Nixpkgs Security Tracker

Login with GitHub

Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:
Compact
Detailed
Permalink CVE-2025-46804
3.3 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 6 months ago
Screen 5.0.0 and older versions allow file existence tests when installed setuid-root

A minor information leak when running Screen with setuid-root privileges allosw unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0.

References

Affected products

screen
  • =<4.9.1
  • =<5.0.0

Matching in nixpkgs

pkgs.screen

Window manager that multiplexes a physical terminal

  • nixos-unstable -

pkgs.yascreen

Curses replacement for daemons and embedded apps

  • nixos-unstable -

pkgs.screenkey

Screencast tool to display your keys inspired by Screenflick

  • nixos-unstable -

pkgs.screentest

Simple screen testing tool

  • nixos-unstable -

pkgs.gscreenshot

Screenshot frontend (CLI and GUI) for a variety of screenshot backends

  • nixos-unstable -

pkgs.screen-pipe

Personalized AI powered by what you've seen, said, or heard

  • nixos-unstable -

pkgs.screenfetch

Fetches system/theme information in terminal for Linux desktop screenshots

  • nixos-unstable -

pkgs.screenconfig

Automatic configuration of connected screens/monitors

  • nixos-unstable -

pkgs.screenly-cli

Tools for managing digital signs and screens at scale

  • nixos-unstable -

pkgs.wl-screenrec

High performance wlroots screen recording, featuring hardware encoding

  • nixos-unstable -

pkgs.vokoscreen-ng

User friendly Open Source screencaster for Linux and Windows

  • nixos-unstable -

pkgs.gh-screensaver

gh extension with animated terminal screensavers

  • nixos-unstable -

pkgs.screen-message

Displays a short text fullscreen in an X11 window

  • nixos-unstable -

pkgs.rofi-screenshot

Use rofi to perform various types of screenshots and screen captures

pkgs.betterlockscreen

Fast and sweet looking lockscreen for linux systems with effects

  • nixos-unstable -

pkgs.gnome-screenshot

Utility used in the GNOME desktop environment for taking screenshots

  • nixos-unstable -

pkgs.budgie-screensaver

Fork of old GNOME Screensaver for purposes of providing an authentication prompt on wake

  • nixos-unstable -

pkgs.gpu-screen-recorder

Screen recorder that has minimal impact on system performance by recording a window using the GPU only

  • nixos-unstable -

pkgs.mpd-touch-screen-gui

Small MPD client that let's you view covers and has controls suitable for small touchscreens

pkgs.gnomeExtensions.screen-rotate

Enable screen rotation regardless of touch mode. Fork of Screen Autorotate by Kosmospredanie.

  • nixos-unstable -
    • nixpkgs-unstable 25

pkgs.gnomeExtensions.screenshot-tool

Conveniently create, copy, store and upload screenshots. Please log out and log in again after updating.

  • nixos-unstable -
    • nixpkgs-unstable 76

pkgs.gnomeExtensions.hide-screen-sharing

Hide Screen Sharing. Useful for software KVMs that always show screen sharing like Desk Flow, Input-Leap, Barrier, etc...

  • nixos-unstable -
    • nixpkgs-unstable 1

pkgs.gnomeExtensions.peek-top-bar-on-fullscreen

Show the top bar (panel) on demand while having full screen content on (like a YouTube video). Just hover the mouse cursor to the top of the screen, and the panel will show up. This way, you can quickly check the time, or swich some toggles. This is similar to what macOS offers for full screen apps.

  • nixos-unstable -
    • nixpkgs-unstable 17

pkgs.gnomeExtensions.disable-unredirect-fullscreen-windows

Disables unredirect fullscreen windows in gnome-shell to workaround a bug when clicking on full screen windows goes through to windows underneath. This also happens to fix screen tearing in full-screen windows.

