Dismissed suggestions Untriaged suggestions Draft issues Published issues Automatically generated suggestions Create Draft to queue a suggestion for refinement. Dismiss to remove a suggestion from the queue. CVE-2023-25041 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 7 months, 2 weeks ago WordPress Monolit Theme <= 2.0.6 is vulnerable to Cross Site Scripting (XSS) Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Monolit theme <= 2.0.6 versions. monolit =<2.0.6 pkgs.monolith Bundle any web page into a single HTML file nixos-unstable 2.8.3 nixos-unstable-small 2.8.3 nixpkgs-unstable 2.8.3 Package maintainers: 1 @Br1ght0ne Oleksii Filonenko <brightone@protonmail.com> CVE-2022-47613 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 7 months, 2 weeks ago WordPress AI ChatBot Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS) Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QuantumCloud AI ChatBot plugin <= 4.3.0 versions. chatbot =<4.3.0 CVE-2023-5156 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 7 months, 2 weeks ago Glibc: dos due to memory leak in getaddrinfo.c A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. glibc compat-glibc pkgs.glibc GNU C Library nixos-unstable 2.40-36 pkgs.iconv GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.getent nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.locale nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.mtrace Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3) nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.getconf nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.libiconv nixos-unstable 2.40 nixos-unstable-small 2.40 nixpkgs-unstable 2.40 pkgs.glibcInfo GNU Info manual of the GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.glibc_multi nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.glibcLocales Locale information for the GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.glibc_memusage GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.glibcLocalesUtf8 Locale information for the GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.unixtools.getent nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.unixtools.locale nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.unixtools.getconf nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.locale.x86_64-linux nixos-unstable ??? nixos-unstable-small 2.40-36 pkgs.locale.aarch64-linux nixos-unstable ??? nixos-unstable-small 2.40-36 pkgs.libiconv.x86_64-linux nixos-unstable ??? nixos-unstable-small 2.40 pkgs.libiconv.aarch64-linux nixos-unstable ??? nixos-unstable-small 2.40 Package maintainers: 2 @Ma27 Maximilian Bosch <maximilian@mbosch.me> @ConnorBaker Connor Baker <ConnorBaker01@gmail.com> CVE-2023-1907 8.0 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 7 months, 2 weeks ago Pgadmin: users authenticated simultaneously via ldap may be attached to the wrong session A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously. pgadmin <7.0 pkgs.pgadmin4 Administration and development platform for PostgreSQL nixos-unstable 8.12 nixos-unstable-small 8.12 nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable 8.12 nixos-unstable-small 8.12 nixpkgs-unstable 8.12 pkgs.pgadmin4.x86_64-linux Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4.aarch64-linux Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4.x86_64-darwin Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4.aarch64-darwin Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode.x86_64-linux Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode.aarch64-linux Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode.x86_64-darwin Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode.aarch64-darwin Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12 Package maintainers: 1 @gador Florian Brandes <florian.brandes@posteo.de> CVE-2024-56826 5.6 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): HIGH created 7 months, 2 weeks ago Openjpeg: heap buffer overflow in bin/common/color.c A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. openjpeg * openjpeg2 * gimp:flatpak/openjpeg2 pkgs.openjpeg Open-source JPEG 2000 codec written in C language nixos-unstable 2.5.2 nixos-unstable-small 2.5.2 nixpkgs-unstable 2.5.2 pkgs.python311Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.python312Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.python312Packages.pylibjpeg-openjpeg.x86_64-linux