Dismissed suggestions Untriaged suggestions Draft issues Published issues Automatically generated suggestions Create Draft to queue a suggestion for refinement. Dismiss to remove a suggestion from the queue. CVE-2025-32911 9.0 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 month ago Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 CVE-2024-2182 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 month ago Ovn: insufficient validation of bfd packets may lead to denial of service A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service. ovn * ovn2.11 ovn2.12 ovn2.13 ovn-2021 * ovn22.03 * ovn22.06 ovn22.09 ovn22.12 * ovn23.03 * ovn23.06 * ovn23.09 * pkgs.ovn Open Virtual Network nixos-24.11 24.09.1 nixpkgs-24.11-darwin 24.09.1 nixos-24.11-small 24.09.1 nixos-unstable 24.09.1 nixos-unstable-small 24.09.1 nixpkgs-unstable 24.09.1 pkgs.novnc VNC client web application nixos-24.05 1.4.0 nixpkgs-24.05-darwin 1.4.0 nixos-24.05-small 1.4.0 nixos-24.11 1.5.0 nixpkgs-24.11-darwin 1.5.0 nixos-24.11-small 1.5.0 nixos-unstable 1.5.0 nixos-unstable-small 1.5.0 nixpkgs-unstable 1.5.0 pkgs.ovn-lts Open Virtual Network nixos-24.05 24.03.2 nixpkgs-24.05-darwin 24.03.2 nixos-24.05-small 24.03.2 pkgs.turbovnc High-speed version of VNC derived from TightVNC nixos-24.05 3.1 nixpkgs-24.05-darwin 3.1 nixos-24.05-small 3.1 nixos-24.11 3.1.2 nixpkgs-24.11-darwin 3.1.2 nixos-24.11-small 3.1.2 nixos-unstable 3.1.3 nixos-unstable-small 3.1.3 nixpkgs-unstable 3.1.3 pkgs.nanovna-saver A tool for reading, displaying and saving data from the NanoVNA nixos-24.05 0.6.3 nixpkgs-24.05-darwin 0.6.3 nixos-24.05-small 0.6.3 nixos-24.11 0.6.4 nixpkgs-24.11-darwin 0.6.4 nixos-24.11-small 0.6.4 nixos-unstable 0.6.5 nixos-unstable-small 0.6.5 nixpkgs-unstable 0.6.5 pkgs.python311Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0 nixos-24.11 0.6.0 nixpkgs-24.11-darwin 0.6.0 nixos-24.11-small 0.6.0 nixos-unstable 0.6.0 nixos-unstable-small 0.6.0 nixpkgs-unstable 0.6.0 pkgs.python312Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0 CVE-2025-3576 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): NONE created 1 month ago Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. krb5 rhcos aap-cloud-metrics-collector-container ansible-automation-platform-24/ee-minimal-rhel9 ansible-automation-platform-24/ee-supported-rhel8 ansible-automation-platform-25/ansible-builder-rhel8 ansible-automation-platform-24/platform-resource-runner-rhel8 pkgs.krb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.libkrb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.pam_krb5 PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC nixos-24.05 krb5-4.11 nixpkgs-24.05-darwin krb5-4.11 nixos-24.05-small krb5-4.11 nixos-24.11 krb5-4.11 nixpkgs-24.11-darwin krb5-4.11 nixos-24.11-small krb5-4.11 nixos-unstable krb5-4.11 nixos-unstable-small krb5-4.11 nixpkgs-unstable krb5-4.11 pkgs.python311Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 pkgs.python312Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 CVE-2025-32909 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): LOW created 1 month, 1 week ago Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 CVE-2023-52356 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 month, 1 week ago Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. iv tkimg libtiff * <4.6.0 mingw-libtiff compat-libtiff3 pkgs.libtiff Library and