Nixpkgs Security Tracker

Login with GitHub

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2023-3089
7.0 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
Ocp & fips mode

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Affected products

openshift
(as-yet-unknown)
openshift-ansible
openshift-golang-builder-container

Matching in nixpkgs

pkgs.openshift

Build, deploy, and manage your applications with Docker and Kubernetes

pkgs.python312Packages.openshift

Python client for the OpenShift API

pkgs.python313Packages.openshift

Python client for the OpenShift API

pkgs.python312Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

pkgs.python313Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

Package maintainers: 4

CVE-2023-25700
9.8 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 months ago
WordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.

Affected products

tutor
  • =<2.1.10

Matching in nixpkgs

pkgs.typstPackages.tutor_0_3_0

Utilities to create exams

pkgs.typstPackages.tutor_0_4_0

Utilities to create exams

pkgs.typstPackages.tutor_0_6_1

Utilities to create exams

pkgs.typstPackages.tutor_0_7_0

Utilities to create exams

pkgs.typstPackages.tutor_0_8_0

Utilities to create exams

pkgs.haskellPackages.timeless-tutorials

Initial project template from stack

Package maintainers: 1

CVE-2023-32629
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 months ago
Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip …

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels

Affected products

Linux
  • <5.4.0-155.172
  • <6.2.0-26.26
  • <6.0.0-1020.20

Matching in nixpkgs

pkgs.vibrantlinux

Tool to automate managing your screen's saturation depending on what programs are running

pkgs.perlPackages.LinuxFD

Linux specific special filehandles

pkgs.perlPackages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

pkgs.perl538Packages.LinuxFD

Linux specific special filehandles

pkgs.perl540Packages.LinuxFD

Linux specific special filehandles

pkgs.perl538Packages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

pkgs.perl540Packages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

pkgs.perlPackages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

pkgs.perlPackages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

pkgs.perl538Packages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

pkgs.perl540Packages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

pkgs.perl538Packages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

pkgs.perl540Packages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

pkgs.perlPackages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

pkgs.perlPackages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

pkgs.perl538Packages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

pkgs.perl538Packages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

pkgs.perl540Packages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

pkgs.perl540Packages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

CVE-2023-46215
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 3 months ago
Apache Airflow Celery provider, Apache Airflow: Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend

Insertion of Sensitive Information into Log File vulnerability in Apache Airflow Celery provider, Apache Airflow. Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend Note: the vulnerability is about the information exposed in the logs not about accessing the logs. This issue affects Apache Airflow Celery provider: from 3.3.0 through 3.4.0; Apache Airflow: from 1.10.0 through 2.6.3. Users are recommended to upgrade Airflow Celery provider to version 3.4.1 and Apache Airlfow to version 2.7.0 which fixes the issue.

Affected products

apache-airflow
  • <2.7.0
apache-airflow-providers-celery
  • =<3.4.0

Matching in nixpkgs

pkgs.apache-airflow

Programmatically author, schedule and monitor data pipelines

Package maintainers: 3

CVE-2023-1193
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 3 months ago
Use-after-free in setup_async_work()

A use-after-free flaw was found in setup_async_work in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work.

Affected products

kernel
kernel-rt

Matching in nixpkgs

pkgs.linux-doc

Linux kernel html documentation

pkgs.coq-kernel

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.kernelshark

GUI for trace-cmd which is an interface for the Linux kernel ftrace subsystem

pkgs.linuxPackages.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.kernel-hardening-checker

Tool for checking the security hardening options of the Linux kernel

pkgs.linuxPackages.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_lqx.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_zen.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.kernels

Load compute kernels from the Huggingface Hub

pkgs.python313Packages.kernels

Load compute kernels from the Huggingface Hub

pkgs.linuxPackages.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages-libre.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages-libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.ipykernel

IPython Kernel for Jupyter

pkgs.python313Packages.ipykernel

IPython Kernel for Jupyter

pkgs.linuxPackages_latest.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_lqx.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_xanmod.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_zen.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.python312Packages.metakernel