A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 Package maintainers: 2 @codyopel Cody Opel <codyopel@gmail.com> @bcdarwin Ben Darwin <bcdarwin@gmail.com> CVE-2022-47183 5.4 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): LOW created 7 months, 2 weeks ago WordPress Extra Block Design, Style, CSS for ANY Gutenberg Blocks Plugin <= 0.2.6 is vulnerable to Cross Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) vulnerability in StylistWP Extra Block Design, Style, CSS for ANY Gutenberg Blocks plugin <= 0.2.6 versions. stylist =<0.2.6 pkgs.haskellPackages.stylist-traits Traits, datatypes, & parsers for Haskell Stylist nixos-unstable 0.1.3.1 nixos-unstable-small 0.1.3.1 nixpkgs-unstable 0.1.3.1 CVE-2023-23668 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 7 months, 2 weeks ago WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Scripting (XSS) Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin <= 2.25.1 versions. give =<2.25.1 pkgs.filegive Easy p2p file sending program nixos-unstable 2022-05-29 nixos-unstable-small 2022-05-29 nixpkgs-unstable 2022-05-29 CVE-2024-56827 5.6 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): HIGH created 7 months, 2 weeks ago Openjpeg: heap buffer overflow in lib/openjp2/j2k.c A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. openjpeg * openjpeg2 * gimp:flatpak/openjpeg2 pkgs.openjpeg Open-source JPEG 2000 codec written in C language nixos-unstable 2.5.2 nixos-unstable-small 2.5.2 nixpkgs-unstable 2.5.2 pkgs.python311Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.python312Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.python312Packages.pylibjpeg-openjpeg.x86_64-linux A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 Package maintainers: 2 @codyopel Cody Opel <codyopel@gmail.com> @bcdarwin Ben Darwin <bcdarwin@gmail.com> CVE-2024-7006 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 7 months, 2 weeks ago Libtiff: null pointer dereference in tif_dirinfo.c A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service. libtiff * ==4.0.9 ==4.4.0 pkgs.libtiff Library and utilities for working with the TIFF image file format nixos-unstable 4.7.0 nixos-unstable-small 4.7.0 nixpkgs-unstable 4.7.0 pkgs.libtiff.x86_64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.aarch64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.x86_64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.aarch64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 Package maintainers: 7 @nh2 Niklas Hambüchen <mail@nh2.me> @autra Augustin Trancart <augustin.trancart@gmail.com> @l0b0 Victor Engmark <victor@engmark.name> @willcohen Will Cohen @nialov Nikolas Ovaskainen <nikolasovaskainen@gmail.com> @imincik Ivan Mincik <ivan.mincik@gmail.com> @sikmir Nikolay Korotkiy <sikmir@disroot.org> CVE-2022-47161 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE created 7 months, 3 weeks ago WordPress Health Check & Troubleshooting Plugin <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin <= 1.5.1 versions. health-check =<1.5.1 pkgs.health-check Process monitoring tool nixos-unstable 0.04.00 nixos-unstable-small 0.04.00 nixpkgs-unstable 0.04.00 pkgs.grpc-health-check Minimal, high performance, memory-friendly, safe implementation of the gRPC health checking protocol nixos-unstable 2022-08-19 nixos-unstable-small 2022-08-19 nixpkgs-unstable 2022-08-19 pkgs.python311Packages.django-health-check Pluggable app that runs a full check on the deployment nixos-unstable 3.18.3 nixos-unstable-small 3.18.3 nixpkgs-unstable 3.18.3 pkgs.python312Packages.django-health-check Pluggable app that runs a full check on the deployment nixos-unstable 3.18.3 nixos-unstable-small 3.18.3 nixpkgs-unstable 3.18.3 pkgs.rubyPackages.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 pkgs.python311Packages.grpcio-health-checking Standard Health Checking Service for gRPC nixos-unstable 1.67.0 nixos-unstable-small 1.67.0 nixpkgs-unstable 1.67.0 pkgs.python312Packages.grpcio-health-checking Standard Health Checking Service for gRPC nixos-unstable 1.67.0 nixos-unstable-small 1.67.0 nixpkgs-unstable 1.67.0 pkgs.rubyPackages_3_1.