utilities for working with the TIFF image file format nixos-24.05 4.6.0 nixpkgs-24.05-darwin 4.6.0 nixos-24.05-small 4.6.0 nixos-24.11 4.7.0 nixpkgs-24.11-darwin 4.7.0 nixos-24.11-small 4.7.0 nixos-unstable 4.7.0 nixos-unstable-small 4.7.0 nixpkgs-unstable 4.7.0 pkgs.libtiff_t Library and utilities for working with the TIFF image file format (fork containing tools dropped in original libtiff version) nixos-24.05 4.6.0t nixpkgs-24.05-darwin 4.6.0t nixos-24.05-small 4.6.0t CVE-2025-32914 7.4 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): HIGH created 1 month, 1 week ago Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 CVE-2025-31344 7.3 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): HIGH created 1 month, 1 week ago The giflib open-source component has a buffer overflow vulnerability Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2. giflib =<5.2.2 pkgs.giflib A library for reading and writing gif images nixos-24.05 5.2.2 nixpkgs-24.05-darwin 5.2.2 nixos-24.05-small 5.2.2 nixos-24.11 5.2.2 nixpkgs-24.11-darwin 5.2.2 nixos-24.11-small 5.2.2 nixos-unstable 5.2.2 nixos-unstable-small 5.2.2 nixpkgs-unstable 5.2.2 CVE-2020-27792 7.1 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): HIGH created 1 month, 1 week ago Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service. ghostscript pkgs.ghostscriptX PostScript interpreter (mainline version) nixos-24.05 10.04.0 nixpkgs-24.05-darwin 10.04.0 nixos-24.05-small 10.04.0 nixos-24.11 10.04.0 nixpkgs-24.11-darwin 10.04.0 nixos-24.11-small 10.04.0 nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0 pkgs.ghostscript_headless PostScript interpreter (mainline version) nixos-24.05 10.04.0 nixpkgs-24.05-darwin 10.04.0 nixos-24.05-small 10.04.0 nixos-24.11 10.04.0 nixpkgs-24.11-darwin 10.04.0 nixos-24.11-small 10.04.0 nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0 pkgs.haskellPackages.ghostscript-parallel Let Ghostscript render pages in parallel nixos-24.05 0.0.1 nixpkgs-24.05-darwin 0.0.1 nixos-24.05-small 0.0.1 nixos-24.11 0.0.1 nixpkgs-24.11-darwin 0.0.1 nixos-24.11-small 0.0.1 nixos-unstable 0.0.1 nixos-unstable-small 0.0.1 nixpkgs-unstable 0.0.1 CVE-2025-32906 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 month, 1 week ago Libsoup: out of bounds reads in soup_headers_parse_request() A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4 CVE-2025-32908 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 month, 1 week ago Libsoup: denial of service on libsoup through http/2 server A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS). libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2025-32911 9.0 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 1 month ago Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2024-2182 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 month ago Ovn: insufficient validation of bfd packets may lead to denial of service A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service. ovn * ovn2.11 ovn2.12 ovn2.13 ovn-2021 * ovn22.03 * ovn22.06 ovn22.09 ovn22.12 * ovn23.03 * ovn23.06 * ovn23.09 * pkgs.ovn Open Virtual Network nixos-24.11 24.09.1 nixpkgs-24.11-darwin 24.09.1 nixos-24.11-small 24.09.1 nixos-unstable 24.09.1 nixos-unstable-small 24.09.1 nixpkgs-unstable 24.09.1 pkgs.novnc VNC client web application nixos-24.05 1.4.0 nixpkgs-24.05-darwin 1.4.0 nixos-24.05-small 1.4.0 nixos-24.11 1.5.0 nixpkgs-24.11-darwin 