Jupyter/IPython Kernel Tools

pkgs.python312Packages.nix-kernel

Simple jupyter kernel for nix-repl

pkgs.python313Packages.metakernel

Jupyter/IPython Kernel Tools

pkgs.python313Packages.nix-kernel

Simple jupyter kernel for nix-repl

pkgs.python312Packages.bash-kernel

Bash Kernel for Jupyter

pkgs.python313Packages.bash-kernel

Bash Kernel for Jupyter

pkgs.haskellPackages.ipython-kernel

A library for creating kernels for IPython frontends

pkgs.linuxPackages-libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_lqx.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_zen.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.rocmPackages.composable_kernel

Performance portable programming model for machine learning tensor operators

pkgs.linuxPackages_latest.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_xanmod.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.gnomeExtensions.kernel-indicator

Display the kernel version in the top bar

pkgs.linuxPackages-libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.ansible-kernel

Ansible kernel for Jupyter

pkgs.python312Packages.spyder-kernels

Jupyter kernels for Spyder's console

pkgs.python313Packages.ansible-kernel

Ansible kernel for Jupyter

pkgs.python313Packages.spyder-kernels

Jupyter kernels for Spyder's console

pkgs.rocmPackages_6.composable_kernel

Performance portable programming model for machine learning tensor operators

pkgs.linuxPackages_latest.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_latest-libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.jupyter-c-kernel

Minimalistic C kernel for Jupyter

pkgs.python313Packages.jupyter-c-kernel

Minimalistic C kernel for Jupyter

pkgs.linuxPackages_xanmod_stable.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_latest-libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_4.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_4.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_1.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_1.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_6.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_6.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_lqx.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_zen.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod_stable.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_10.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_10.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_15.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_15.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_16.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_latest-libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_libre.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod_stable.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.home-assistant-component-tests.hardkernel

Open source home automation that puts local control and privacy first

pkgs.linuxKernel.packages.linux_5_4.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_1.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_6.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_lqx.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_xanmod.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_zen.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_10.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_15.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_12.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_16.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_4.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_1.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_6.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_lqx.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_zen.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_10.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_15.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_16.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_xanmod.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_latest_libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod_stable.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_latest_libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_12_hardened.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_xanmod_stable.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_latest_libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod_stable.zfs_unstable

ZFS Filesystem Linux Kernel Module

Package maintainers: 19

CVE-2023-34318
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 months ago
Heap-buffer-overflow in src/hcom.c

A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.

Affected products

sox

Matching in nixpkgs

pkgs.sox

Sample Rate Converter for audio

pkgs.soxr

Audio resampling library

pkgs.soxt

GUI binding for using Open Inventor with Xt/Motif

pkgs.haskellPackages.sox

Play, write, read, convert audio signals using Sox

pkgs.haskellPackages.soxlib

Write, read, convert audio signals using libsox

pkgs.python312Packages.soxr

High quality, one-dimensional sample-rate conversion library

pkgs.python313Packages.soxr

High quality, one-dimensional sample-rate conversion library

pkgs.haskellPackages.word-note-sox

SoX for algorithmic composition with groups of notes liken to words

Package maintainers: 4

CVE-2023-32611
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 3 months ago
G_variant_byteswap() can take a long time with some non-normal inputs

A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service.

Affected products

glib
glib2
mingw-glib2

Matching in nixpkgs

pkgs.glib

C library of programming buildings blocks

pkgs.glibc

GNU C Library

pkgs.iconv

GNU C Library

pkgs.alglib

Numerical analysis and data processing library

pkgs.glibmm

C++ interface to the GLib library

pkgs.mtrace

Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)

