Dismissed suggestions

These automatic suggestions were dismissed after initial triaging.

to select a suggestion for revision.

View:

Compact

Detailed

Permalink CVE-2014-0163

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed
6 packages
- python312Packages.openshift
- python313Packages.openshift
- python314Packages.openshift
- python312Packages.azure-mgmt-redhatopenshift
- python313Packages.azure-mgmt-redhatopenshift
- python314Packages.azure-mgmt-redhatopenshift
1 month ago
@LeSuisse dismissed 1 month ago

Openshift has shell command injection flaws due to unsanitized data …

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0163 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2014-0163 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2014-0163 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0163 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0163 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2014-0163 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0163 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2014-0163 x_transferred x_refsource_MISC

Affected products

Openshift

==through 2014-04-03

Matching in nixpkgs

pkgs.openshift

Build, deploy, and manage your applications with Docker and Kubernetes

nixos-unstable 4.19.0-202505210330
- nixpkgs-unstable 4.19.0-202505210330
- nixos-unstable-small 4.19.0-202505210330
nixos-25.11 4.16.0
- nixos-25.11-small 4.16.0
- nixpkgs-25.11-darwin 4.16.0

Ignored packages (6)

pkgs.python312Packages.openshift

Python client for the OpenShift API

nixos-25.11 0.13.2
- nixos-25.11-small 0.13.2
- nixpkgs-25.11-darwin 0.13.2

pkgs.python313Packages.openshift

Python client for the OpenShift API

nixos-unstable 0.13.2
- nixpkgs-unstable 0.13.2
- nixos-unstable-small 0.13.2
nixos-25.11 0.13.2
- nixos-25.11-small 0.13.2
- nixpkgs-25.11-darwin 0.13.2

pkgs.python314Packages.openshift

Python client for the OpenShift API

nixos-unstable 0.13.2
- nixpkgs-unstable 0.13.2
- nixos-unstable-small 0.13.2

pkgs.python312Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

nixos-25.11 2.0.0
- nixos-25.11-small 2.0.0
- nixpkgs-25.11-darwin 2.0.0

pkgs.python313Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0
nixos-25.11 2.0.0
- nixos-25.11-small 2.0.0
- nixpkgs-25.11-darwin 2.0.0

pkgs.python314Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0

Package maintainers

@offlinehacker Jaka Hudoklin <jaka@x-truder.net>
@stehessel Stephan Heßelmann <stephan@stehessel.de>
@moretea Maarten Hoogendoorn <maarten@moretea.nl>

Current stable branch was never impacted.

https://github.com/NixOS/nixpkgs/commit/ce3dd652234318508da37f8cbc7d69ace7b098ef

Permalink CVE-2014-0023

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed
6 packages
- python312Packages.openshift
- python313Packages.openshift
- python314Packages.openshift
- python312Packages.azure-mgmt-redhatopenshift
- python313Packages.azure-mgmt-redhatopenshift
- python314Packages.azure-mgmt-redhatopenshift
1 month ago
@LeSuisse dismissed 1 month ago

OpenShift: Install script has temporary file creation vulnerability which can …

OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution

References

https://access.redhat.com/security/cve/cve-2014-0023 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0023 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0023 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2014-0023 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0023 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2014-0023 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2014-0023 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0023 x_transferred x_refsource_MISC

Affected products

OpenShift

==through 2014-01-21

Matching in nixpkgs

pkgs.openshift

Build, deploy, and manage your applications with Docker and Kubernetes

nixos-unstable 4.19.0-202505210330
- nixpkgs-unstable 4.19.0-202505210330
- nixos-unstable-small 4.19.0-202505210330
nixos-25.11 4.16.0
- nixos-25.11-small 4.16.0
- nixpkgs-25.11-darwin 4.16.0