  • nixos-unstable -
    • nixpkgs-unstable 12

Package maintainers

Permalink CVE-2025-23395
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
Local root exploit via `logfile_reopen()` in screen 5.0.0 with setuid-root bit set

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user's (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges

References

Affected products

screen
  • =<5.0.0

Matching in nixpkgs

pkgs.screen

Window manager that multiplexes a physical terminal

  • nixos-unstable -

pkgs.yascreen

Curses replacement for daemons and embedded apps

  • nixos-unstable -

pkgs.screenkey

Screencast tool to display your keys inspired by Screenflick

  • nixos-unstable -

pkgs.screentest

Simple screen testing tool

  • nixos-unstable -

pkgs.gscreenshot

Screenshot frontend (CLI and GUI) for a variety of screenshot backends

  • nixos-unstable -

pkgs.screen-pipe

Personalized AI powered by what you've seen, said, or heard

  • nixos-unstable -

pkgs.screenfetch

Fetches system/theme information in terminal for Linux desktop screenshots

  • nixos-unstable -

pkgs.screenconfig

Automatic configuration of connected screens/monitors

  • nixos-unstable -

pkgs.screenly-cli

Tools for managing digital signs and screens at scale

  • nixos-unstable -

pkgs.wl-screenrec

High performance wlroots screen recording, featuring hardware encoding

  • nixos-unstable -

pkgs.vokoscreen-ng

User friendly Open Source screencaster for Linux and Windows

  • nixos-unstable -

pkgs.gh-screensaver

gh extension with animated terminal screensavers

  • nixos-unstable -

pkgs.screen-message

Displays a short text fullscreen in an X11 window

  • nixos-unstable -

pkgs.rofi-screenshot

Use rofi to perform various types of screenshots and screen captures

pkgs.betterlockscreen

Fast and sweet looking lockscreen for linux systems with effects

  • nixos-unstable -

pkgs.gnome-screenshot

Utility used in the GNOME desktop environment for taking screenshots

  • nixos-unstable -

pkgs.budgie-screensaver

Fork of old GNOME Screensaver for purposes of providing an authentication prompt on wake

  • nixos-unstable -

pkgs.gpu-screen-recorder

Screen recorder that has minimal impact on system performance by recording a window using the GPU only

  • nixos-unstable -

pkgs.mpd-touch-screen-gui

Small MPD client that let's you view covers and has controls suitable for small touchscreens

pkgs.gnomeExtensions.screen-rotate

Enable screen rotation regardless of touch mode. Fork of Screen Autorotate by Kosmospredanie.

  • nixos-unstable -
    • nixpkgs-unstable 25

pkgs.gnomeExtensions.screenshot-tool

Conveniently create, copy, store and upload screenshots. Please log out and log in again after updating.

  • nixos-unstable -
    • nixpkgs-unstable 76

pkgs.gnomeExtensions.hide-screen-sharing

Hide Screen Sharing. Useful for software KVMs that always show screen sharing like Desk Flow, Input-Leap, Barrier, etc...

  • nixos-unstable -
    • nixpkgs-unstable 1

pkgs.gnomeExtensions.peek-top-bar-on-fullscreen

Show the top bar (panel) on demand while having full screen content on (like a YouTube video). Just hover the mouse cursor to the top of the screen, and the panel will show up. This way, you can quickly check the time, or swich some toggles. This is similar to what macOS offers for full screen apps.

  • nixos-unstable -
    • nixpkgs-unstable 17

pkgs.gnomeExtensions.disable-unredirect-fullscreen-windows

Disables unredirect fullscreen windows in gnome-shell to workaround a bug when clicking on full screen windows goes through to windows underneath. This also happens to fix screen tearing in full-screen windows.

