Nixpkgs Security Tracker

Login with GitHub

Suggestions search

Untriaged
Filter by:
With package: pcscliteWithPolkit

Found 4 matching suggestions

Permalink CVE-2025-7519
created 4 months, 3 weeks ago
Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.

Affected products

rhcos
polkit
  • =<126

Matching in nixpkgs

pkgs.polkit

Toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes

  • nixos-unstable -

pkgs.cmd-polkit

Easily create polkit authentication agents by using commands

  • nixos-unstable -

pkgs.polkit_gnome

Dbus session bus service that is used to bring up authentication dialogs

  • nixos-unstable -
Permalink CVE-2025-4432
created 4 months, 3 weeks ago
Ring: some aes functions may panic when overflow checking is enabled in ring

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 2**32 packets sent or received.

Affected products

gjs
ring
  • <0.17.12
rust
polkit
firefox
snpguest
rpm-ostree
thunderbird
python-maturin
kata-containers
python3.12-maturin
rhtas/tuffer-rhel9
rhtas/tuftool-rhel9
firefox:flatpak/firefox
trustee-guest-components
thunderbird:flatpak/thunderbird
rhtpa/rhtpa-trustification-service-rhel9

Matching in nixpkgs

pkgs.gjs

JavaScript bindings for GNOME

  • nixos-unstable -

pkgs.irust

Cross Platform Rust Repl

  • nixos-unstable -

pkgs.mrustc

Mutabah's Rust Compiler

  • nixos-unstable -

pkgs.polkit

Toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes

  • nixos-unstable -

pkgs.rustup

Rust toolchain installer

  • nixos-unstable -

pkgs.rustus

TUS protocol implementation in Rust

  • nixos-unstable -

pkgs.rustcat

Port listener and reverse shell

  • nixos-unstable -

pkgs.rustfmt

Tool for formatting Rust code according to style guidelines

  • nixos-unstable -

pkgs.rustdesk

Virtual / remote desktop infrastructure for everyone! Open source TeamViewer / Citrix alternative

  • nixos-unstable -

pkgs.rustical

Yet another calendar server aiming to be simple, fast and passwordless

  • nixos-unstable -

pkgs.rustscan

Faster Nmap Scanning with Rust

  • nixos-unstable -

pkgs.rustycli

Access the rust playground right in terminal

  • nixos-unstable -

pkgs.snpguest

CLI tool for interacting with SEV-SNP guest environment

  • nixos-unstable -

pkgs.svd2rust

Generate Rust register maps (`struct`s) from SVD files

  • nixos-unstable -

pkgs.hath-rust

Unofficial Hentai@Home client written in Rust

  • nixos-unstable -

pkgs.rust-motd

Beautiful, useful MOTD generation with zero runtime dependencies

  • nixos-unstable -

pkgs.rustdress

Self-hosted Lightning Address Server

  • nixos-unstable -

pkgs.rusti-cal

Minimal command line calendar, similar to cal

  • nixos-unstable -

pkgs.rustic-rs

Fast, encrypted, deduplicated backups powered by pure Rust

  • nixos-unstable -

pkgs.rustlings

Explore the Rust programming language and learn more about it while doing exercises

  • nixos-unstable -

pkgs.rusty-man

Command-line viewer for documentation generated by rustdoc

  • nixos-unstable -

pkgs.rusty-psn

Simple tool to grab updates for PS3 games, directly from Sony's servers using their updates API

  • nixos-unstable -

pkgs.rustywind

CLI for organizing Tailwind CSS classes

  • nixos-unstable -

pkgs.xulrunner

Web browser built from Firefox source tree

pkgs.cmd-polkit

Easily create polkit authentication agents by using commands

  • nixos-unstable -

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

  • nixos-unstable -

pkgs.rpm-ostree

Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model

  • nixos-unstable -

pkgs.rustfinity

CLI for Rustfinity challenges solving

  • nixos-unstable -

pkgs.rustpython

Python 3 interpreter in written Rust

  • nixos-unstable -

pkgs.rusty-bash

Bash written with Rust, a.k.a. sushi shell

  • nixos-unstable -

pkgs.rustypaste

Minimal file upload/pastebin service

  • nixos-unstable -

pkgs.slowlorust

Lightweight slowloris (HTTP DoS) tool

  • nixos-unstable -

pkgs.trustymail

Tool to scan domains and return data based on trustworthy email best practices

  • nixos-unstable -

pkgs.uncrustify

Source code beautifier for C, C++, C#, ObjectiveC, D, Java, Pawn and VALA

  • nixos-unstable -

pkgs.ff2mpv-rust

Native messaging host for ff2mpv written in Rust

  • nixos-unstable -

pkgs.rust-script

Run Rust files and expressions as scripts without any setup or compilation step

  • nixos-unstable -

pkgs.rustmission

TUI for the Transmission daemon

  • nixos-unstable -

pkgs.polkit_gnome

Dbus session bus service that is used to bring up authentication dialogs

  • nixos-unstable -

pkgs.rust-bindgen

Automatically generates Rust FFI bindings to C (and some C++) libraries

  • nixos-unstable -

pkgs.rust-petname

Generate human readable random names

  • nixos-unstable -

pkgs.rustc-wasm32

Safe, concurrent, practical language (wrapper script)