Ignored packages (6)

pkgs.python312Packages.openshift

Python client for the OpenShift API

nixos-25.11 0.13.2
- nixos-25.11-small 0.13.2
- nixpkgs-25.11-darwin 0.13.2

pkgs.python313Packages.openshift

Python client for the OpenShift API

nixos-unstable 0.13.2
- nixpkgs-unstable 0.13.2
- nixos-unstable-small 0.13.2
nixos-25.11 0.13.2
- nixos-25.11-small 0.13.2
- nixpkgs-25.11-darwin 0.13.2

pkgs.python314Packages.openshift

Python client for the OpenShift API

nixos-unstable 0.13.2
- nixpkgs-unstable 0.13.2
- nixos-unstable-small 0.13.2

pkgs.python312Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

nixos-25.11 2.0.0
- nixos-25.11-small 2.0.0
- nixpkgs-25.11-darwin 2.0.0

pkgs.python313Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0
nixos-25.11 2.0.0
- nixos-25.11-small 2.0.0
- nixpkgs-25.11-darwin 2.0.0

pkgs.python314Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0

Package maintainers

@offlinehacker Jaka Hudoklin <jaka@x-truder.net>
@stehessel Stephan Heßelmann <stephan@stehessel.de>
@moretea Maarten Hoogendoorn <maarten@moretea.nl>

Current stable branch was never impacted.

https://github.com/NixOS/nixpkgs/commit/ce3dd652234318508da37f8cbc7d69ace7b098ef

Permalink CVE-2024-9453

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): NONE

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 6 months ago
@LeSuisse removed
8 packages
- jenkins
- jenkins-job-builder
- python312Packages.jenkinsapi
- python313Packages.jenkinsapi
- python312Packages.python-jenkins
- python313Packages.python-jenkins
- python312Packages.jenkins-job-builder
- python313Packages.jenkins-job-builder
1 month ago
@LeSuisse dismissed 1 month ago

Jenkins-image: sensitive data disclosure when using openshift jenkins image

A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the logs and potentially carries a high risk if those logs are centralized when collected. The token is typically valid for one year. This flaw allows a malicious user to jeopardize the environment if they have access to sensitive information.

References

https://access.redhat.com/security/cve/CVE-2024-9453 x_refsource_REDHAT vdb-entry
RHBZ#2316231 issue-tracking x_refsource_REDHAT
RHBZ#2316231 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9453 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-9453 x_refsource_REDHAT vdb-entry
RHBZ#2316231 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9453 x_refsource_REDHAT vdb-entry
RHBZ#2316231 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9453 x_refsource_REDHAT vdb-entry
RHBZ#2316231 issue-tracking x_refsource_REDHAT

Affected products

jenkins

openshift-sync-plugin

<1.1.0.818.v3883b_3b_df89a_

Ignored packages (8)

pkgs.jenkins

Extendable open source continuous integration server

nixos-unstable -
- nixpkgs-unstable 2.516.2

pkgs.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable -
- nixpkgs-unstable 6.4.2

pkgs.python312Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable -
- nixpkgs-unstable 0.3.14

pkgs.python313Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable -
- nixpkgs-unstable 0.3.14

pkgs.python312Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable -
- nixpkgs-unstable 1.8.3

pkgs.python313Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable -
- nixpkgs-unstable 1.8.3

pkgs.python312Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable -
- nixpkgs-unstable 6.4.2

pkgs.python313Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable -
- nixpkgs-unstable 6.4.2

Not present in nixpkgs

Permalink CVE-2013-0202

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed package owncloud-client 1 month ago
@LeSuisse dismissed 1 month ago

Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier …

Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.

References

https://owncloud.org/security/advisories/multiple-xss-vulnerabilities-3/ x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/81476 x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/81476 x_transferred x_refsource_MISC
https://owncloud.org/security/advisories/multiple-xss-vulnerabilities-3/ x_transferred x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/81476 x_refsource_MISC
https://owncloud.org/security/advisories/multiple-xss-vulnerabilities-3/ x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/81476 x_transferred x_refsource_MISC
https://owncloud.org/security/advisories/multiple-xss-vulnerabilities-3/ x_transferred x_refsource_MISC

Affected products

ownCloud

==4.0.10
==and earlier
==4.5.5

Ignored packages (1)

pkgs.owncloud-client

Synchronise your ownCloud with your computer using this desktop client

nixos-unstable 6.0.3
- nixpkgs-unstable 6.0.3
- nixos-unstable-small 6.0.3
nixos-25.11 5.3.2
- nixos-25.11-small 5.3.2
- nixpkgs-25.11-darwin 5.3.2

Not present in nixpkgs

Permalink CVE-2008-0888

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 6 months ago
@LeSuisse removed
5 packages
- runzip
- ripunzip
- unzipNLS
- haskellPackages.unzip-traversable
- haskellPackages.wai-middleware-gunzip
1 month ago
@LeSuisse dismissed 1 month ago

The NEEDBITS macro in the inflate_dynamic function in inflate.c for …

The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.