  • nixos-unstable -
    • nixpkgs-unstable 12

Package maintainers

Permalink CVE-2025-46802
6.0 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 6 months ago
Temporary chown() of users' TTY to mode 0666 allows PTY hijacking in screen

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

References

Affected products

screen
  • <4.6.2-150000.5.8.1

Matching in nixpkgs

pkgs.screen

Window manager that multiplexes a physical terminal

  • nixos-unstable -

pkgs.yascreen

Curses replacement for daemons and embedded apps

  • nixos-unstable -

pkgs.screenkey

Screencast tool to display your keys inspired by Screenflick

  • nixos-unstable -

pkgs.screentest

Simple screen testing tool

  • nixos-unstable -

pkgs.gscreenshot

Screenshot frontend (CLI and GUI) for a variety of screenshot backends

  • nixos-unstable -

pkgs.screen-pipe

Personalized AI powered by what you've seen, said, or heard

  • nixos-unstable -

pkgs.screenfetch

Fetches system/theme information in terminal for Linux desktop screenshots

  • nixos-unstable -

pkgs.screenconfig

Automatic configuration of connected screens/monitors

  • nixos-unstable -

pkgs.screenly-cli

Tools for managing digital signs and screens at scale

  • nixos-unstable -

pkgs.wl-screenrec

High performance wlroots screen recording, featuring hardware encoding

  • nixos-unstable -

pkgs.vokoscreen-ng

User friendly Open Source screencaster for Linux and Windows

  • nixos-unstable -

pkgs.gh-screensaver

gh extension with animated terminal screensavers

  • nixos-unstable -

pkgs.screen-message

Displays a short text fullscreen in an X11 window

  • nixos-unstable -

pkgs.rofi-screenshot

Use rofi to perform various types of screenshots and screen captures

pkgs.betterlockscreen

Fast and sweet looking lockscreen for linux systems with effects

  • nixos-unstable -

pkgs.gnome-screenshot

Utility used in the GNOME desktop environment for taking screenshots

  • nixos-unstable -

pkgs.budgie-screensaver

Fork of old GNOME Screensaver for purposes of providing an authentication prompt on wake

  • nixos-unstable -

pkgs.gpu-screen-recorder

Screen recorder that has minimal impact on system performance by recording a window using the GPU only

  • nixos-unstable -

pkgs.mpd-touch-screen-gui

Small MPD client that let's you view covers and has controls suitable for small touchscreens

pkgs.gnomeExtensions.screen-rotate

Enable screen rotation regardless of touch mode. Fork of Screen Autorotate by Kosmospredanie.

  • nixos-unstable -
    • nixpkgs-unstable 25

pkgs.gnomeExtensions.screenshot-tool

Conveniently create, copy, store and upload screenshots. Please log out and log in again after updating.

  • nixos-unstable -
    • nixpkgs-unstable 76

pkgs.gnomeExtensions.hide-screen-sharing

Hide Screen Sharing. Useful for software KVMs that always show screen sharing like Desk Flow, Input-Leap, Barrier, etc...

  • nixos-unstable -
    • nixpkgs-unstable 1

pkgs.gnomeExtensions.peek-top-bar-on-fullscreen

Show the top bar (panel) on demand while having full screen content on (like a YouTube video). Just hover the mouse cursor to the top of the screen, and the panel will show up. This way, you can quickly check the time, or swich some toggles. This is similar to what macOS offers for full screen apps.

  • nixos-unstable -
    • nixpkgs-unstable 17

pkgs.gnomeExtensions.disable-unredirect-fullscreen-windows

Disables unredirect fullscreen windows in gnome-shell to workaround a bug when clicking on full screen windows goes through to windows underneath. This also happens to fix screen tearing in full-screen windows.

  • nixos-unstable -
    • nixpkgs-unstable 12

Package maintainers

Permalink CVE-2025-31049
9.8 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
WordPress Dash <= 1.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3.

