Nixpkgs Security Tracker

Login with GitHub

Suggestions search

Untriaged
Filter by:
With package: nanovna-saver

Found 4 matching suggestions

Permalink CVE-2025-0650
created 5 months ago
Ovn: egress acls may be bypassed via specially crafted udp packet

A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.

Affected products

ovn
  • ==24.03.5
  • ==24.09.2
  • ==22.03.8
ovn2.11
ovn2.12
ovn2.13
ovn-2021
ovn22.03
  • *
ovn22.06
  • *
ovn22.09
  • *
ovn22.12
  • *
ovn23.03
  • *
ovn23.06
  • *
ovn23.09
  • *
ovn24.03
  • *
ovn24.09
  • *

Matching in nixpkgs

pkgs.ovn

Open Virtual Network

pkgs.novnc

VNC client web application

  • nixos-unstable -

pkgs.turbovnc

High-speed version of VNC derived from TightVNC

  • nixos-unstable -

pkgs.nanovna-saver

Tool for reading, displaying and saving data from the NanoVNA

  • nixos-unstable -

Package maintainers

Permalink CVE-2023-3153
created 5 months ago
Service monitor mac flow is not rate limited

A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.

Affected products

ovn
  • ==23.03.1
  • ==22.03.3
  • ==23.06.1
  • ==22.12.1
  • ==22.09.2
ovn2.11
ovn2.12
ovn2.13
ovn-2021
ovn21.09
ovn21.12
ovn22.03
ovn22.06
ovn22.09
ovn22.12
ovn23.03

Matching in nixpkgs

pkgs.ovn

Open Virtual Network

pkgs.novnc

VNC client web application

  • nixos-unstable -

pkgs.turbovnc

High-speed version of VNC derived from TightVNC

  • nixos-unstable -

pkgs.nanovna-saver

Tool for reading, displaying and saving data from the NanoVNA

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-5742
created 5 months ago
Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.

Affected products

nano
  • *

Matching in nixpkgs

pkgs.nano

Small, user-friendly console text editor

  • nixos-unstable -

pkgs.nanomq

Ultra-lightweight and blazing-fast MQTT broker for IoT edge

  • nixos-unstable -

pkgs.nanopb

Protocol Buffers with small code size

pkgs.nanorc

Improved Nano Syntax Highlighting Files

pkgs.nanodbc

Small C++ wrapper for the native C ODBC API

  • nixos-unstable -

pkgs.nanomsg

Socket library that provides several common communication patterns

  • nixos-unstable -

pkgs.nanotts

Speech synthesizer commandline utility that improves pico2wave, included with SVOX PicoTTS

pkgs.nanobench

Simple, fast, accurate single-header microbenchmarking functionality for C++11/14/17/20

  • nixos-unstable -

pkgs.nanoemoji

Wee tool to build color fonts

  • nixos-unstable -

pkgs.nanoflann

Header only C++ library for approximate nearest neighbor search

  • nixos-unstable -

pkgs.fusee-nano

Minimalist re-implementation of the Fusée Gelée exploit

pkgs.nano-wallet

Wallet for Nano cryptocurrency

  • nixos-unstable -

pkgs.nanovna-saver

Tool for reading, displaying and saving data from the NanoVNA

  • nixos-unstable -

pkgs.nanoboyadvance

Cycle-accurate Nintendo Game Boy Advance emulator

  • nixos-unstable -

pkgs.python312Packages.pynanoleaf

Python3 wrapper for the Nanoleaf API, capable of controlling both Nanoleaf Aurora and Nanoleaf Canvas

  • nixos-unstable -

pkgs.python313Packages.pynanoleaf

Python3 wrapper for the Nanoleaf API, capable of controlling both Nanoleaf Aurora and Nanoleaf Canvas

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-2182
created 5 months ago
Ovn: insufficient validation of bfd packets may lead to denial of service

A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service.

Affected products

ovn
  • ==22.03.7
  • *
  • ==24.03.1
  • ==23.06.3
  • ==23.09.3
  • ==23.03.3
ovn2.11
ovn2.12
ovn2.13
ovn-2021
  • *
ovn22.03
  • *
ovn22.06
ovn22.09
ovn22.12
  • *
ovn23.03
  • *
ovn23.06
  • *
ovn23.09
  • *

Matching in nixpkgs

pkgs.ovn

Open Virtual Network

pkgs.novnc

VNC client web application

  • nixos-unstable -

pkgs.turbovnc

High-speed version of VNC derived from TightVNC

  • nixos-unstable -

pkgs.nanovna-saver

Tool for reading, displaying and saving data from the NanoVNA

  • nixos-unstable -

Package maintainers