References

29415 x_refsource_SECUNIA third-party-advisory
20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ
29427 x_refsource_SECUNIA third-party-advisory
ADV-2008-1744 x_refsource_VUPEN vdb-entry
29440 x_refsource_SECUNIA third-party-advisory
DSA-1522 vendor-advisory x_refsource_DEBIAN
29432 x_refsource_SECUNIA third-party-advisory
https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM
APPLE-SA-2010-03-29-1 vendor-advisory x_refsource_APPLE
29392 x_refsource_SECUNIA third-party-advisory
29681 x_refsource_SECUNIA third-party-advisory
MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA
SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE
ADV-2008-0913 x_refsource_VUPEN vdb-entry
30535 x_refsource_SECUNIA third-party-advisory
http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM
http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ
GLSA-200804-06 vendor-advisory x_refsource_GENTOO
oval:org.mitre.oval:def:9733 x_refsource_OVAL vdb-entry signature
29406 x_refsource_SECUNIA third-party-advisory
29495 x_refsource_SECUNIA third-party-advisory
31204 x_refsource_SECUNIA third-party-advisory
1019634 vdb-entry x_refsource_SECTRACK
RHSA-2008:0196 vendor-advisory x_refsource_REDHAT
unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF
USN-589-1 vendor-advisory x_refsource_UBUNTU
28288 vdb-entry x_refsource_BID
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
29432 x_refsource_SECUNIA third-party-advisory x_transferred
https://issues.rpath.com/browse/RPL-2317 x_transferred x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_transferred x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_transferred x_refsource_CONFIRM
APPLE-SA-2010-03-29-1 vendor-advisory x_transferred x_refsource_APPLE
29392 x_refsource_SECUNIA third-party-advisory x_transferred
29681 x_refsource_SECUNIA third-party-advisory x_transferred
MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA x_transferred
SUSE-SR:2008:007 vendor-advisory x_transferred x_refsource_SUSE
ADV-2008-0913 x_refsource_VUPEN vdb-entry x_transferred
30535 x_refsource_SECUNIA third-party-advisory x_transferred
http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_transferred x_refsource_CONFIRM
http://support.apple.com/kb/HT4077 x_transferred x_refsource_CONFIRM
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_transferred x_refsource_BUGTRAQ
GLSA-200804-06 vendor-advisory x_refsource_GENTOO x_transferred
oval:org.mitre.oval:def:9733 x_refsource_OVAL vdb-entry signature x_transferred
29406 x_refsource_SECUNIA third-party-advisory x_transferred
29495 x_refsource_SECUNIA third-party-advisory x_transferred
31204 x_refsource_SECUNIA third-party-advisory x_transferred
1019634 x_transferred vdb-entry x_refsource_SECTRACK
RHSA-2008:0196 vendor-advisory x_refsource_REDHAT x_transferred
unzip-inflatedynamic-code-execution(41246) x_transferred vdb-entry x_refsource_XF
USN-589-1 vendor-advisory x_transferred x_refsource_UBUNTU
28288 x_transferred vdb-entry x_refsource_BID
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_transferred x_refsource_CONFIRM
29415 x_refsource_SECUNIA third-party-advisory x_transferred
20080321 rPSA-2008-0116-1 unzip mailing-list x_transferred x_refsource_BUGTRAQ
29427 x_refsource_SECUNIA third-party-advisory x_transferred
ADV-2008-1744 x_refsource_VUPEN vdb-entry x_transferred
29440 x_refsource_SECUNIA third-party-advisory x_transferred
DSA-1522 vendor-advisory x_refsource_DEBIAN x_transferred
29415 x_refsource_SECUNIA third-party-advisory
20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ
29427 x_refsource_SECUNIA third-party-advisory
ADV-2008-1744 x_refsource_VUPEN vdb-entry
29440 x_refsource_SECUNIA third-party-advisory
DSA-1522 vendor-advisory x_refsource_DEBIAN
29432 x_refsource_SECUNIA third-party-advisory
https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM
APPLE-SA-2010-03-29-1 vendor-advisory x_refsource_APPLE
29392 x_refsource_SECUNIA third-party-advisory
29681 x_refsource_SECUNIA third-party-advisory
MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA
SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE
ADV-2008-0913 x_refsource_VUPEN vdb-entry
30535 x_refsource_SECUNIA third-party-advisory
http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM
http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ
GLSA-200804-06 vendor-advisory x_refsource_GENTOO
oval:org.mitre.oval:def:9733 x_refsource_OVAL vdb-entry signature
29406 x_refsource_SECUNIA third-party-advisory
29495 x_refsource_SECUNIA third-party-advisory
31204 x_refsource_SECUNIA third-party-advisory
1019634 vdb-entry x_refsource_SECTRACK