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2 pkgs.python312Packages.grpcio-health-checking.x86_64-linux Standard Health Checking Service for gRPC nixos-unstable 1.67.0 pkgs.python312Packages.grpcio-health-checking.aarch64-linux Standard Health Checking Service for gRPC nixos-unstable 1.67.0 pkgs.python312Packages.grpcio-health-checking.x86_64-darwin Standard Health Checking Service for gRPC nixos-unstable 1.67.0 pkgs.python312Packages.grpcio-health-checking.aarch64-darwin Standard Health Checking Service for gRPC nixos-unstable 1.67.0 pkgs.rubyPackages_3_1.github-pages-health-check.x86_64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check.x86_64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check.x86_64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check.x86_64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_1.github-pages-health-check.aarch64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_1.github-pages-health-check.x86_64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check.aarch64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check.x86_64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check.aarch64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check.x86_64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check.aarch64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check.x86_64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_1.github-pages-health-check.aarch64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check.aarch64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check.aarch64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check.aarch64-darwin nixos-unstable 1.18.2 Package maintainers: 4 @happysalada Raphael Megzari <raphael@megzari.com> @onny Jonas Heinrich <onny@project-insanity.org> @flokli Florian Klink <flokli@flokli.de> @dtzWill Will Dietz <w@wdtz.org>
CVE-2023-25041 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 7 months, 2 weeks ago WordPress Monolit Theme <= 2.0.6 is vulnerable to Cross Site Scripting (XSS) Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Monolit theme <= 2.0.6 versions. monolit =<2.0.6 pkgs.monolith Bundle any web page into a single HTML file nixos-unstable 2.8.3 nixos-unstable-small 2.8.3 nixpkgs-unstable 2.8.3 Package maintainers: 1 @Br1ght0ne Oleksii Filonenko <brightone@protonmail.com>
pkgs.monolith Bundle any web page into a single HTML file nixos-unstable 2.8.3 nixos-unstable-small 2.8.3 nixpkgs-unstable 2.8.3
CVE-2022-47613 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 7 months, 2 weeks ago WordPress AI ChatBot Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS) Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QuantumCloud AI ChatBot plugin <= 4.3.0 versions. chatbot =<4.3.0
CVE-2023-5156 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 7 months, 2 weeks ago Glibc: dos due to memory leak in getaddrinfo.c A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. glibc compat-glibc pkgs.glibc GNU C Library nixos-unstable 2.40-36 pkgs.iconv GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.getent nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.locale nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.mtrace Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3) nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.getconf nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.libiconv nixos-unstable 2.40 nixos-unstable-small 2.40 nixpkgs-unstable 2.40 pkgs.glibcInfo GNU Info manual of the GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.glibc_multi nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.glibcLocales Locale information for the GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.glibc_memusage GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.glibcLocalesUtf8 Locale information for the GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.unixtools.getent nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.unixtools.locale nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.unixtools.getconf nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36 pkgs.locale.x86_64-linux nixos-unstable ??? nixos-unstable-small 2.40-36 pkgs.locale.aarch64-linux nixos-unstable ??? nixos-unstable-small 2.40-36 pkgs.libiconv.x86_64-linux nixos-unstable ??? nixos-unstable-small 2.40 pkgs.libiconv.aarch64-linux nixos-unstable ??? nixos-unstable-small 2.40 Package maintainers: 2 @Ma27 Maximilian Bosch <maximilian@mbosch.me> @ConnorBaker Connor Baker <ConnorBaker01@gmail.com>
