Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: systemd-bootchart

Found 13 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2025-3360
3.7 LOW
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 6 months, 1 week ago
Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

References

Affected products

glib
  • <2.82.5
bootc
glib2
loupe
librsvg2
mingw-glib2
glycin-loaders

Matching in nixpkgs

pkgs.bootc

Boot and upgrade via container images

  • nixos-unstable -

pkgs.podman-bootc

Streamlining podman+bootc interactions

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2024-3296
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 6 months, 1 week ago
Rust-openssl: timing based side-channel can lead to a bleichenbacher style attack

A timing-based side-channel exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.

References

Affected products

bootc
upstream
389-ds-base
rust-bootupd
rust-openssl
  • *
rust-zincati
keylime-agent-rust
389-ds:1.4/389-ds-base
python3.12-cryptography
389-directory-server:next/389-ds-base
389-directory-server:stable/389-ds-base
389-directory-server:testing/389-ds-base

Matching in nixpkgs

pkgs.bootc

Boot and upgrade via container images

  • nixos-unstable -

pkgs._389-ds-base

Enterprise-class Open Source LDAP server for Linux

  • nixos-unstable -

pkgs.podman-bootc

Streamlining podman+bootc interactions

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2023-7008
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 6 months, 1 week ago
Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

References

Affected products

systemd
  • ==25X
  • *

Matching in nixpkgs

pkgs.udev

System and service manager for Linux

  • nixos-unstable -

pkgs.systemd

System and service manager for Linux

  • nixos-unstable -

pkgs.systemd-lsp

Language server implementation for systemd unit files made in Rust

  • nixos-unstable -

pkgs.systemdLibs

System and service manager for Linux

  • nixos-unstable -

pkgs.rofi-systemd

Control your systemd units using rofi

  • nixos-unstable -

pkgs.systemdUkify

System and service manager for Linux

  • nixos-unstable -

pkgs.check_systemd

Nagios / Icinga monitoring plugin to check systemd for failed units

  • nixos-unstable -

pkgs.systemd-netlogd

Forwards messages from the journal to other hosts over the network

  • nixos-unstable -

pkgs.systemd-lock-handler

Translates systemd-system lock/sleep signals into systemd-user target activations

  • nixos-unstable -

pkgs.update-systemd-resolved

Helper script for OpenVPN to directly update the DNS settings of a link through systemd-resolved via DBus

  • nixos-unstable -