1.5.0 nixos-24.11-small 1.5.0 nixos-unstable 1.5.0 nixos-unstable-small 1.5.0 nixpkgs-unstable 1.5.0 pkgs.ovn-lts Open Virtual Network nixos-24.05 24.03.2 nixpkgs-24.05-darwin 24.03.2 nixos-24.05-small 24.03.2 pkgs.turbovnc High-speed version of VNC derived from TightVNC nixos-24.05 3.1 nixpkgs-24.05-darwin 3.1 nixos-24.05-small 3.1 nixos-24.11 3.1.2 nixpkgs-24.11-darwin 3.1.2 nixos-24.11-small 3.1.2 nixos-unstable 3.1.3 nixos-unstable-small 3.1.3 nixpkgs-unstable 3.1.3 pkgs.nanovna-saver A tool for reading, displaying and saving data from the NanoVNA nixos-24.05 0.6.3 nixpkgs-24.05-darwin 0.6.3 nixos-24.05-small 0.6.3 nixos-24.11 0.6.4 nixpkgs-24.11-darwin 0.6.4 nixos-24.11-small 0.6.4 nixos-unstable 0.6.5 nixos-unstable-small 0.6.5 nixpkgs-unstable 0.6.5 pkgs.python311Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0 nixos-24.11 0.6.0 nixpkgs-24.11-darwin 0.6.0 nixos-24.11-small 0.6.0 nixos-unstable 0.6.0 nixos-unstable-small 0.6.0 nixpkgs-unstable 0.6.0 pkgs.python312Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0
pkgs.ovn Open Virtual Network nixos-24.11 24.09.1 nixpkgs-24.11-darwin 24.09.1 nixos-24.11-small 24.09.1 nixos-unstable 24.09.1 nixos-unstable-small 24.09.1 nixpkgs-unstable 24.09.1
pkgs.novnc VNC client web application nixos-24.05 1.4.0 nixpkgs-24.05-darwin 1.4.0 nixos-24.05-small 1.4.0 nixos-24.11 1.5.0 nixpkgs-24.11-darwin 1.5.0 nixos-24.11-small 1.5.0 nixos-unstable 1.5.0 nixos-unstable-small 1.5.0 nixpkgs-unstable 1.5.0
pkgs.ovn-lts Open Virtual Network nixos-24.05 24.03.2 nixpkgs-24.05-darwin 24.03.2 nixos-24.05-small 24.03.2
pkgs.turbovnc High-speed version of VNC derived from TightVNC nixos-24.05 3.1 nixpkgs-24.05-darwin 3.1 nixos-24.05-small 3.1 nixos-24.11 3.1.2 nixpkgs-24.11-darwin 3.1.2 nixos-24.11-small 3.1.2 nixos-unstable 3.1.3 nixos-unstable-small 3.1.3 nixpkgs-unstable 3.1.3
pkgs.nanovna-saver A tool for reading, displaying and saving data from the NanoVNA nixos-24.05 0.6.3 nixpkgs-24.05-darwin 0.6.3 nixos-24.05-small 0.6.3 nixos-24.11 0.6.4 nixpkgs-24.11-darwin 0.6.4 nixos-24.11-small 0.6.4 nixos-unstable 0.6.5 nixos-unstable-small 0.6.5 nixpkgs-unstable 0.6.5
pkgs.python311Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0 nixos-24.11 0.6.0 nixpkgs-24.11-darwin 0.6.0 nixos-24.11-small 0.6.0 nixos-unstable 0.6.0 nixos-unstable-small 0.6.0 nixpkgs-unstable 0.6.0
pkgs.python312Packages.slovnet Deep-learning based NLP modeling for Russian language nixos-24.05 0.6.0 nixpkgs-24.05-darwin 0.6.0 nixos-24.05-small 0.6.0
CVE-2025-3576 5.9 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): NONE created 1 month ago Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. krb5 rhcos aap-cloud-metrics-collector-container ansible-automation-platform-24/ee-minimal-rhel9 ansible-automation-platform-24/ee-supported-rhel8 ansible-automation-platform-25/ansible-builder-rhel8 ansible-automation-platform-24/platform-resource-runner-rhel8 pkgs.krb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.libkrb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3 pkgs.pam_krb5 PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC nixos-24.05 krb5-4.11 nixpkgs-24.05-darwin krb5-4.11 nixos-24.05-small krb5-4.11 nixos-24.11 krb5-4.11 nixpkgs-24.11-darwin krb5-4.11 nixos-24.11-small krb5-4.11 nixos-unstable krb5-4.11 nixos-unstable-small krb5-4.11 nixpkgs-unstable krb5-4.11 pkgs.python311Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0 pkgs.python312Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0
