Nixpkgs security tracker
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
20 packages
- fleetctl
- fleeting-plugin-aws
- azure-cli-extensions.fleet
- python312Packages.tesla-fleet-api
- python313Packages.tesla-fleet-api
- python314Packages.tesla-fleet-api
- haskellPackages.amazonka-iotfleethub
- haskellPackages.amazonka-iotfleetwise
- python312Packages.mypy-boto3-iotfleethub
- python313Packages.mypy-boto3-iotfleethub
- python314Packages.mypy-boto3-iotfleethub
- python312Packages.mypy-boto3-iotfleetwise
- python313Packages.mypy-boto3-iotfleetwise
- python314Packages.mypy-boto3-iotfleetwise
- home-assistant-component-tests.tesla_fleet
- python312Packages.types-aiobotocore-iotfleethub
- python313Packages.types-aiobotocore-iotfleethub
- python312Packages.types-aiobotocore-iotfleetwise
- python313Packages.types-aiobotocore-iotfleetwise
- tests.home-assistant-component-tests.tesla_fleet
- @LeSuisse accepted
- @LeSuisse published on GitHub
Fleet's Apple MDM profile delivery has second-order SQL injection that can compromise the database
Fleet is open source device management software. Prior to 4.81.0, a second-order SQL injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid MDM enrollment certificate to exfiltrate or modify the contents of the Fleet database, including user credentials, API tokens, and device enrollment secrets. Version 4.81.0 patches the issue.
References
-
https://github.com/fleetdm/fleet/security/advisories/GHSA-v895-833r-8c45 x_refsource_CONFIRM
Affected products
- ==< 4.81.0
Matching in nixpkgs
Ignored packages (20)
pkgs.fleetctl
CLI tool for managing Fleet
pkgs.fleeting-plugin-aws
GitLab fleeting plugin for AWS
pkgs.azure-cli-extensions.fleet
Microsoft Azure Command-Line Tools Fleet Extension
pkgs.python312Packages.tesla-fleet-api
None
pkgs.python313Packages.tesla-fleet-api
Python library for Tesla Fleet API and Teslemetry
pkgs.python314Packages.tesla-fleet-api
Python library for Tesla Fleet API and Teslemetry
pkgs.haskellPackages.amazonka-iotfleethub
Amazon IoT Fleet Hub SDK
-
nixos-unstable 2.0-unstable-2025-04-16
- nixpkgs-unstable 2.0-unstable-2025-04-16
- nixos-unstable-small 2.0-unstable-2025-04-16
pkgs.haskellPackages.amazonka-iotfleetwise
Amazon IoT FleetWise SDK
-
nixos-unstable 2.0-unstable-2025-04-16
- nixpkgs-unstable 2.0-unstable-2025-04-16
- nixos-unstable-small 2.0-unstable-2025-04-16
pkgs.python312Packages.mypy-boto3-iotfleethub
None
pkgs.python313Packages.mypy-boto3-iotfleethub
Type annotations for boto3 iotfleethub
-
nixos-unstable boto3-iotfleethub-1.40.17
- nixpkgs-unstable boto3-iotfleethub-1.40.17
- nixos-unstable-small boto3-iotfleethub-1.40.17
pkgs.python314Packages.mypy-boto3-iotfleethub
Type annotations for boto3 iotfleethub
-
nixos-unstable boto3-iotfleethub-1.40.17
- nixpkgs-unstable boto3-iotfleethub-1.40.17
- nixos-unstable-small boto3-iotfleethub-1.40.17
pkgs.python313Packages.mypy-boto3-iotfleetwise
Type annotations for boto3 iotfleetwise
-
nixos-unstable boto3-iotfleetwise-1.42.3
- nixpkgs-unstable boto3-iotfleetwise-1.42.3
- nixos-unstable-small boto3-iotfleetwise-1.42.3
pkgs.python314Packages.mypy-boto3-iotfleetwise
Type annotations for boto3 iotfleetwise
-
nixos-unstable boto3-iotfleetwise-1.42.3
- nixpkgs-unstable boto3-iotfleetwise-1.42.3
- nixos-unstable-small boto3-iotfleetwise-1.42.3
pkgs.python313Packages.types-aiobotocore-iotfleethub
Type annotations for aiobotocore iotfleethub
pkgs.python313Packages.types-aiobotocore-iotfleetwise
Type annotations for aiobotocore iotfleetwise
pkgs.tests.home-assistant-component-tests.tesla_fleet
Open source home automation that puts local control and privacy first
Package maintainers
-
@asauzeau Antoine Sauzeau <antoine.sauzeau3@gmail.com>
-
@bddvlpr Luna Simons <luna@bddvlpr.com>
-
@LeSuisse Thomas Gerbet <thomas@gerbet.me>