Nixpkgs security tracker
3.8 LOW
- CVSS version: 3.1
- Attack vector (AV): PHYSICAL
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
by @mweinelt Activity log
- Created suggestion
-
@mweinelt
ignored
11 packages
- openscad
- openscap
- openscreen
- openscad-lsp
- openscenegraph
- openscad-unstable
- kakounePlugins.openscad-kak
- vscode-extensions.antyos.openscad
- tree-sitter-grammars.tree-sitter-openscad
- python313Packages.tree-sitter-grammars.tree-sitter-openscad
- python314Packages.tree-sitter-grammars.tree-sitter-openscad
- @mweinelt accepted
- @mweinelt published on GitHub
OpenSC: Stack-buffer-overflow WRITE in card-oberthur
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0.
References
-
https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2 x_refsource_CONFIRM
-
https://github.com/OpenSC/OpenSC/pull/3436 x_refsource_MISC
-
https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215 x_refsource_MISC
Affected products
- ==< 0.27.0
Matching in nixpkgs
Ignored packages (11)
pkgs.openscad
3D parametric model compiler
pkgs.openscap
NIST Certified SCAP 1.2 toolkit
pkgs.openscreen
Free, open-source alternative to Screen Studio (sort of)
pkgs.openscad-lsp
LSP (Language Server Protocol) server for OpenSCAD
pkgs.openscenegraph
3D graphics toolkit
pkgs.openscad-unstable
3D parametric model compiler (unstable)
-
nixos-unstable 2021.01-unstable-2026-02-25
- nixpkgs-unstable 2021.01-unstable-2026-02-25
- nixos-unstable-small 2021.01-unstable-2026-02-25
-
nixos-25.11 2021.01-unstable-2025-10-27
- nixos-25.11-small 2021.01-unstable-2025-10-27
- nixpkgs-25.11-darwin 2021.01-unstable-2025-10-27
pkgs.kakounePlugins.openscad-kak
None
-
nixos-unstable 2020-12-10
- nixpkgs-unstable 2020-12-10
- nixos-unstable-small 2020-12-10
-
nixos-25.11 2020-12-10
- nixos-25.11-small 2020-12-10
- nixpkgs-25.11-darwin 2020-12-10
pkgs.vscode-extensions.antyos.openscad
OpenSCAD highlighting, snippets, and more for VSCode
pkgs.tree-sitter-grammars.tree-sitter-openscad
Tree-sitter grammar for openscad
-
nixos-unstable 0.7.0-unstable-2025-11-25
- nixpkgs-unstable 0.7.0-unstable-2025-11-25
- nixos-unstable-small 0.7.0-unstable-2025-11-25
pkgs.python313Packages.tree-sitter-grammars.tree-sitter-openscad
Python bindings for tree-sitter-openscad
-
nixos-unstable 0.7.0+unstable20251125
- nixpkgs-unstable 0.7.0+unstable20251125
- nixos-unstable-small 0.7.0+unstable20251125
pkgs.python314Packages.tree-sitter-grammars.tree-sitter-openscad
Python bindings for tree-sitter-openscad
-
nixos-unstable 0.7.0+unstable20251125
- nixpkgs-unstable 0.7.0+unstable20251125
- nixos-unstable-small 0.7.0+unstable20251125
Package maintainers
-
@michaeladler Michael Adler <therisen06@gmail.com>