.python311Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0
pkgs.python312Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0