RHSA-2008:0196 vendor-advisory x_refsource_REDHAT
unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF
USN-589-1 vendor-advisory x_refsource_UBUNTU
28288 vdb-entry x_refsource_BID
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
29415 x_refsource_SECUNIA third-party-advisory x_transferred
20080321 rPSA-2008-0116-1 unzip mailing-list x_transferred x_refsource_BUGTRAQ
29427 x_refsource_SECUNIA third-party-advisory x_transferred
ADV-2008-1744 x_refsource_VUPEN vdb-entry x_transferred
29440 x_refsource_SECUNIA third-party-advisory x_transferred
DSA-1522 vendor-advisory x_refsource_DEBIAN x_transferred
29432 x_refsource_SECUNIA third-party-advisory x_transferred
https://issues.rpath.com/browse/RPL-2317 x_transferred x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_transferred x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_transferred x_refsource_CONFIRM
APPLE-SA-2010-03-29-1 vendor-advisory x_transferred x_refsource_APPLE
29392 x_refsource_SECUNIA third-party-advisory x_transferred
29681 x_refsource_SECUNIA third-party-advisory x_transferred
MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA x_transferred
SUSE-SR:2008:007 vendor-advisory x_transferred x_refsource_SUSE
ADV-2008-0913 x_refsource_VUPEN vdb-entry x_transferred
30535 x_refsource_SECUNIA third-party-advisory x_transferred
http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_transferred x_refsource_CONFIRM
http://support.apple.com/kb/HT4077 x_transferred x_refsource_CONFIRM
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_transferred x_refsource_BUGTRAQ
GLSA-200804-06 vendor-advisory x_refsource_GENTOO x_transferred
oval:org.mitre.oval:def:9733 x_refsource_OVAL vdb-entry signature x_transferred
29406 x_refsource_SECUNIA third-party-advisory x_transferred
29495 x_refsource_SECUNIA third-party-advisory x_transferred
31204 x_refsource_SECUNIA third-party-advisory x_transferred
1019634 x_transferred vdb-entry x_refsource_SECTRACK
RHSA-2008:0196 vendor-advisory x_refsource_REDHAT x_transferred
unzip-inflatedynamic-code-execution(41246) x_transferred vdb-entry x_refsource_XF
USN-589-1 vendor-advisory x_transferred x_refsource_UBUNTU
28288 x_transferred vdb-entry x_refsource_BID
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_transferred x_refsource_CONFIRM
unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF
USN-589-1 vendor-advisory x_refsource_UBUNTU
28288 vdb-entry x_refsource_BID
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
29415 x_refsource_SECUNIA third-party-advisory
20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ
29427 x_refsource_SECUNIA third-party-advisory
ADV-2008-1744 x_refsource_VUPEN vdb-entry
29440 x_refsource_SECUNIA third-party-advisory
DSA-1522 vendor-advisory x_refsource_DEBIAN
29432 x_refsource_SECUNIA third-party-advisory
https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM
APPLE-SA-2010-03-29-1 vendor-advisory x_refsource_APPLE
29392 x_refsource_SECUNIA third-party-advisory
29681 x_refsource_SECUNIA third-party-advisory
MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA
SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE
ADV-2008-0913 x_refsource_VUPEN vdb-entry
30535 x_refsource_SECUNIA third-party-advisory
http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM
http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ
GLSA-200804-06 vendor-advisory x_refsource_GENTOO
oval:org.mitre.oval:def:9733 x_refsource_OVAL vdb-entry signature
29406 x_refsource_SECUNIA third-party-advisory
29495 x_refsource_SECUNIA third-party-advisory
31204 x_refsource_SECUNIA third-party-advisory
1019634 vdb-entry x_refsource_SECTRACK
RHSA-2008:0196 vendor-advisory x_refsource_REDHAT
29415 x_refsource_SECUNIA third-party-advisory x_transferred
20080321 rPSA-2008-0116-1 unzip mailing-list x_transferred x_refsource_BUGTRAQ
29427 x_refsource_SECUNIA third-party-advisory x_transferred
ADV-2008-1744 x_refsource_VUPEN vdb-entry x_transferred
29440 x_refsource_SECUNIA third-party-advisory x_transferred
DSA-1522 vendor-advisory x_refsource_DEBIAN x_transferred
29432 x_refsource_SECUNIA third-party-advisory x_transferred
https://issues.rpath.com/browse/RPL-2317 x_transferred x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_transferred x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_transferred x_refsource_CONFIRM
APPLE-SA-2010-03-29-1 vendor-advisory x_transferred x_refsource_APPLE
29392 x_refsource_SECUNIA third-party-advisory x_transferred
29681 x_refsource_SECUNIA third-party-advisory x_transferred
MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA x_transferred