pkgs.iconv GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36
pkgs.mtrace Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3) nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36
pkgs.glibcInfo GNU Info manual of the GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36
pkgs.glibcLocales Locale information for the GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36
pkgs.glibc_memusage GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36
pkgs.glibcLocalesUtf8 Locale information for the GNU C Library nixos-unstable 2.40-36 nixos-unstable-small 2.40-36 nixpkgs-unstable 2.40-36
CVE-2023-1907 8.0 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 7 months, 2 weeks ago Pgadmin: users authenticated simultaneously via ldap may be attached to the wrong session A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously. pgadmin <7.0 pkgs.pgadmin4 Administration and development platform for PostgreSQL nixos-unstable 8.12 nixos-unstable-small 8.12 nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable 8.12 nixos-unstable-small 8.12 nixpkgs-unstable 8.12 pkgs.pgadmin4.x86_64-linux Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4.aarch64-linux Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4.x86_64-darwin Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4.aarch64-darwin Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode.x86_64-linux Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode.aarch64-linux Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode.x86_64-darwin Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12 pkgs.pgadmin4-desktopmode.aarch64-darwin Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12 Package maintainers: 1 @gador Florian Brandes <florian.brandes@posteo.de>
pkgs.pgadmin4 Administration and development platform for PostgreSQL nixos-unstable 8.12 nixos-unstable-small 8.12 nixpkgs-unstable 8.12
pkgs.pgadmin4-desktopmode Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable 8.12 nixos-unstable-small 8.12 nixpkgs-unstable 8.12
pkgs.pgadmin4.x86_64-linux Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12
pkgs.pgadmin4.aarch64-linux Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12
pkgs.pgadmin4.x86_64-darwin Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12
pkgs.pgadmin4.aarch64-darwin Administration and development platform for PostgreSQL nixos-unstable ??? nixpkgs-unstable 8.12
pkgs.pgadmin4-desktopmode.x86_64-linux Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12
pkgs.pgadmin4-desktopmode.aarch64-linux Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12
pkgs.pgadmin4-desktopmode.x86_64-darwin Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12
pkgs.pgadmin4-desktopmode.aarch64-darwin Administration and development platform for PostgreSQL. Desktop Mode nixos-unstable ??? nixpkgs-unstable 8.12
CVE-2024-56826 5.6 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): HIGH created 7 months, 2 weeks ago Openjpeg: heap buffer overflow in bin/common/color.c A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. openjpeg * openjpeg2 * gimp:flatpak/openjpeg2 pkgs.openjpeg Open-source JPEG 2000 codec written in C language nixos-unstable 2.5.2 nixos-unstable-small 2.5.2 nixpkgs-unstable 2.5.2 pkgs.python311Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.python312Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.python312Packages.pylibjpeg-openjpeg.x86_64-linux A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 Package maintainers: 2 @codyopel Cody Opel <codyopel@gmail.com> @bcdarwin Ben Darwin <bcdarwin@gmail.com>
pkgs.openjpeg Open-source JPEG 2000 codec written in C language nixos-unstable 2.5.2 nixos-unstable-small 2.5.2 nixpkgs-unstable 2.5.2
pkgs.python311Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0
pkgs.python312Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0
pkgs.python312Packages.pylibjpeg-openjpeg.x86_64-linux A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0
CVE-2022-47183 5.4 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): LOW created 7 months, 2 weeks ago WordPress Extra Block Design, Style, CSS for ANY Gutenberg Blocks Plugin <= 0.2.6 is vulnerable to Cross Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) vulnerability in StylistWP Extra Block Design, Style, CSS for ANY Gutenberg Blocks plugin <= 0.2.6 versions. stylist =<0.2.6 pkgs.haskellPackages.stylist-traits Traits, datatypes, & parsers for Haskell Stylist nixos-unstable 0.1.3.1 nixos-unstable-small 0.1.3.1 nixpkgs-unstable 0.1.3.1
