Suggestions search

All statuses

Filter by:

With package: lobster

Found 2 matching suggestions

Published

(browse all)

Permalink CVE-2026-2259

updated 1 day, 1 hour ago by @LeSuisse Activity log

Created automatic suggestion 1 day, 6 hours ago
@LeSuisse accepted 1 day, 2 hours ago
@LeSuisse published on GitHub 1 day, 1 hour ago

aardappel lobster Parsing parser.h ParseStatements memory corruption

A vulnerability has been found in aardappel lobster up to 2025.4. Affected by this issue is the function lobster::Parser::ParseStatements in the library dev/src/lobster/parser.h of the component Parsing. The manipulation leads to memory corruption. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The identifier of the patch is 2f45fe860d00990e79e13250251c1dde633f1f89. Applying a patch is the recommended action to fix this issue.

Affected products

lobster

==2025.4
==2025.3
==2025.2
==2025.0
==2025.1

Matching in nixpkgs

pkgs.lobster

Lobster programming language

nixos-unstable 2025.3
- nixpkgs-unstable 2025.3
- nixos-unstable-small 2025.3
nixos-25.11 2025.3
- nixos-25.11-small 2025.3
- nixpkgs-25.11-darwin 2025.3

Package maintainers

@fgaz Francesco Gazzetta <fgaz@fgaz.me>

Upstream patch: https://github.com/aardappel/lobster/commit/2f45fe860d00990e79e13250251c1dde633f1f89

Published

(browse all)

Permalink CVE-2026-2258

updated 1 day, 1 hour ago by @LeSuisse Activity log

Created automatic suggestion 1 day, 6 hours ago
@LeSuisse accepted 1 day, 2 hours ago
@LeSuisse published on GitHub 1 day, 1 hour ago

aardappel lobster wfc.h WaveFunctionCollapse memory corruption

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and may be used. This patch is called c2047a33e1ac2c42ab7e8704b33f7ea518a11ffd. It is advisable to implement a patch to correct this issue.

Affected products

lobster

==2025.4
==2025.3
==2025.0
==2025.2
==2025.1

Matching in nixpkgs

pkgs.lobster

Lobster programming language

nixos-unstable 2025.3
- nixpkgs-unstable 2025.3
- nixos-unstable-small 2025.3
nixos-25.11 2025.3
- nixos-25.11-small 2025.3
- nixpkgs-25.11-darwin 2025.3

Package maintainers

@fgaz Francesco Gazzetta <fgaz@fgaz.me>

Upstream patch: https://github.com/aardappel/lobster/commit/c2047a33e1ac2c42ab7e8704b33f7ea518a11ffd
Upstream issue: https://github.com/aardappel/lobster/issues/395