References

Affected products

dash
  • =<1.3

Matching in nixpkgs

pkgs.dash

POSIX-compliant implementation of /bin/sh that aims to be as small as possible

  • nixos-unstable -

pkgs.dasht

Search API docs offline, in terminal or browser

  • nixos-unstable -

pkgs.kdash

Simple and fast dashboard for Kubernetes

  • nixos-unstable -

pkgs.dasher

Information-efficient text-entry interface, driven by natural continuous pointing gestures

pkgs.iodash

Lightweight C++ I/O library for POSIX operation systems

  • nixos-unstable -

pkgs.wldash

Wayland launcher/dashboard

  • nixos-unstable -

pkgs.dashing

Dash Generator Script for Any HTML

  • nixos-unstable -

pkgs.gh-dash

Github Cli extension to display a dashboard with pull requests and issues

  • nixos-unstable -

pkgs.dash-mpd-cli

Download media content from a DASH-MPEG or DASH-WebM MPD manifest

  • nixos-unstable -

pkgs.riemann-dash

Javascript, websockets-powered dashboard for Riemann

  • nixos-unstable -

pkgs.gdb-dashboard

Modular visual interface for GDB in Python

  • nixos-unstable -
    • nixpkgs-unstable

pkgs.homepage-dashboard

Highly customisable dashboard with Docker and service API integrations

  • nixos-unstable -

pkgs.grafana-dash-n-grab

Grafana Dash-n-Grab (gdg) -- backup and restore Grafana dashboards, datasources, and other entities

  • nixos-unstable -

pkgs.gnomeExtensions.dash-to-panel

An icon taskbar for the Gnome Shell. This extension moves the dash into the gnome main panel so that the application launchers and system tray are combined into a single panel, similar to that found in KDE Plasma and Windows 7+. A separate dock is no longer needed for easy access to running and favorited applications.

  • nixos-unstable -
    • nixpkgs-unstable 68

pkgs.gnomeExtensions.dash-to-panel-menu

Dash to panel menu. Fork from Favorites Menu by cvine. https://extensions.gnome.org/extension/115/favorites-menu/

  • nixos-unstable -
    • nixpkgs-unstable 4
Permalink CVE-2025-32286
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
WordPress Butcher <= 2.40 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Butcher allows PHP Local File Inclusion. This issue affects Butcher: from n/a through 2.40.

References

Affected products

butcher
  • =<2.40

Matching in nixpkgs

Permalink CVE-2025-32293
8.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
WordPress Finance Consultant <= 2.8 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Finance Consultant allows Object Injection. This issue affects Finance Consultant: from n/a through 2.8.

References

Affected products

finance
  • =<2.8

Matching in nixpkgs

Package maintainers

Permalink CVE-2025-32285
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 6 months ago
WordPress Butcher theme <= 2.40 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ApusTheme Butcher allows Reflected XSS. This issue affects Butcher: from n/a through 2.40.

References

Affected products

butcher
  • =<2.40

Matching in nixpkgs

Permalink CVE-2018-25110
created 6 months ago
Regular Expression Denial of Service (ReDoS) in markedjs/marked

Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown input, such as deeply nested or repetitively structured brackets or tag attributes, which cause the parser to hang and lead to a Denial of Service.

References

Affected products

marked
  • <0.3.17

Matching in nixpkgs

pkgs.marked-man

Markdown to roff wrapper around marked

  • nixos-unstable -

Package maintainers

Permalink CVE-2025-46448
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 6 months ago
WordPress Document Management System <= 1.24 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reifsnyderb Document Management System allows Reflected XSS. This issue affects Document Management System: from n/a through 1.24.

References

Affected products

dms
  • =<1.24

Matching in nixpkgs

pkgs.dms

UPnP DLNA Digital Media Server with basic video transcoding

  • nixos-unstable -

pkgs.adms

Automatic device model synthesizer

  • nixos-unstable -

pkgs.dmsdos

Linux utilities to handle dos/win95 doublespace/drivespace/stacker

pkgs.python312Packages.dmsuite

Scientific library providing a collection of spectral collocation differentiation matrices

  • nixos-unstable -

pkgs.python313Packages.dmsuite

Scientific library providing a collection of spectral collocation differentiation matrices

  • nixos-unstable -

Package maintainers

Permalink CVE-2025-5024
7.4 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months ago
Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.

References

Affected products

gnome-remote-desktop
  • *

Matching in nixpkgs

Package maintainers