pkgs.spglib

C library for finding and handling crystal symmetries

pkgs.taglib

Library for reading and editing audio file metadata

pkgs.poppler

PDF rendering library

pkgs.libiconv

pkgs.taglib_1

Library for reading and editing audio file metadata

pkgs.dbus-glib

Obsolete glib bindings for D-Bus lightweight IPC mechanism

pkgs.glibcInfo

GNU Info manual of the GNU C Library

pkgs.json-glib

Library providing (de)serialization support for the JavaScript Object Notation (JSON) format

pkgs.arrow-glib

GLib bindings for Apache Arrow

pkgs.i3ipc-glib

C interface library to i3wm

pkgs.poppler_gi

PDF rendering library

pkgs.glibmm_2_68

C++ interface to the GLib library

pkgs.libdbusmenu

Library for passing menu structures across DBus

pkgs.libglibutil

Library of glib utilities

pkgs.libzim-glib

Partial GObject/C bindings for libzim

pkgs.glib-testing

Test library providing test harnesses and mock classes complementing the classes provided by GLib

pkgs.glibcLocales

Locale information for the GNU C Library

pkgs.jsonrpc-glib

Library to communicate using the JSON-RPC 2.0 specification

pkgs.libgit2-glib

Glib wrapper library around the libgit2 git access library

pkgs.libqrtr-glib

Qualcomm IPC Router protocol helper library

pkgs.libvirt-glib

Wrapper library of libvirt for glib-based applications

pkgs.taglib-sharp

Library for reading and writing metadata in media files

pkgs.safestringlib

Safer replacements for C library functions that prevent serious security vulnerabilities

pkgs.taglib_extras

Additional taglib plugins

pkgs.template-glib

Library for template expansion which supports calling into GObject Introspection from templates

pkgs.appstream-glib

Objects and helper methods to read and write AppStream metadata

pkgs.geocode-glib_2

Convenience library for the geocoding and reverse geocoding using Nominatim service

pkgs.glibc_memusage

GNU C Library

pkgs.libsignon-glib

Library for managing single signon credentials which can be used from GLib applications

pkgs.glib-networking

Network-related giomodules for glib

pkgs.glibcLocalesUtf8

Locale information for the GNU C Library

pkgs.libaccounts-glib

Library for managing accounts which can be used from GLib applications

pkgs.kdePackages.taglib

Library for reading and editing audio file metadata

pkgs.haskellPackages.glib

Binding to the GLIB library for Gtk2Hs

pkgs.haskellPackages.taglib

Binding to TagLib (ID3 tag library)

pkgs.appmenu-glib-translator

Library for translating from DBusMenu to GMenuModel

pkgs.haskellPackages.gi-glib

GLib bindings

pkgs.haskellPackages.htaglib

Bindings to TagLib, audio meta-data library

pkgs.python312Packages.dbglib

pkgs.python312Packages.spglib

Python bindings for C library for finding and handling crystal symmetries

pkgs.python312Packages.svglib

Pure-Python library for reading and converting SVG

pkgs.python313Packages.dbglib

pkgs.python313Packages.spglib

Python bindings for C library for finding and handling crystal symmetries

pkgs.python313Packages.svglib

Pure-Python library for reading and converting SVG

pkgs.rubyPackages.taglib-ruby

pkgs.python312Packages.pytaglib

Python bindings for the Taglib audio metadata library

pkgs.python313Packages.pytaglib

Python bindings for the Taglib audio metadata library

pkgs.haskellPackages.glib-stopgap

Stopgap package of binding for GLib

pkgs.python312Packages.kconfiglib

Flexible Python 2/3 Kconfig implementation and library

pkgs.python313Packages.kconfiglib

Flexible Python 2/3 Kconfig implementation and library

pkgs.rubyPackages_3_1.taglib-ruby

pkgs.rubyPackages_3_2.taglib-ruby

pkgs.rubyPackages_3_3.taglib-ruby

pkgs.rubyPackages_3_4.taglib-ruby

pkgs.haskellPackages.bindings-glib

Low level bindings to GLib

pkgs.haskellPackages.uu-parsinglib

Fast, online, error-correcting, monadic, applicative, merging, permuting, interleaving, idiomatic parser combinators