SUSE-SR:2008:007 vendor-advisory x_transferred x_refsource_SUSE
ADV-2008-0913 x_refsource_VUPEN vdb-entry x_transferred
30535 x_refsource_SECUNIA third-party-advisory x_transferred
http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_transferred x_refsource_CONFIRM
http://support.apple.com/kb/HT4077 x_transferred x_refsource_CONFIRM
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_transferred x_refsource_BUGTRAQ
GLSA-200804-06 vendor-advisory x_refsource_GENTOO x_transferred
oval:org.mitre.oval:def:9733 x_refsource_OVAL vdb-entry signature x_transferred
29406 x_refsource_SECUNIA third-party-advisory x_transferred
29495 x_refsource_SECUNIA third-party-advisory x_transferred
31204 x_refsource_SECUNIA third-party-advisory x_transferred
1019634 x_transferred vdb-entry x_refsource_SECTRACK
RHSA-2008:0196 vendor-advisory x_refsource_REDHAT x_transferred
unzip-inflatedynamic-code-execution(41246) x_transferred vdb-entry x_refsource_XF
USN-589-1 vendor-advisory x_transferred x_refsource_UBUNTU
28288 x_transferred vdb-entry x_refsource_BID
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_transferred x_refsource_CONFIRM
29415 x_refsource_SECUNIA third-party-advisory
20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ
29427 x_refsource_SECUNIA third-party-advisory
ADV-2008-1744 x_refsource_VUPEN vdb-entry
29440 x_refsource_SECUNIA third-party-advisory
DSA-1522 vendor-advisory x_refsource_DEBIAN
29432 x_refsource_SECUNIA third-party-advisory
https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM
APPLE-SA-2010-03-29-1 vendor-advisory x_refsource_APPLE
29392 x_refsource_SECUNIA third-party-advisory
29681 x_refsource_SECUNIA third-party-advisory
MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA
SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE
ADV-2008-0913 x_refsource_VUPEN vdb-entry
30535 x_refsource_SECUNIA third-party-advisory
http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM
http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ
GLSA-200804-06 vendor-advisory x_refsource_GENTOO
oval:org.mitre.oval:def:9733 x_refsource_OVAL vdb-entry signature
29406 x_refsource_SECUNIA third-party-advisory
29495 x_refsource_SECUNIA third-party-advisory
31204 x_refsource_SECUNIA third-party-advisory
1019634 vdb-entry x_refsource_SECTRACK
RHSA-2008:0196 vendor-advisory x_refsource_REDHAT
unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF
USN-589-1 vendor-advisory x_refsource_UBUNTU
28288 vdb-entry x_refsource_BID
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
DSA-1522 vendor-advisory x_refsource_DEBIAN x_transferred
29432 x_refsource_SECUNIA third-party-advisory x_transferred
https://issues.rpath.com/browse/RPL-2317 x_transferred x_refsource_CONFIRM
http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_transferred x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_transferred x_refsource_CONFIRM
APPLE-SA-2010-03-29-1 vendor-advisory x_transferred x_refsource_APPLE
29392 x_refsource_SECUNIA third-party-advisory x_transferred
29681 x_refsource_SECUNIA third-party-advisory x_transferred
MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA x_transferred
SUSE-SR:2008:007 vendor-advisory x_transferred x_refsource_SUSE
ADV-2008-0913 x_refsource_VUPEN vdb-entry x_transferred
30535 x_refsource_SECUNIA third-party-advisory x_transferred
http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_transferred x_refsource_CONFIRM
http://support.apple.com/kb/HT4077 x_transferred x_refsource_CONFIRM
20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_transferred x_refsource_BUGTRAQ
GLSA-200804-06 vendor-advisory x_refsource_GENTOO x_transferred
oval:org.mitre.oval:def:9733 x_refsource_OVAL vdb-entry signature x_transferred
29406 x_refsource_SECUNIA third-party-advisory x_transferred
29495 x_refsource_SECUNIA third-party-advisory x_transferred
31204 x_refsource_SECUNIA third-party-advisory x_transferred
1019634 x_transferred vdb-entry x_refsource_SECTRACK
RHSA-2008:0196 vendor-advisory x_refsource_REDHAT x_transferred
unzip-inflatedynamic-code-execution(41246) x_transferred vdb-entry x_refsource_XF
USN-589-1 vendor-advisory x_transferred x_refsource_UBUNTU
28288 x_transferred vdb-entry x_refsource_BID
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_transferred x_refsource_CONFIRM
29415 x_refsource_SECUNIA third-party-advisory x_transferred
20080321 rPSA-2008-0116-1 unzip mailing-list x_transferred x_refsource_BUGTRAQ
29427 x_refsource_SECUNIA third-party-advisory x_transferred
ADV-2008-1744 x_refsource_VUPEN vdb-entry x_transferred
29440 x_refsource_SECUNIA third-party-advisory x_transferred

