NIXPKGS-2026-0872

GitHub issue published on

Permalink CVE-2025-66037

3.9 LOW

CVSS version: 3.1
Attack vector (AV): PHYSICAL
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

updated 1 month ago by @mweinelt Activity log

Created suggestion 1 month ago
@mweinelt ignored
11 packages
- openscad
- openscap
- openscreen
- openscad-lsp
- openscenegraph
- openscad-unstable
- kakounePlugins.openscad-kak
- vscode-extensions.antyos.openscad
- tree-sitter-grammars.tree-sitter-openscad
- python313Packages.tree-sitter-grammars.tree-sitter-openscad
- python314Packages.tree-sitter-grammars.tree-sitter-openscad
1 month ago
@mweinelt accepted 1 month ago
@mweinelt published on GitHub 1 month ago

OpenSC: Out of Bounds vulnerability

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzz_pkcs15_reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, sc_pkcs15_pubkey_from_spki_fields() allocates a zero-length buffer and then reads one byte past the end of that allocation. This issue has been patched in version 0.27.0.

References

https://github.com/OpenSC/OpenSC/security/advisories/GHSA-m58q-rmjm-mmfx x_refsource_CONFIRM
https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66037 x_refsource_MISC

Affected products

OpenSC

==< 0.27.0

Matching in nixpkgs

pkgs.opensc

Set of libraries and utilities to access smart cards

nixos-unstable 0.26.1
- nixpkgs-unstable 0.26.1
- nixos-unstable-small 0.26.1
nixos-25.11 0.26.1
- nixos-25.11-small 0.26.1
- nixpkgs-25.11-darwin 0.26.1

Ignored packages (11)

pkgs.openscad

3D parametric model compiler

nixos-unstable 2021.01
- nixpkgs-unstable 2021.01
- nixos-unstable-small 2021.01
nixos-25.11 2021.01
- nixos-25.11-small 2021.01
- nixpkgs-25.11-darwin 2021.01

pkgs.openscap

NIST Certified SCAP 1.2 toolkit

nixos-unstable 1.4.2
- nixpkgs-unstable 1.4.2
- nixos-unstable-small 1.4.2
nixos-25.11 1.4.2
- nixos-25.11-small 1.4.2
- nixpkgs-25.11-darwin 1.4.2

pkgs.openscreen

Free, open-source alternative to Screen Studio (sort of)

nixos-unstable 1.2.0
- nixpkgs-unstable 1.2.0
- nixos-unstable-small 1.2.0

pkgs.openscad-lsp

LSP (Language Server Protocol) server for OpenSCAD

nixos-unstable 2.0.1
- nixpkgs-unstable 2.0.1
- nixos-unstable-small 2.0.1
nixos-25.11 2.0.1
- nixos-25.11-small 2.0.1
- nixpkgs-25.11-darwin 2.0.1

pkgs.openscenegraph

3D graphics toolkit

nixos-unstable 3.6.5
- nixpkgs-unstable 3.6.5
- nixos-unstable-small 3.6.5
nixos-25.11 3.6.5
- nixos-25.11-small 3.6.5
- nixpkgs-25.11-darwin 3.6.5

pkgs.openscad-unstable

3D parametric model compiler (unstable)

nixos-unstable 2021.01-unstable-2026-02-25
- nixpkgs-unstable 2021.01-unstable-2026-02-25
- nixos-unstable-small 2021.01-unstable-2026-02-25
nixos-25.11 2021.01-unstable-2025-10-27
- nixos-25.11-small 2021.01-unstable-2025-10-27
- nixpkgs-25.11-darwin 2021.01-unstable-2025-10-27

pkgs.kakounePlugins.openscad-kak

None

nixos-unstable 2020-12-10
- nixpkgs-unstable 2020-12-10
- nixos-unstable-small 2020-12-10
nixos-25.11 2020-12-10
- nixos-25.11-small 2020-12-10
- nixpkgs-25.11-darwin 2020-12-10

pkgs.vscode-extensions.antyos.openscad

OpenSCAD highlighting, snippets, and more for VSCode

nixos-unstable 1.3.2
- nixpkgs-unstable 1.3.2
- nixos-unstable-small 1.3.2
nixos-25.11 1.3.2
- nixos-25.11-small 1.3.2
- nixpkgs-25.11-darwin 1.3.2

pkgs.tree-sitter-grammars.tree-sitter-openscad

Tree-sitter grammar for openscad

nixos-unstable 0.7.0-unstable-2025-11-25
- nixpkgs-unstable 0.7.0-unstable-2025-11-25
- nixos-unstable-small 0.7.0-unstable-2025-11-25

pkgs.python313Packages.tree-sitter-grammars.tree-sitter-openscad

Python bindings for tree-sitter-openscad

nixos-unstable 0.7.0+unstable20251125
- nixpkgs-unstable 0.7.0+unstable20251125
- nixos-unstable-small 0.7.0+unstable20251125

pkgs.python314Packages.tree-sitter-grammars.tree-sitter-openscad