pkgs.haskellPackages.stylist-traits Traits, datatypes, & parsers for Haskell Stylist nixos-unstable 0.1.3.1 nixos-unstable-small 0.1.3.1 nixpkgs-unstable 0.1.3.1
CVE-2023-23668 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 7 months, 2 weeks ago WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Scripting (XSS) Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin <= 2.25.1 versions. give =<2.25.1 pkgs.filegive Easy p2p file sending program nixos-unstable 2022-05-29 nixos-unstable-small 2022-05-29 nixpkgs-unstable 2022-05-29
pkgs.filegive Easy p2p file sending program nixos-unstable 2022-05-29 nixos-unstable-small 2022-05-29 nixpkgs-unstable 2022-05-29
CVE-2024-56827 5.6 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): HIGH created 7 months, 2 weeks ago Openjpeg: heap buffer overflow in lib/openjp2/j2k.c A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. openjpeg * openjpeg2 * gimp:flatpak/openjpeg2 pkgs.openjpeg Open-source JPEG 2000 codec written in C language nixos-unstable 2.5.2 nixos-unstable-small 2.5.2 nixpkgs-unstable 2.5.2 pkgs.python311Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.python312Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0 pkgs.python312Packages.pylibjpeg-openjpeg.x86_64-linux A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 Package maintainers: 2 @codyopel Cody Opel <codyopel@gmail.com> @bcdarwin Ben Darwin <bcdarwin@gmail.com>
pkgs.openjpeg Open-source JPEG 2000 codec written in C language nixos-unstable 2.5.2 nixos-unstable-small 2.5.2 nixpkgs-unstable 2.5.2
pkgs.python311Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0
pkgs.python312Packages.pylibjpeg-openjpeg A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0 nixos-unstable-small 2.3.0 nixpkgs-unstable 2.3.0
pkgs.python312Packages.pylibjpeg-openjpeg.x86_64-linux A J2K and JP2 plugin for pylibjpeg nixos-unstable 2.3.0
CVE-2024-7006 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 7 months, 2 weeks ago Libtiff: null pointer dereference in tif_dirinfo.c A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service. libtiff * ==4.0.9 ==4.4.0 pkgs.libtiff Library and utilities for working with the TIFF image file format nixos-unstable 4.7.0 nixos-unstable-small 4.7.0 nixpkgs-unstable 4.7.0 pkgs.libtiff.x86_64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.aarch64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.x86_64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 pkgs.libtiff.aarch64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0 Package maintainers: 7 @nh2 Niklas Hambüchen <mail@nh2.me> @autra Augustin Trancart <augustin.trancart@gmail.com> @l0b0 Victor Engmark <victor@engmark.name> @willcohen Will Cohen @nialov Nikolas Ovaskainen <nikolasovaskainen@gmail.com> @imincik Ivan Mincik <ivan.mincik@gmail.com> @sikmir Nikolay Korotkiy <sikmir@disroot.org>
pkgs.libtiff Library and utilities for working with the TIFF image file format nixos-unstable 4.7.0 nixos-unstable-small 4.7.0 nixpkgs-unstable 4.7.0
pkgs.libtiff.x86_64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0
pkgs.libtiff.aarch64-linux Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0
pkgs.libtiff.x86_64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0
pkgs.libtiff.aarch64-darwin Library and utilities for working with the TIFF image file format nixos-unstable ??? nixos-unstable-small 4.7.0
CVE-2022-47161 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE created 7 months, 3 weeks ago WordPress Health Check & Troubleshooting Plugin <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin <= 1.5.1 versions. health-check =<1.5.1 pkgs.health-check Process monitoring tool nixos-unstable 0.04.00 nixos-unstable-small 0.04.00 nixpkgs-unstable 0.04.00 pkgs.grpc-health-check Minimal, high performance, memory-friendly, safe implementation of the gRPC health checking protocol nixos-unstable 2022-08-19 nixos-unstable-small 2022-08-19 nixpkgs-unstable 2022-08-19 pkgs.python311Packages.django-health-check Pluggable app that runs a full check on the deployment nixos-unstable 3.18.3 nixos-unstable-small 3.18.3 nixpkgs-unstable 3.18.3 pkgs.python312Packages.django-health-check Pluggable app that runs a full check on the deployment nixos-unstable 3.18.3 nixos-unstable-small 3.18.3 nixpkgs-unstable 3.18.3 pkgs.rubyPackages.