Affected products

n/a

==n/a

unzip

<6.0

Matching in nixpkgs

pkgs.unzip

Extraction utility for archives compressed in .zip format

nixos-unstable -
- nixpkgs-unstable 6.0

Ignored packages (5)

pkgs.runzip

Tool to convert filename encoding inside a ZIP archive

nixos-unstable -
- nixpkgs-unstable 1.4

pkgs.ripunzip

Tool to unzip files in parallel

nixos-unstable -
- nixpkgs-unstable 2.0.3

pkgs.unzipNLS

Extraction utility for archives compressed in .zip format

nixos-unstable -
- nixpkgs-unstable 6.0

pkgs.haskellPackages.unzip-traversable

Unzip functions for general Traversable containers

nixos-unstable -
- nixpkgs-unstable 0.1.1

pkgs.haskellPackages.wai-middleware-gunzip

WAI middleware to unzip request bodies

nixos-unstable -
- nixpkgs-unstable 0.0.2

Package maintainers

@RossComputerGuy Tristan Ross <tristan.ross@midstall.com>

Current stable branch was never impacted

https://github.com/NixOS/nixpkgs/commit/672d3856df5d0e0e5bd5053e59cd5925b85e9f4a

Permalink CVE-2014-8140

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed
5 packages
- ripunzip
- unzipNLS
- haskellPackages.unzip-traversable
- haskellPackages.wai-middleware-gunzip
- runzip
1 month ago
@LeSuisse dismissed 1 month ago

Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip …

Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

References

http://www.ocert.org/advisories/ocert-2014-011.html x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174851 x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174851 x_transferred x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_transferred x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_transferred x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174851 x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_transferred x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174851 x_transferred x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_transferred x_refsource_MISC

Affected products

UnZip

==6.0 and earlier

Matching in nixpkgs

pkgs.unzip

Extraction utility for archives compressed in .zip format

nixos-unstable 6.0
- nixpkgs-unstable 6.0
- nixos-unstable-small 6.0
nixos-25.11 6.0
- nixos-25.11-small 6.0
- nixpkgs-25.11-darwin 6.0

Ignored packages (5)

pkgs.runzip

Tool to convert filename encoding inside a ZIP archive

nixos-unstable 1.4
- nixpkgs-unstable 1.4
- nixos-unstable-small 1.4
nixos-25.11 1.4
- nixos-25.11-small 1.4
- nixpkgs-25.11-darwin 1.4

pkgs.ripunzip

Tool to unzip files in parallel

nixos-unstable 2.0.4
- nixpkgs-unstable 2.0.4
- nixos-unstable-small 2.0.4
nixos-25.11 2.0.3
- nixos-25.11-small 2.0.3
- nixpkgs-25.11-darwin 2.0.3

pkgs.unzipNLS

Extraction utility for archives compressed in .zip format

nixos-unstable 6.0
- nixpkgs-unstable 6.0
- nixos-unstable-small 6.0
nixos-25.11 6.0
- nixos-25.11-small 6.0
- nixpkgs-25.11-darwin 6.0

pkgs.haskellPackages.unzip-traversable

Unzip functions for general Traversable containers

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1
nixos-25.11 0.1.1
- nixos-25.11-small 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.haskellPackages.wai-middleware-gunzip