pkgs.python312Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

pkgs.python313Packages.python-hglib

Library with a fast, convenient interface to Mercurial. It uses Mercurial’s command server for communication with hg

pkgs.haskellPackages.gtk2hs-cast-glib

A type class for cast functions of Gtk2hs: glib package

pkgs.chickenPackages_5.chickenEggs.taglib

Bindings to taglib

pkgs.python312Packages.locationsharinglib

Python package to retrieve coordinates from a Google account

pkgs.python313Packages.locationsharinglib

Python package to retrieve coordinates from a Google account

pkgs.tests.pkg-config.defaultPkgConfigPackages.taglib

Test whether taglib-2.1.1 exposes pkg-config modules taglib

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.hardeningFlags.glibcxxassertionsStdenvUnsupp

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.pkg-config.defaultPkgConfigPackages.taglib_c

Test whether taglib-2.1.1 exposes pkg-config modules taglib_c

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.pkg-config.defaultPkgConfigPackages."gio-2.0"

Test whether glib-2.84.4 exposes pkg-config modules gio-2.0

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.hardeningFlags.glibcxxassertionsExplicitEnabled

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-gcc.glibcxxassertionsStdenvUnsupp

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.hardeningFlags.glibcxxassertionsExplicitDisabled

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.pkg-config.defaultPkgConfigPackages.poppler-glib

Test whether poppler-glib-25.07.0 exposes pkg-config modules poppler-glib

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.pkg-config.defaultPkgConfigPackages."gobject-2.0"

Test whether glib-2.84.4 exposes pkg-config modules gobject-2.0

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.pkg-config.defaultPkgConfigPackages."gthread-2.0"

Test whether glib-2.84.4 exposes pkg-config modules gthread-2.0

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-clang.glibcxxassertionsStdenvUnsupp

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-gcc.glibcxxassertionsExplicitEnabled

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-gcc.glibcxxassertionsExplicitDisabled

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-clang.glibcxxassertionsExplicitEnabled

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.hardeningFlags-clang.glibcxxassertionsExplicitDisabled

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.pkg-config.defaultPkgConfigPackages."dbusmenu-glib-0.4"

Test whether libdbusmenu-glib-16.04.0 exposes pkg-config modules dbusmenu-glib-0.4

  • nixos-unstable ???
    • nixpkgs-unstable
CVE-2023-30500
5.8 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
WordPress WPForms plugins - Reflected Cross Site Scripting (XSS) vulnerability

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPForms WPForms Lite (wpforms-lite), WPForms WPForms Pro (wpforms) plugins <= 1.8.1.2 versions.

Affected products

wpforms
  • =<1.8.1.2
wpforms-lite
  • =<1.8.1.2

Matching in nixpkgs

pkgs.wordpressPackages.plugins.wpforms-lite

CVE-2023-29437
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
WordPress Connections Business Directory Plugin <= 10.4.36 is vulnerable to Cross Site Scripting (XSS)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36 versions.

Affected products

connections
  • =<10.4.36

Matching in nixpkgs

pkgs.gnome-connections

Remote desktop client for the GNOME desktop environment

pkgs.python312Packages.hyper-connections

Module to make multiple residual streams

pkgs.python313Packages.hyper-connections

Module to make multiple residual streams

pkgs.haskellPackages.amazonka-codestar-connections

Amazon CodeStar connections SDK

pkgs.python312Packages.types-aiobotocore-codestar-connections

Type annotations for aiobotocore codestar-connections

pkgs.python313Packages.types-aiobotocore-codestar-connections

Type annotations for aiobotocore codestar-connections

Package maintainers: 11

CVE-2023-46092
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 3 months ago
WordPress Webmaster Tools Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.Com Webmaster Tools allows Stored XSS.This issue affects Webmaster Tools: from n/a through 2.0.

Affected products

webmaster-tools
  • =<2.0

Matching in nixpkgs

pkgs.haskellPackages.gogol-webmaster-tools

Google Search Console SDK