Nixpkgs security tracker
NIXPKGS-2026-1879
GitHub issue
published 6 hours ago
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds …
Permalink
CVE-2026-50593
7.3 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): Low (L)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
8 packages
- graphite
- graphite-cursors
- graphite-gtk-theme
- prometheus-graphite-exporter
- python314Packages.graphite-web
- python313Packages.graphite-web
- haskellPackages.graphite
- graphite-cli
- @LeSuisse accepted
- @LeSuisse published on GitHub
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds …
Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range.
References
Affected products
Graphite
- <1.3.15
Matching in nixpkgs
Ignored packages (8)
pkgs.graphite
Open source vector graphics editor and procedural design engine
-
nixos-unstable 0-unstable-2026-05-02
- nixpkgs-unstable 0-unstable-2026-05-02
- nixos-unstable-small 0-unstable-2026-05-02
-
nixos-26.05 0-unstable-2026-05-02
- nixos-26.05-small 0-unstable-2026-05-02
- nixpkgs-26.05-darwin 0-unstable-2026-05-02
pkgs.graphite-cli
CLI that makes creating stacked git changes fast & intuitive
pkgs.graphite-cursors
Graphite cursor theme
-
nixos-unstable 2021-11-26
- nixpkgs-unstable 2021-11-26
- nixos-unstable-small 2021-11-26
-
nixos-26.05 2021-11-26
- nixos-26.05-small 2021-11-26
- nixpkgs-26.05-darwin 2021-11-26
pkgs.graphite-gtk-theme
Flat Gtk+ theme based on Elegant Design
-
nixos-unstable 2025-07-06
- nixpkgs-unstable 2025-07-06
- nixos-unstable-small 2025-07-06
-
nixos-26.05 2025-07-06
- nixos-26.05-small 2025-07-06
- nixpkgs-26.05-darwin 2025-07-06
pkgs.haskellPackages.graphite
Graphs and networks library
pkgs.prometheus-graphite-exporter
Exporter for metrics exported in the Graphite plaintext protocol
pkgs.python313Packages.graphite-web
Enterprise scalable realtime graphing
-
nixos-unstable 1.1.10-unstable-2025-02-24
- nixpkgs-unstable 1.1.10-unstable-2025-02-24
- nixos-unstable-small 1.1.10-unstable-2025-02-24
-
nixos-26.05 1.1.10-unstable-2025-02-24
- nixos-26.05-small 1.1.10-unstable-2025-02-24
- nixpkgs-26.05-darwin 1.1.10-unstable-2025-02-24
pkgs.python314Packages.graphite-web
Enterprise scalable realtime graphing
-
nixos-unstable 1.1.10-unstable-2025-02-24
- nixpkgs-unstable 1.1.10-unstable-2025-02-24
- nixos-unstable-small 1.1.10-unstable-2025-02-24
-
nixos-26.05 1.1.10-unstable-2025-02-24
- nixos-26.05-small 1.1.10-unstable-2025-02-24
- nixpkgs-26.05-darwin 1.1.10-unstable-2025-02-24
Package maintainers
-
@7c6f434c Michael Raskin <7c6f434c@mail.ru>