pkgs.krb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3
pkgs.libkrb5 MIT Kerberos 5 nixos-24.05 1.21.3 nixpkgs-24.05-darwin 1.21.3 nixos-24.05-small 1.21.3 nixos-24.11 1.21.3 nixpkgs-24.11-darwin 1.21.3 nixos-24.11-small 1.21.3 nixos-unstable 1.21.3 nixos-unstable-small 1.21.3 nixpkgs-unstable 1.21.3
pkgs.pam_krb5 PAM module allowing PAM-aware applications to authenticate users by performing an AS exchange with a Kerberos KDC nixos-24.05 krb5-4.11 nixpkgs-24.05-darwin krb5-4.11 nixos-24.05-small krb5-4.11 nixos-24.11 krb5-4.11 nixpkgs-24.11-darwin krb5-4.11 nixos-24.11-small krb5-4.11 nixos-unstable krb5-4.11 nixos-unstable-small krb5-4.11 nixpkgs-unstable krb5-4.11
pkgs.python311Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0
pkgs.python312Packages.krb5 Kerberos API bindings for Python nixos-24.11 krb5-0.7.0 nixpkgs-24.11-darwin krb5-0.7.0 nixos-24.11-small krb5-0.7.0 nixos-unstable krb5-0.7.0 nixos-unstable-small krb5-0.7.0 nixpkgs-unstable krb5-0.7.0
CVE-2025-32909 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): LOW created 1 month, 1 week ago Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2023-52356 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 month, 1 week ago Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. iv tkimg libtiff * <4.6.0 mingw-libtiff compat-libtiff3 pkgs.libtiff Library and utilities for working with the TIFF image file format nixos-24.05 4.6.0 nixpkgs-24.05-darwin 4.6.0 nixos-24.05-small 4.6.0 nixos-24.11 4.7.0 nixpkgs-24.11-darwin 4.7.0 nixos-24.11-small 4.7.0 nixos-unstable 4.7.0 nixos-unstable-small 4.7.0 nixpkgs-unstable 4.7.0 pkgs.libtiff_t Library and utilities for working with the TIFF image file format (fork containing tools dropped in original libtiff version) nixos-24.05 4.6.0t nixpkgs-24.05-darwin 4.6.0t nixos-24.05-small 4.6.0t
pkgs.libtiff Library and utilities for working with the TIFF image file format nixos-24.05 4.6.0 nixpkgs-24.05-darwin 4.6.0 nixos-24.05-small 4.6.0 nixos-24.11 4.7.0 nixpkgs-24.11-darwin 4.7.0 nixos-24.11-small 4.7.0 nixos-unstable 4.7.0 nixos-unstable-small 4.7.0 nixpkgs-unstable 4.7.0
pkgs.libtiff_t Library and utilities for working with the TIFF image file format (fork containing tools dropped in original libtiff version) nixos-24.05 4.6.0t nixpkgs-24.05-darwin 4.6.0t nixos-24.05-small 4.6.0t
CVE-2025-32914 7.4 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): HIGH created 1 month, 1 week ago Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2025-31344 7.3 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): HIGH created 1 month, 1 week ago The giflib open-source component has a buffer overflow vulnerability Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2. giflib =<5.2.2 pkgs.giflib A library for reading and writing gif images nixos-24.05 5.2.2 nixpkgs-24.05-darwin 5.2.2 nixos-24.05-small 5.2.2 nixos-24.11 5.2.2 nixpkgs-24.11-darwin 5.2.2 nixos-24.11-small 5.2.2 nixos-unstable 5.2.2 nixos-unstable-small 5.2.2 nixpkgs-unstable 5.2.2
pkgs.giflib A library for reading and writing gif images nixos-24.05 5.2.2 nixpkgs-24.05-darwin 5.2.2 nixos-24.05-small 5.2.2 nixos-24.11 5.2.2 nixpkgs-24.11-darwin 5.2.2 nixos-24.11-small 5.2.2 nixos-unstable 5.2.2 nixos-unstable-small 5.2.2 nixpkgs-unstable 5.2.2