WAI middleware to unzip request bodies

nixos-unstable 0.0.2
- nixpkgs-unstable 0.0.2
- nixos-unstable-small 0.0.2
nixos-25.11 0.0.2
- nixos-25.11-small 0.0.2
- nixpkgs-25.11-darwin 0.0.2

Package maintainers

@RossComputerGuy Tristan Ross <tristan.ross@midstall.com>

Current stable branch was never impacted

https://github.com/NixOS/nixpkgs/commit/173f41cf0bc618f0b2c313b1915fee8d8a6d0ee2

Permalink CVE-2014-8141

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed
5 packages
- runzip
- ripunzip
- unzipNLS
- haskellPackages.unzip-traversable
- haskellPackages.wai-middleware-gunzip
1 month ago
@LeSuisse dismissed 1 month ago

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip …

Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

References

https://access.redhat.com/errata/RHSA-2015:0700 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174856 x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_transferred x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174856 x_transferred x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_transferred x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174856 x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174856 x_transferred x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_transferred x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_transferred x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_transferred x_refsource_MISC

Affected products

UnZip

==6.0 and earlier

Matching in nixpkgs

pkgs.unzip

Extraction utility for archives compressed in .zip format

nixos-unstable 6.0
- nixpkgs-unstable 6.0
- nixos-unstable-small 6.0
nixos-25.11 6.0
- nixos-25.11-small 6.0
- nixpkgs-25.11-darwin 6.0

Ignored packages (5)

pkgs.runzip

Tool to convert filename encoding inside a ZIP archive

nixos-unstable 1.4
- nixpkgs-unstable 1.4
- nixos-unstable-small 1.4
nixos-25.11 1.4
- nixos-25.11-small 1.4
- nixpkgs-25.11-darwin 1.4

pkgs.ripunzip

Tool to unzip files in parallel

nixos-unstable 2.0.4
- nixpkgs-unstable 2.0.4
- nixos-unstable-small 2.0.4
nixos-25.11 2.0.3
- nixos-25.11-small 2.0.3
- nixpkgs-25.11-darwin 2.0.3

pkgs.unzipNLS

Extraction utility for archives compressed in .zip format

nixos-unstable 6.0
- nixpkgs-unstable 6.0
- nixos-unstable-small 6.0
nixos-25.11 6.0
- nixos-25.11-small 6.0
- nixpkgs-25.11-darwin 6.0

pkgs.haskellPackages.unzip-traversable

Unzip functions for general Traversable containers

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1
nixos-25.11 0.1.1
- nixos-25.11-small 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.haskellPackages.wai-middleware-gunzip

WAI middleware to unzip request bodies

nixos-unstable 0.0.2
- nixpkgs-unstable 0.0.2
- nixos-unstable-small 0.0.2
nixos-25.11 0.0.2
- nixos-25.11-small 0.0.2
- nixpkgs-25.11-darwin 0.0.2

Package maintainers

@RossComputerGuy Tristan Ross <tristan.ross@midstall.com>

Current stable branch was never impacted

https://github.com/NixOS/nixpkgs/commit/173f41cf0bc618f0b2c313b1915fee8d8a6d0ee2

Permalink CVE-2014-8139

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed
5 packages
- runzip
- ripunzip
- unzipNLS
- haskellPackages.unzip-traversable
- haskellPackages.wai-middleware-gunzip
1 month ago
@LeSuisse dismissed 1 month ago

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip …

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.

References

http://www.ocert.org/advisories/ocert-2014-011.html x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174844 x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174844 x_transferred x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_transferred x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174844 x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_refsource_MISC
http://www.ocert.org/advisories/ocert-2014-011.html x_transferred x_refsource_MISC
https://access.redhat.com/errata/RHSA-2015:0700 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1174844 x_transferred x_refsource_MISC
http://www.securitytracker.com/id/1031433 x_transferred x_refsource_MISC

Affected products

UnZip

==6.0 and earlier

Matching in nixpkgs

pkgs.unzip

Extraction utility for archives compressed in .zip format

nixos-unstable 6.0
- nixpkgs-unstable 6.0
- nixos-unstable-small 6.0
nixos-25.11 6.0
- nixos-25.11-small 6.0
- nixpkgs-25.11-darwin 6.0

