Nixpkgs Security Tracker

Untriaged

Permalink CVE-2024-9432

created 1 month, 3 weeks ago

Cleartext Storage of Sensitive Information vulnerability has been discovered in OpenText™ Vertica.

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X.

References

https://portal.microfocus.com/s/article/KM000044937?language=en_US

Affected products

Vertica

==25.x
==24.x
==23.x

Matching in nixpkgs

pkgs.python312Packages.vertica-python

Native Python client for Vertica database

nixos-unstable 1.4.0
- nixpkgs-unstable 1.4.0
- nixos-unstable-small 1.4.0

pkgs.python313Packages.vertica-python

Native Python client for Vertica database

nixos-unstable 1.4.0
- nixpkgs-unstable 1.4.0
- nixos-unstable-small 1.4.0

pkgs.gnomeExtensions.vertical-workspaces

V-Shell is designed to enhance and customize the user experience by providing flexible workspace orientations and a variety of interface adjustments, including application grid customization and productivity improvements.

nixos-unstable 100
- nixpkgs-unstable 100
- nixos-unstable-small 100

pkgs.gnomeExtensions.vertical-window-list

Displays opened windows in vertical panel with productivity perks

nixos-unstable 15
- nixpkgs-unstable 15
- nixos-unstable-small 15

pkgs.obs-studio-plugins.obs-vertical-canvas

Plugin for OBS Studio to add vertical canvas

nixos-unstable 1.4.10
- nixpkgs-unstable 1.4.10
- nixos-unstable-small 1.4.10

pkgs.kakounePlugins.kakoune-vertical-selection

None

nixos-unstable 2023-04-20
- nixpkgs-unstable 2023-04-20
- nixos-unstable-small 2023-04-20

Package maintainers

@honnip Jung seungwoo <me@honnip.page>
@flexiondotorg Martin Wimpress <martin@wimpress.org>
@arnoldfarkas Arnold Farkas <arnold.farkas@gmail.com>

Untriaged

Permalink CVE-2024-32545

7.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

WordPress Canva – Design beautiful blog graphics plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Canva Canva – Design beautiful blog graphics allows Reflected XSS.This issue affects Canva – Design beautiful blog graphics: from n/a through 1.2.4.