CVE-2020-27792 7.1 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): HIGH Availability impact (A): HIGH created 1 month, 1 week ago Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service. ghostscript pkgs.ghostscriptX PostScript interpreter (mainline version) nixos-24.05 10.04.0 nixpkgs-24.05-darwin 10.04.0 nixos-24.05-small 10.04.0 nixos-24.11 10.04.0 nixpkgs-24.11-darwin 10.04.0 nixos-24.11-small 10.04.0 nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0 pkgs.ghostscript_headless PostScript interpreter (mainline version) nixos-24.05 10.04.0 nixpkgs-24.05-darwin 10.04.0 nixos-24.05-small 10.04.0 nixos-24.11 10.04.0 nixpkgs-24.11-darwin 10.04.0 nixos-24.11-small 10.04.0 nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0 pkgs.haskellPackages.ghostscript-parallel Let Ghostscript render pages in parallel nixos-24.05 0.0.1 nixpkgs-24.05-darwin 0.0.1 nixos-24.05-small 0.0.1 nixos-24.11 0.0.1 nixpkgs-24.11-darwin 0.0.1 nixos-24.11-small 0.0.1 nixos-unstable 0.0.1 nixos-unstable-small 0.0.1 nixpkgs-unstable 0.0.1
pkgs.ghostscriptX PostScript interpreter (mainline version) nixos-24.05 10.04.0 nixpkgs-24.05-darwin 10.04.0 nixos-24.05-small 10.04.0 nixos-24.11 10.04.0 nixpkgs-24.11-darwin 10.04.0 nixos-24.11-small 10.04.0 nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0
pkgs.ghostscript_headless PostScript interpreter (mainline version) nixos-24.05 10.04.0 nixpkgs-24.05-darwin 10.04.0 nixos-24.05-small 10.04.0 nixos-24.11 10.04.0 nixpkgs-24.11-darwin 10.04.0 nixos-24.11-small 10.04.0 nixos-unstable 10.04.0 nixos-unstable-small 10.04.0 nixpkgs-unstable 10.04.0
pkgs.haskellPackages.ghostscript-parallel Let Ghostscript render pages in parallel nixos-24.05 0.0.1 nixpkgs-24.05-darwin 0.0.1 nixos-24.05-small 0.0.1 nixos-24.11 0.0.1 nixpkgs-24.11-darwin 0.0.1 nixos-24.11-small 0.0.1 nixos-unstable 0.0.1 nixos-unstable-small 0.0.1 nixpkgs-unstable 0.0.1
CVE-2025-32906 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 month, 1 week ago Libsoup: out of bounds reads in soup_headers_parse_request() A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
CVE-2025-32908 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 1 month, 1 week ago Libsoup: denial of service on libsoup through http/2 server A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS). libsoup pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0 pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3 pkgs.gnome.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3 pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4
pkgs.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.libsoup_3 HTTP client/server library for GNOME nixos-24.05 3.4.4 nixpkgs-24.05-darwin 3.4.4 nixos-24.05-small 3.4.4 nixos-24.11 3.6.0 nixpkgs-24.11-darwin 3.6.0 nixos-24.11-small 3.6.0 nixos-unstable 3.6.0 nixos-unstable-small 3.6.0 nixpkgs-unstable 3.6.0
pkgs.libsoup_2_4 HTTP client/server library for GNOME nixos-unstable 2.74.3 nixos-unstable-small 2.74.3 nixpkgs-unstable 2.74.3
pkgs.gnome2.libsoup HTTP client/server library for GNOME nixos-24.05 2.74.3 nixpkgs-24.05-darwin 2.74.3 nixos-24.05-small 2.74.3 nixos-24.11 2.74.3 nixpkgs-24.11-darwin 2.74.3 nixos-24.11-small 2.74.3
pkgs.tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4 nixos-24.05 2.4 nixpkgs-24.05-darwin 2.4 nixos-24.05-small 2.4 nixos-24.11 2.4 nixpkgs-24.11-darwin 2.4 nixos-24.11-small 2.4 nixos-unstable 2.4 nixos-unstable-small 2.4 nixpkgs-unstable 2.4