Ignored packages (5)

pkgs.runzip

Tool to convert filename encoding inside a ZIP archive

nixos-unstable 1.4
- nixpkgs-unstable 1.4
- nixos-unstable-small 1.4
nixos-25.11 1.4
- nixos-25.11-small 1.4
- nixpkgs-25.11-darwin 1.4

pkgs.ripunzip

Tool to unzip files in parallel

nixos-unstable 2.0.4
- nixpkgs-unstable 2.0.4
- nixos-unstable-small 2.0.4
nixos-25.11 2.0.3
- nixos-25.11-small 2.0.3
- nixpkgs-25.11-darwin 2.0.3

pkgs.unzipNLS

Extraction utility for archives compressed in .zip format

nixos-unstable 6.0
- nixpkgs-unstable 6.0
- nixos-unstable-small 6.0
nixos-25.11 6.0
- nixos-25.11-small 6.0
- nixpkgs-25.11-darwin 6.0

pkgs.haskellPackages.unzip-traversable

Unzip functions for general Traversable containers

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1
nixos-25.11 0.1.1
- nixos-25.11-small 0.1.1
- nixpkgs-25.11-darwin 0.1.1

pkgs.haskellPackages.wai-middleware-gunzip

WAI middleware to unzip request bodies

nixos-unstable 0.0.2
- nixpkgs-unstable 0.0.2
- nixos-unstable-small 0.0.2
nixos-25.11 0.0.2
- nixos-25.11-small 0.0.2
- nixpkgs-25.11-darwin 0.0.2

Package maintainers

@RossComputerGuy Tristan Ross <tristan.ross@midstall.com>

Current stable branch was never impacted

https://github.com/NixOS/nixpkgs/commit/173f41cf0bc618f0b2c313b1915fee8d8a6d0ee2

Permalink CVE-1999-0022

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month, 1 week ago
@LeSuisse removed
3 packages
- aixlog
- mairix
- tests.fetchgit.describe-tag
1 month ago
@LeSuisse dismissed 1 month ago

Local user gains root privileges via buffer overflow in rdist, …

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

References

00179 vendor-advisory x_refsource_SUN
00179 vendor-advisory x_transferred x_refsource_SUN
00179 vendor-advisory x_refsource_SUN
00179 vendor-advisory x_transferred x_refsource_SUN
00179 vendor-advisory x_refsource_SUN
00179 vendor-advisory x_transferred x_refsource_SUN

Affected products

aix

==4.2
==4.1.2
==4.1.4
==3.2.4
==3.1
==4.1.5
==4.1
==3.2.5
==4.1.3
==3.2
==4.1.1

n/a

==n/a

irix

==5.2
==6.0
==5.0
==6.3
==6.1
==6.2
==5.0.1
==5.1.1
==5.3
==6.0.1
==5.1
==6.4

hp-ux

==10.00

sunos

==5.2
==5.0
==4.1.3u1
==5.4
==4.1.1
==5.3
==5.1
==4.1.2

bsd_os

==1.1

freebsd

==2.0.5
==2.0
==2.1.0

solaris

==4.1.3

Old issue. Impacted packages not present in nixpkgs.

Permalink CVE-2005-2351

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month, 1 week ago
@LeSuisse removed
12 packages
- mutter
- neomutt
- mutt-ics
- mutter46
- mutter48
- mutt-wizard
- fontmuttmisc
- notmuch-mutt
- font-mutt-misc
- pantheon.mutter
- xorg.fontmuttmisc
- vimPlugins.nvim-treesitter-parsers.muttrc
1 month ago
@LeSuisse dismissed 1 month ago

Mutt before 1.5.20 patch 7 allows an attacker to cause …

Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.

References

https://security-tracker.debian.org/tracker/CVE-2005-2351 x_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2005-2351 x_transferred x_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296 x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2005-2351 x_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2005-2351 x_transferred x_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=311296 x_transferred x_refsource_MISC

Affected products

mutt

==before 1.5.20-7

Matching in nixpkgs

pkgs.mutt

Small but very powerful text-based mail client

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.2.16
- nixos-25.11-small 2.2.16
- nixpkgs-25.11-darwin 2.2.16

Package maintainers

@rnhmjoj Michele Guerini Rocco <rnhmjoj@inventati.org>

Old issue. No impact on current stable branch.