Nixpkgs Security Tracker

Login with GitHub

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2024-5148
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 3 months ago
Gnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificate

A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition.

Affected products

gnome-remote-desktop
  • <46.2

Matching in nixpkgs

pkgs.gnome-remote-desktop

GNOME Remote Desktop server

Package maintainers: 4

CVE-2024-8235
6.2 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 3 months ago
Libvirt: crash of virtinterfaced via virconnectlistinterfaces()

A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash of virtinterfaced. This issue could allow clients connecting to the read-only socket to crash the virtinterfaced daemon.

Affected products

libvirt
  • *
  • <10.7.0
virt:av/libvirt
virt:rhel/libvirt

Matching in nixpkgs

pkgs.libvirt

Toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes

pkgs.libvirt-glib

Wrapper library of libvirt for glib-based applications

pkgs.python312Packages.libvirt

Libvirt Python bindings

pkgs.python313Packages.libvirt

Libvirt Python bindings

pkgs.rubyPackages.ruby-libvirt

pkgs.prometheus-libvirt-exporter

Prometheus metrics exporter for libvirt

pkgs.terraform-providers.libvirt

pkgs.rubyPackages_3_1.ruby-libvirt

pkgs.rubyPackages_3_2.ruby-libvirt

pkgs.rubyPackages_3_3.ruby-libvirt

pkgs.rubyPackages_3_4.ruby-libvirt

Package maintainers: 4

CVE-2024-1545
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
Fault Injection of RSA encryption in WolfCrypt

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure.

Affected products

wolfssl
  • =<5.6.6

Matching in nixpkgs

pkgs.wolfssl

Small, fast, portable implementation of TLS/SSL for embedded devices

Package maintainers: 2

CVE-2024-43951
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
WordPress Tempera theme <= 1.8.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Tempera allows Stored XSS.This issue affects Tempera: from n/a through 1.8.2.

Affected products

tempera
  • =<1.8.2

Matching in nixpkgs

pkgs.home-assistant-component-tests.eddystone_temperature

Open source home automation that puts local control and privacy first

Package maintainers: 3

CVE-2024-2881
6.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): LOW
created 3 months ago
Fault Injection of EdDSA signature in WolfCrypt

Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.

Affected products

wolfssl
  • =<5.6.6

Matching in nixpkgs

pkgs.wolfssl

Small, fast, portable implementation of TLS/SSL for embedded devices

Package maintainers: 2

CVE-2024-43356
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 3 months ago
WordPress oik plugin <= 4.12.0 - Arbitrary File Deletion vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide.This issue affects oik: from n/a through 4.12.0.

Affected products

oik
  • =<4.12.0

Matching in nixpkgs

pkgs.libvoikko

Finnish language processing library

Package maintainers: 1

CVE-2024-39645
5.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
WordPress Tutor LMS plugin <= 2.7.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.

Affected products

tutor
  • =<2.7.2

Matching in nixpkgs

pkgs.typstPackages.tutor_0_3_0

Utilities to create exams

pkgs.typstPackages.tutor_0_4_0

Utilities to create exams

pkgs.typstPackages.tutor_0_6_1

Utilities to create exams

pkgs.typstPackages.tutor_0_7_0

Utilities to create exams

pkgs.typstPackages.tutor_0_8_0

Utilities to create exams

pkgs.haskellPackages.timeless-tutorials

Initial project template from stack

Package maintainers: 1

CVE-2024-8113
created 3 months ago
Stored XSS in Placeholder Samples in Mail Preview

Stored XSS in organizer and event settings of pretix up to 2024.7.0 allows malicious event organizers to inject HTML tags into e-mail previews on settings page. The default Content Security Policy of pretix prevents execution of attacker-provided scripts, making exploitation unlikely. However, combined with a CSP bypass (which is not currently known) the vulnerability could be used to impersonate other organizers or staff users.

Affected products

pretix
  • =<2024.7.0

Matching in nixpkgs

pkgs.pretix

Ticketing software that cares about your event—all the way

pkgs.pretix-banktool

Automatic bank data upload tool for pretix (with FinTS client)

Package maintainers: 1

CVE-2024-41937
6.1 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 3 months ago
Apache Airflow: Stored XSS Vulnerability on provider link

Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider documentation link. This would require the provider to be installed on the web server and the user to click the provider link. Users should upgrade to 2.10.0 or later, which fixes this vulnerability.

Affected products

apache-airflow
  • <2.10.0

Matching in nixpkgs

pkgs.apache-airflow

Programmatically author, schedule and monitor data pipelines

Package maintainers: 3

CVE-2024-37099
10.0 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 months ago
WordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1.

Affected products

give
  • =<3.14.1

Matching in nixpkgs

pkgs.filegive

Easy p2p file sending program