⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

Create Draft to queue a suggestion for refinement.

Dismiss to remove a suggestion from the queue.

CVE-2025-3753
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month ago
Unsafe use of eval() method in rosbag tool

A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() function to process unsanitized, user-supplied input in the 'rosbag filter' command. This flaw enables attackers to craft and execute arbitrary Python code.

rosbag
==Melodic Morenia
==Kinetic Kame
==Indigo Igloo
==Noetic Ninjemys

pkgs.python312Packages.rosbags

Pure Python library to read, modify, convert, and write rosbag files

pkgs.python313Packages.rosbags

Pure Python library to read, modify, convert, and write rosbag files
Package maintainers: 1
CVE-2025-40924
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 month ago
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a (usually SHA-1) hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems.

Catalyst-Plugin-Session
<0.44

pkgs.perlPackages.CatalystPluginSession

Generic Session plugin - ties together server side storage and client side state required to maintain session data

pkgs.perl538Packages.CatalystPluginSession

Generic Session plugin - ties together server side storage and client side state required to maintain session data

pkgs.perl540Packages.CatalystPluginSession

Generic Session plugin - ties together server side storage and client side state required to maintain session data

pkgs.perlPackages.CatalystPluginSessionStoreFile

File storage backend for session data

pkgs.perlPackages.CatalystPluginSessionStateCookie

Maintain session IDs using cookies

pkgs.perl538Packages.CatalystPluginSessionStoreFile

File storage backend for session data

pkgs.perl540Packages.CatalystPluginSessionStoreFile

File storage backend for session data

pkgs.perlPackages.CatalystPluginSessionDynamicExpiry

Per-session custom expiry times

pkgs.perlPackages.CatalystPluginSessionStoreFastMmap

FastMmap session storage backend

pkgs.perl538Packages.CatalystPluginSessionStateCookie

Maintain session IDs using cookies

pkgs.perl540Packages.CatalystPluginSessionStateCookie

Maintain session IDs using cookies

pkgs.perl538Packages.CatalystPluginSessionDynamicExpiry

Per-session custom expiry times

pkgs.perl538Packages.CatalystPluginSessionStoreFastMmap

FastMmap session storage backend

pkgs.perl540Packages.CatalystPluginSessionDynamicExpiry

Per-session custom expiry times

pkgs.perl540Packages.CatalystPluginSessionStoreFastMmap

FastMmap session storage backend
CVE-2025-40918
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 month ago
Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely

Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. According to RFC 2831, The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.

Authen-SASL
=<2.1800

pkgs.perlPackages.AuthenSASL

SASL Authentication framework

pkgs.perl538Packages.AuthenSASL

SASL Authentication framework

pkgs.perl540Packages.AuthenSASL

SASL Authentication framework

pkgs.perlPackages.AuthenSASLSASLprep

Stringprep Profile for User Names and Passwords (RFC 4013)

pkgs.perl538Packages.AuthenSASLSASLprep

Stringprep Profile for User Names and Passwords (RFC 4013)

pkgs.perl540Packages.AuthenSASLSASLprep

Stringprep Profile for User Names and Passwords (RFC 4013)
Package maintainers: 1
CVE-2025-52803
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 month ago
WordPress Sala theme <= 1.1.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in uxper Sala allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Sala: from n/a through 1.1.3.

sala
=<1.1.3

pkgs.python312Packages.datasalad

Pure-Python library with a collection of utilities for working with Git and git-annex

pkgs.python313Packages.datasalad

Pure-Python library with a collection of utilities for working with Git and git-annex

pkgs.python312Packages.schema-salad

Semantic Annotations for Linked Avro Data

pkgs.python313Packages.schema-salad

Semantic Annotations for Linked Avro Data
Package maintainers: 2
CVE-2025-40923
7.3 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 month ago
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely

Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems.

Plack-Middleware-Session
<0.35

pkgs.perlPackages.PlackMiddlewareSession

Middleware for session management

pkgs.perl538Packages.PlackMiddlewareSession

Middleware for session management

pkgs.perl540Packages.PlackMiddlewareSession

Middleware for session management
CVE-2025-7519
6.7 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month ago
Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

rhcos
polkit
=<126

pkgs.polkit

Toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes

pkgs.cmd-polkit

Easily create polkit authentication agents by using commands

pkgs.polkit_gnome

Dbus session bus service that is used to bring up authentication dialogs

pkgs.hyprpolkitagent

Polkit authentication agent written in QT/QML

pkgs.mate.mate-polkit

Integrates polkit authentication for MATE desktop

pkgs.pcscliteWithPolkit

Middleware to access a smart card using SCard API (PC/SC)

pkgs.libsForQt5.polkit-qt

Qt wrapper around PolKit

pkgs.kdePackages.polkit-qt-1

Qt wrapper around Polkit-1 client libraries

pkgs.plasma5Packages.polkit-qt

Qt wrapper around PolKit

pkgs.lomiri.lomiri-polkit-agent

Policy kit agent for the Lomiri desktop

pkgs.kdePackages.polkit-kde-agent-1

Daemon providing a Polkit authentication UI for Plasma

pkgs.pantheon.pantheon-agent-polkit

Polkit Agent for the Pantheon Desktop
Package maintainers: 20
CVE-2025-6491
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 month ago
NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix

In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 when parsing XML data in SOAP extensions, overly large (>2Gb) XML namespace prefix may lead to null pointer dereference. This may lead to crashes and affect the availability of the target server.

soap
<8.3.23
<8.2.29
<8.4.10
<8.1.33

pkgs.gsoap

C/C++ toolkit for SOAP web services and XML-based applications

pkgs.soapui

Most Advanced REST & SOAP Testing Tool in the World

pkgs.liquidsoap

Swiss-army knife for multimedia streaming

pkgs.soapyaudio

SoapySDR plugin for amateur radio and audio devices

pkgs.soapyairspy

SoapySDR plugin for Airspy devices

pkgs.soapyhackrf

SoapySDR plugin for HackRF devices

pkgs.soapyrtlsdr

SoapySDR plugin for RTL-SDR devices

pkgs.soapybladerf

SoapySDR plugin for BladeRF devices

pkgs.soapyplutosdr

SoapySDR plugin for Pluto SDR devices

pkgs.libsForQt5.kdsoap

Qt-based client-side and server-side SOAP component

pkgs.kdePackages.kdsoap

Qt-based client-side and server-side SOAP component

pkgs.qt6Packages.kdsoap

Qt-based client-side and server-side SOAP component

pkgs.php81Extensions.soap

PHP upstream extension: soap

pkgs.php82Extensions.soap

PHP upstream extension: soap

pkgs.php83Extensions.soap

PHP upstream extension: soap

pkgs.php84Extensions.soap

PHP upstream extension: soap

pkgs.plasma5Packages.kdsoap

Qt-based client-side and server-side SOAP component

pkgs.python312Packages.pysimplesoap

Python simple and lightweight SOAP Library

pkgs.python313Packages.pysimplesoap

Python simple and lightweight SOAP Library

pkgs.kdePackages.kdsoap-ws-discovery-client

Library for finding WS-Discovery devices in the network using Qt5 and KDSoap.

pkgs.vimPlugins.nvim-treesitter-parsers.liquidsoap

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.tests.pkg-config.defaultPkgConfigPackages.SoapySDR

Test whether soapysdr-0.8.1-unstable-2025-03-30-03 exposes pkg-config modules SoapySDR
  • nixos-unstable ???
    • nixpkgs-unstable
Package maintainers: 21
CVE-2025-7425
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month ago
Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

rhcos
libxml2
*
libxslt
web-terminal/web-terminal-tooling-rhel9
*
web-terminal/web-terminal-rhel9-operator
*
registry.redhat.io/rhosdt/jaeger-agent-rhel8
*
registry.redhat.io/rhosdt/jaeger-query-rhel8
*
registry.redhat.io/rhosdt/jaeger-ingester-rhel8
*
registry.redhat.io/rhosdt/jaeger-rhel8-operator
*
registry.redhat.io/rhosdt/jaeger-collector-rhel8
*
registry.redhat.io/rhosdt/jaeger-operator-bundle
*
registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8
*
registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8
*
registry.redhat.io/discovery/discovery-server-rhel9
*
registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8
*
registry.redhat.io/insights-proxy/insights-proxy-container-rhel9
*

pkgs.libxslt

C library and tools to do XSL transformations

pkgs.python312Packages.libxslt

C library and tools to do XSL transformations

pkgs.python313Packages.libxslt

C library and tools to do XSL transformations
Package maintainers: 1
CVE-2025-6395
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): HIGH
created 1 month ago
Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). When it reads certain settings from a template file, it can allow an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial of service (DoS) that could crash the system.

rhcos
gnutls
*
libgnutls
<3.8.10

pkgs.gnutls

GNU Transport Layer Security Library

pkgs.guile-gnutls

Guile bindings for GnuTLS library
Package maintainers: 3
CVE-2025-7424
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month ago
Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes

A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.

rhcos
libxslt

pkgs.libxslt

C library and tools to do XSL transformations

pkgs.python312Packages.libxslt

C library and tools to do XSL transformations

pkgs.python313Packages.libxslt

C library and tools to do XSL transformations
Package maintainers: 1