Nixpkgs Security Tracker

Login with GitHub

Suggestions search

Untriaged

Filter by:

With package: pidginPackages.pidgin-mra

Found 1 matching suggestions

View:

Compact

Detailed

Permalink CVE-2019-25544

6.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 9 hours ago

Pidgin 2.13.0 Denial of Service via Malformed Username

Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can input a buffer of 1000 characters in the username field and trigger a crash when joining a chat, causing the application to become unavailable.

References

ExploitDB-46930 exploit
Official Product Homepage product
VulnCheck Advisory: Pidgin 2.13.0 Denial of Service via Malformed Username third-party-advisory

Affected products

Pidgin

==2.13.0

Matching in nixpkgs

pkgs.pidgin

Multi-protocol instant messaging client

nixos-unstable 2.14.14
- nixpkgs-unstable 2.14.14
- nixos-unstable-small 2.14.14
nixos-25.11 2.14.14
- nixos-25.11-small 2.14.14
- nixpkgs-25.11-darwin 2.14.14

pkgs.pidginPackages.pidgin

Multi-protocol instant messaging client

nixos-unstable 2.14.14
- nixpkgs-unstable 2.14.14
- nixos-unstable-small 2.14.14
nixos-25.11 2.14.14
- nixos-25.11-small 2.14.14
- nixpkgs-25.11-darwin 2.14.14

pkgs.pidginPackages.pidgin-mra

Mail.ru Agent plugin for Pidgin / libpurple

pkgs.pidginPackages.pidgin-osd

Plugin for Pidgin which implements on-screen display via libxosd

nixos-unstable 0.2.0
- nixpkgs-unstable 0.2.0
- nixos-unstable-small 0.2.0
nixos-25.11 0.2.0
- nixos-25.11-small 0.2.0
- nixpkgs-25.11-darwin 0.2.0

pkgs.pidginPackages.pidgin-otr

Plugin for Pidgin 2.x which implements OTR Messaging

nixos-unstable 4.0.2
- nixpkgs-unstable 4.0.2
- nixos-unstable-small 4.0.2
nixos-25.11 4.0.2
- nixos-25.11-small 4.0.2
- nixpkgs-25.11-darwin 4.0.2

pkgs.pidginPackages.pidgin-sipe

SIPE plugin for Pidgin IM

nixos-unstable 1.25.0
- nixpkgs-unstable 1.25.0
- nixos-unstable-small 1.25.0
nixos-25.11 1.25.0
- nixos-25.11-small 1.25.0
- nixpkgs-25.11-darwin 1.25.0

pkgs.pidginPackages.pidgin-latex

LaTeX rendering plugin for Pidgin IM

nixos-unstable 1.5.0
- nixpkgs-unstable 1.5.0
- nixos-unstable-small 1.5.0
nixos-25.11 1.5.0
- nixos-25.11-small 1.5.0
- nixpkgs-25.11-darwin 1.5.0

pkgs.pidginPackages.pidgin-carbons

XEP-0280: Message Carbons plugin for libpurple

nixos-unstable 0.2.3
- nixpkgs-unstable 0.2.3
- nixos-unstable-small 0.2.3
nixos-25.11 0.2.3
- nixos-25.11-small 0.2.3
- nixpkgs-25.11-darwin 0.2.3

pkgs.pidginPackages.pidgin-skypeweb

SkypeWeb plugin for Pidgin

pkgs.pidginPackages.pidgin-indicator

AppIndicator and KStatusNotifierItem Plugin for Pidgin

nixos-unstable 1.0.1
- nixpkgs-unstable 1.0.1
- nixos-unstable-small 1.0.1
nixos-25.11 1.0.1
- nixos-25.11-small 1.0.1
- nixpkgs-25.11-darwin 1.0.1

pkgs.pidginPackages.pidgin-msn-pecan

Alternative MSN protocol plug-in for Pidgin IM

pkgs.pidginPackages.pidgin-window-merge

Pidgin plugin that merges the Buddy List window with a conversation window

nixos-unstable 0.3
- nixpkgs-unstable 0.3
- nixos-unstable-small 0.3
nixos-25.11 0.3
- nixos-25.11-small 0.3
- nixpkgs-25.11-darwin 0.3

pkgs.pidginPackages.pidgin-xmpp-receipts

Message delivery receipts (XEP-0184) Pidgin plugin

nixos-unstable 0.8
- nixpkgs-unstable 0.8
- nixos-unstable-small 0.8
nixos-25.11 0.8
- nixos-25.11-small 0.8
- nixpkgs-25.11-darwin 0.8

pkgs.pidginPackages.pidgin-opensteamworks

Plugin for Pidgin 2.x which implements Steam Friends/Steam IM compatibility

Package maintainers

@lucasew Lucas Eduardo Wendt <lucas59356@gmail.com>
@colonelpanic8 Ivan Malison <IvanMalison@gmail.com>
@abbradar Nikolay Amiantov <ab@fmap.me>
@Shados Alexei Robyn <shados@shados.net>
@orivej Orivej Desh <orivej@gmx.fr>

1