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 pkgs.python311Packages.grpcio-health-checking Standard Health Checking Service for gRPC nixos-unstable 1.67.0 nixos-unstable-small 1.67.0 nixpkgs-unstable 1.67.0 pkgs.python312Packages.grpcio-health-checking Standard Health Checking Service for gRPC nixos-unstable 1.67.0 nixos-unstable-small 1.67.0 nixpkgs-unstable 1.67.0 pkgs.rubyPackages_3_1.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2 pkgs.python312Packages.grpcio-health-checking.x86_64-linux Standard Health Checking Service for gRPC nixos-unstable 1.67.0 pkgs.python312Packages.grpcio-health-checking.aarch64-linux Standard Health Checking Service for gRPC nixos-unstable 1.67.0 pkgs.python312Packages.grpcio-health-checking.x86_64-darwin Standard Health Checking Service for gRPC nixos-unstable 1.67.0 pkgs.python312Packages.grpcio-health-checking.aarch64-darwin Standard Health Checking Service for gRPC nixos-unstable 1.67.0 pkgs.rubyPackages_3_1.github-pages-health-check.x86_64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check.x86_64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check.x86_64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check.x86_64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_1.github-pages-health-check.aarch64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_1.github-pages-health-check.x86_64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check.aarch64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check.x86_64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check.aarch64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check.x86_64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check.aarch64-linux nixos-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check.x86_64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_1.github-pages-health-check.aarch64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_2.github-pages-health-check.aarch64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_3.github-pages-health-check.aarch64-darwin nixos-unstable 1.18.2 pkgs.rubyPackages_3_4.github-pages-health-check.aarch64-darwin nixos-unstable 1.18.2 Package maintainers: 4 @happysalada Raphael Megzari <raphael@megzari.com> @onny Jonas Heinrich <onny@project-insanity.org> @flokli Florian Klink <flokli@flokli.de> @dtzWill Will Dietz <w@wdtz.org>
pkgs.health-check Process monitoring tool nixos-unstable 0.04.00 nixos-unstable-small 0.04.00 nixpkgs-unstable 0.04.00
pkgs.grpc-health-check Minimal, high performance, memory-friendly, safe implementation of the gRPC health checking protocol nixos-unstable 2022-08-19 nixos-unstable-small 2022-08-19 nixpkgs-unstable 2022-08-19
pkgs.python311Packages.django-health-check Pluggable app that runs a full check on the deployment nixos-unstable 3.18.3 nixos-unstable-small 3.18.3 nixpkgs-unstable 3.18.3
pkgs.python312Packages.django-health-check Pluggable app that runs a full check on the deployment nixos-unstable 3.18.3 nixos-unstable-small 3.18.3 nixpkgs-unstable 3.18.3
pkgs.python311Packages.grpcio-health-checking Standard Health Checking Service for gRPC nixos-unstable 1.67.0 nixos-unstable-small 1.67.0 nixpkgs-unstable 1.67.0
pkgs.python312Packages.grpcio-health-checking Standard Health Checking Service for gRPC nixos-unstable 1.67.0 nixos-unstable-small 1.67.0 nixpkgs-unstable 1.67.0
pkgs.rubyPackages_3_1.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2
pkgs.rubyPackages_3_2.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2
pkgs.rubyPackages_3_3.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2
pkgs.rubyPackages_3_4.github-pages-health-check nixos-unstable 1.18.2 nixos-unstable-small 1.18.2 nixpkgs-unstable 1.18.2
pkgs.python312Packages.grpcio-health-checking.x86_64-linux Standard Health Checking Service for gRPC nixos-unstable 1.67.0
pkgs.python312Packages.grpcio-health-checking.aarch64-linux Standard Health Checking Service for gRPC nixos-unstable 1.67.0
pkgs.python312Packages.grpcio-health-checking.x86_64-darwin Standard Health Checking Service for gRPC nixos-unstable 1.67.0
pkgs.python312Packages.grpcio-health-checking.aarch64-darwin Standard Health Checking Service for gRPC nixos-unstable 1.67.0