Nixpkgs security tracker

Login with GitHub

Suggestions search

Published

Filter by:

With package: opam

Found 1 matching suggestions

View:

Compact

Detailed

Permalink CVE-2026-41082

7.3 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): High (H)
Availability (A): Low (L)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): Low (L)

updated 4 weeks ago by @LeSuisse Activity log

Created suggestion 4 weeks ago
@LeSuisse ignored
23 packages
- dopamine
- opam2json
- opam-publish
- opam-installer
- ocamlPackages.opam-core
- ocamlPackages.opam-state
- ocamlPackages.opam-client
- ocamlPackages.opam-format
- ocamlPackages.opam-solver
- ocamlPackages.opam-repository
- ocamlPackages.opam-file-format
- ocamlPackages_latest.opam-core
- ocamlPackages_latest.opam-state
- ocamlPackages.opam-0install-cudf
- ocamlPackages_latest.opam-client
- ocamlPackages_latest.opam-format
- ocamlPackages_latest.opam-solver
- ocamlPackages_latest.opam-repository
- ocamlPackages_latest.opam-file-format
- tree-sitter-grammars.tree-sitter-opam
- ocamlPackages_latest.opam-0install-cudf
- python313Packages.tree-sitter-grammars.tree-sitter-opam
- python314Packages.tree-sitter-grammars.tree-sitter-opam
4 weeks ago
@LeSuisse accepted 4 weeks ago
@LeSuisse published on GitHub 4 weeks ago

In OCaml opam before 2.5.1, a .install field containing a …

In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.

References

Affected products

opam

<2.5.1

Matching in nixpkgs

pkgs.opam

Package manager for OCaml

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0
nixos-25.11 2.4.1
- nixos-25.11-small 2.4.1
- nixpkgs-25.11-darwin 2.4.1

Ignored packages (23)

pkgs.dopamine

Audio player that keeps it simple

nixos-unstable 3.0.4
- nixpkgs-unstable 3.0.3
- nixos-unstable-small 3.0.4
nixos-25.11 3.0.0
- nixos-25.11-small 3.0.0
- nixpkgs-25.11-darwin 3.0.0

pkgs.opam2json

Convert opam file syntax to JSON

nixos-unstable 0.4
- nixpkgs-unstable 0.4
- nixos-unstable-small 0.4
nixos-25.11 0.4
- nixos-25.11-small 0.4
- nixpkgs-25.11-darwin 0.4

pkgs.opam-publish

Tool to ease contributions to opam repositories

nixos-unstable 2.7.1
- nixpkgs-unstable 2.7.1
- nixos-unstable-small 2.7.1
nixos-25.11 2.7.0
- nixos-25.11-small 2.7.0
- nixpkgs-25.11-darwin 2.7.0

pkgs.opam-installer

Handle (un)installation from opam install files

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0
nixos-25.11 2.4.1
- nixos-25.11-small 2.4.1
- nixpkgs-25.11-darwin 2.4.1

pkgs.ocamlPackages.opam-core

Small standard library extensions, and generic system interaction modules used by opam

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0
nixos-25.11 2.4.1
- nixos-25.11-small 2.4.1
- nixpkgs-25.11-darwin 2.4.1

pkgs.ocamlPackages.opam-state

OPAM development library handling the ~/.opam hierarchy, repository and switch states

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0
nixos-25.11 2.4.1
- nixos-25.11-small 2.4.1
- nixpkgs-25.11-darwin 2.4.1

pkgs.ocamlPackages.opam-client

Actions on the opam root, switches, installations, and front-end

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0
nixos-25.11 2.4.1
- nixos-25.11-small 2.4.1
- nixpkgs-25.11-darwin 2.4.1

pkgs.ocamlPackages.opam-format

Definition of opam datastructures and its file interface

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0
nixos-25.11 2.4.1
- nixos-25.11-small 2.4.1
- nixpkgs-25.11-darwin 2.4.1

pkgs.ocamlPackages.opam-solver

This library is based on the Cudf and Dose libraries, and handles calls to the external solver from opam

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0
nixos-25.11 2.4.1
- nixos-25.11-small 2.4.1
- nixpkgs-25.11-darwin 2.4.1

pkgs.ocamlPackages.opam-repository

OPAM repository and remote sources handling, including curl/wget, rsync, git, mercurial, darcs backends

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0
nixos-25.11 2.4.1
- nixos-25.11-small 2.4.1
- nixpkgs-25.11-darwin 2.4.1

pkgs.ocamlPackages.opam-file-format

Parser and printer for the opam file syntax

nixos-unstable 2.2.0
- nixpkgs-unstable 2.2.0
- nixos-unstable-small 2.2.0
nixos-25.11 2.2.0
- nixos-25.11-small 2.2.0
- nixpkgs-25.11-darwin 2.2.0

pkgs.ocamlPackages_latest.opam-core

Small standard library extensions, and generic system interaction modules used by opam

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0

pkgs.ocamlPackages_latest.opam-state

OPAM development library handling the ~/.opam hierarchy, repository and switch states

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0

pkgs.ocamlPackages.opam-0install-cudf

Opam solver using 0install backend using the CUDF interface

nixos-unstable 0install-cudf-0.5.0
- nixpkgs-unstable 0install-cudf-0.5.0
- nixos-unstable-small 0install-cudf-0.5.0
nixos-25.11 0install-cudf-0.5.0
- nixos-25.11-small 0install-cudf-0.5.0
- nixpkgs-25.11-darwin 0install-cudf-0.5.0

pkgs.ocamlPackages_latest.opam-client

Actions on the opam root, switches, installations, and front-end

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0

pkgs.ocamlPackages_latest.opam-format

Definition of opam datastructures and its file interface

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0

pkgs.ocamlPackages_latest.opam-solver

This library is based on the Cudf and Dose libraries, and handles calls to the external solver from opam

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0

pkgs.ocamlPackages_latest.opam-repository

OPAM repository and remote sources handling, including curl/wget, rsync, git, mercurial, darcs backends

nixos-unstable 2.5.0
- nixpkgs-unstable 2.5.0
- nixos-unstable-small 2.5.0

pkgs.ocamlPackages_latest.opam-file-format

Parser and printer for the opam file syntax

nixos-unstable 2.2.0
- nixpkgs-unstable 2.2.0
- nixos-unstable-small 2.2.0

pkgs.tree-sitter-grammars.tree-sitter-opam

Tree-sitter grammar for opam

nixos-unstable 0-unstable-2026-04-05
- nixpkgs-unstable 0-unstable-2026-04-05
- nixos-unstable-small 0-unstable-2026-04-05

pkgs.ocamlPackages_latest.opam-0install-cudf

Opam solver using 0install backend using the CUDF interface

nixos-unstable 0install-cudf-0.5.0
- nixpkgs-unstable 0install-cudf-0.5.0
- nixos-unstable-small 0install-cudf-0.5.0

pkgs.python313Packages.tree-sitter-grammars.tree-sitter-opam

Python bindings for tree-sitter-opam

nixos-unstable 0+unstable20260405
- nixpkgs-unstable 0+unstable20260405
- nixos-unstable-small 0+unstable20260405

pkgs.python314Packages.tree-sitter-grammars.tree-sitter-opam

Python bindings for tree-sitter-opam

nixos-unstable 0+unstable20260405
- nixpkgs-unstable 0+unstable20260405
- nixos-unstable-small 0+unstable20260405

1