  • nixos-unstable -

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

  • nixos-unstable -

pkgs.i3status-rust

Very resource-friendly and feature-rich replacement for i3status

  • nixos-unstable -

pkgs.rust-cbindgen

Project for generating C bindings from Rust code

  • nixos-unstable -

pkgs.rust-parallel

Rust shell tool to run commands in parallel with a similar interface to GNU parallel

  • nixos-unstable -

pkgs.rustls-libssl

Partial reimplementation of the OpenSSL 3 libssl ABI using rustls

  • nixos-unstable -

pkgs.rusty-psn-gui

Simple tool to grab updates for PS3 games, directly from Sony's servers using their updates API

  • nixos-unstable -

pkgs.starlark-rust

Rust implementation of the Starlark language

  • nixos-unstable -

pkgs.svd2rust-form

Library for splitting apart a large file with multiple modules into the idiomatic rust directory structure

  • nixos-unstable -

pkgs.aw-server-rust

High-performance implementation of the ActivityWatch server, written in Rust

  • nixos-unstable -

pkgs.doh-proxy-rust

Fast, mature, secure DoH server proxy written in Rust

  • nixos-unstable -

pkgs.faust2jackrust

The faust2jackrust script, part of faust functional programming language for realtime audio signal processing

  • nixos-unstable -

pkgs.rusty-diceware

Commandline diceware, with or without dice, written in Rustlang

  • nixos-unstable -

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

  • nixos-unstable -

pkgs.rust-audit-info

Command-line tool to extract the dependency trees embedded in binaries by cargo-auditable

  • nixos-unstable -

pkgs.rust-streamdeck

ibusb based driver for Elgato StreamDeck devices

  • nixos-unstable -

pkgs.rustdesk-flutter

Virtual / remote desktop infrastructure for everyone! Open source TeamViewer / Citrix alternative

  • nixos-unstable -

pkgs.lomiri.trust-store

Common implementation of a trust store to be used by trusted helpers

  • nixos-unstable -

pkgs.piping-server-rust

Infinitely transfer between every device over pure HTTP with pipes or browsers

  • nixos-unstable -

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account

  • nixos-unstable -

pkgs.luaPackages.rustaceanvim

🦀 Supercharge your Rust experience in Neovim! A heavily modified fork of rust-tools.nvim

Package maintainers

Permalink CVE-2025-3416
created 4 months, 3 weeks ago
Openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.

Affected products

gjs
polkit
firefox
mozjs60
openssl
rpm-ostree
389-ds-base
rust-bootupd
rust-openssl
  • <0.10.72
mingw-openssl
kata-containers
keylime-agent-rust
rhtas/tuffer-rhel9
rhtas/tuftool-rhel9
389-ds:1.4/389-ds-base
firefox:flatpak/firefox
python3.12-cryptography
redhat-ds:11/389-ds-base
redhat-ds:12/389-ds-base
rhtpa/rhtpa-trustification-service-rhel9

Matching in nixpkgs

pkgs.gjs

JavaScript bindings for GNOME

  • nixos-unstable -

pkgs.polkit

Toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes

  • nixos-unstable -

pkgs.openssl

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs.xulrunner

Web browser built from Firefox source tree

pkgs.cmd-polkit

Easily create polkit authentication agents by using commands

  • nixos-unstable -

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

  • nixos-unstable -

pkgs.rpm-ostree

Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model

  • nixos-unstable -

pkgs.openssl_1_1

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs.openssl_3_0

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs.openssl_3_5

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs._389-ds-base

Enterprise-class Open Source LDAP server for Linux

  • nixos-unstable -

pkgs.polkit_gnome

Dbus session bus service that is used to bring up authentication dialogs

  • nixos-unstable -

pkgs.tpm2-openssl

OpenSSL Provider for TPM2 integration

  • nixos-unstable -

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

  • nixos-unstable -

pkgs.openssl_legacy

Cryptographic library that implements the SSL and TLS protocols

  • nixos-unstable -

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

  • nixos-unstable -

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-11831
created 4 months, 3 weeks ago
Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript

A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.

Affected products

pcs
ceph
  • *
pybind
grafana
libarrow
dotnet6.0
dotnet7.0
dotnet8.0
  • *
nodejs-webpack
quay/quay-rhel8
mta/mta-ui-rhel9
mta/mta-cli-rhel9
rh-dotnet60-dotnet
rhdh-hub-container
odf4/mcg-core-rhel8
odf4/mcg-core-rhel9
odh-dashboard-rhel8
rhdh/rhdh-hub-rhel9
devspaces/code-rhel8
rhacm2/console-rhel8
rhacm2/console-rhel9
serialize-javascript
  • <6.0.2
automation-controller
rhceph/rhceph-8-rhel9
  • *
aap-cloud-ui-container
odf4/odf-console-rhel9
  • *
odh-operator-container
openshift3/ose-console
devspaces/traefik-rhel8
odh-dashboard-container
rhdh-operator-container
odh-model-registry-rhel8
automation-eda-controller
devspaces/dashboard-rhel8
rhosdt/jaeger-agent-rhel8
rhosdt/jaeger-query-rhel8
discovery-server-container
3scale-amp-system-container
rhosdt/jaeger-ingester-rhel8
odf4/ocs-client-console-rhel9
  • *
odh-ml-pipelines-driver-rhel8
odh-notebook-controller-rhel8
rhosdt/jaeger-collector-rhel8
nodejs-uglifyjs-webpack-plugin
rhosdt/jaeger-all-in-one-rhel8
odh-ml-pipelines-launcher-rhel8
openshift-logging/kibana6-rhel8
rhosdt/jaeger-es-rollover-rhel8
odh-kf-notebook-controller-rhel8
nodejs-compression-webpack-plugin
openshift-service-mesh/kiali-rhel8
nodejs-css-minimizer-webpack-plugin
odf4/odf-multicluster-console-rhel8
odf4/odf-multicluster-console-rhel9
  • *
odh-ml-pipelines-api-server-v2-rhel8
rhosdt/jaeger-es-index-cleaner-rhel8
openshift4/ose-monitoring-plugin-rhel8
openshift4/ose-monitoring-plugin-rhel9
openshift-service-mesh/kiali-ossmc-rhel8
rhtpa/rhtpa-trustification-service-rhel9
advanced-cluster-security/rhacs-main-rhel8
  • *
odh-ml-pipelines-persistenceagent-v2-rhel8
openshift-pipelines/pipelines-hub-ui-rhel8
  • *
odh-ml-pipelines-scheduledworkflow-v2-rhel8
openshift-pipelines/pipelines-hub-api-rhel8
advanced-cluster-security/rhacs-roxctl-rhel8
advanced-cluster-security/rhacs-rhel8-operator
odh-data-science-pipelines-argo-argoexec-rhel8
ansible-automation-platform-24/lightspeed-rhel8
ansible-automation-platform-25/lightspeed-rhel8
advanced-cluster-security/rhacs-central-db-rhel8
advanced-cluster-security/rhacs-scanner-v4-rhel8
openshift-pipelines-console-plugin-rhel8-container
openshift-pipelines/pipelines-console-plugin-rhel8
  • *
openshift-pipelines/pipelines-console-plugin-rhel9
  • *
advanced-cluster-security/rhacs-scanner-v4-db-rhel8
openshift-pipelines/pipelines-hub-db-migration-rhel8
odh-data-science-pipelines-argo-workflowcontroller-rhel8
migration-toolkit-virtualization/mtv-console-plugin-rhel9
openshift-lightspeed-beta/lightspeed-console-plugin-rhel9

Matching in nixpkgs

pkgs.vpcs

Simple virtual PC simulator

  • nixos-unstable -

pkgs.pcsx2

Playstation 2 emulator

  • nixos-unstable -

pkgs.rpcs3

PS3 emulator/debugger

  • nixos-unstable -

pkgs.pcstat

Page Cache stat: get page cache stats for files on Linux

  • nixos-unstable -

pkgs.grafana

Gorgeous metric viz, dashboards & editors for Graphite, InfluxDB & OpenTSDB

  • nixos-unstable -

pkgs.pcsclite

Middleware to access a smart card using SCard API (PC/SC)

  • nixos-unstable -

pkgs.appcsxcad

Minimal Application using the QCSXCAD library

  • nixos-unstable -

pkgs.pcsctools

Tools used to test a PC/SC driver, card or reader

  • nixos-unstable -

pkgs.pcsx2-bin

Playstation 2 emulator (precompiled binary, repacked from official website)

  • nixos-unstable -

pkgs.grafanactl

Tool designed to simplify interaction with Grafana instances

  • nixos-unstable -

pkgs.baidupcs-go

Baidu Netdisk commandline client, mimicking Linux shell file handling commands

  • nixos-unstable -

pkgs.rpcsvc-proto

This package contains rpcsvc proto.x files from glibc, which are missing in libtirpc

  • nixos-unstable -

pkgs.grafana-alloy

Open source OpenTelemetry Collector distribution with built-in Prometheus pipelines and support for metrics, logs, traces, and profiles

  • nixos-unstable -

pkgs.pcsc-cyberjack

REINER SCT cyberJack USB chipcard reader user space driver

  • nixos-unstable -

pkgs.pcsc-scm-scl011

SCM Microsystems SCL011 chipcard reader user space driver

  • nixos-unstable -

pkgs.grafana-dash-n-grab

Grafana Dash-n-Grab (gdg) -- backup and restore Grafana dashboards, datasources, and other entities

  • nixos-unstable -

pkgs.grafanaPlugins.grafana-pyroscope-app

Integrate seamlessly with Pyroscope, the open-source continuous profiling platform, providing a smooth, query-less experience for browsing and analyzing profiling data

  • nixos-unstable -

Package maintainers