Nixpkgs Security Tracker

Permalink CVE-2025-4476

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): LOW

created 6 months ago

Libsoup: null pointer dereference in libsoup may lead to denial of service

A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 (Unauthorized) HTTP response containing a specifically crafted domain parameter within the WWW-Authenticate header. Processing this malformed header can lead to a crash of the client application using libsoup. An attacker could exploit this by setting up a malicious HTTP server. If a user's application using the vulnerable libsoup library connects to this malicious server, it could result in a denial-of-service. Successful exploitation requires tricking a user's client application into connecting to the attacker's malicious server.

References

https://access.redhat.com/security/cve/CVE-2025-4476 x_refsource_REDHAT vdb-entry
RHBZ#2366513 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4476 x_refsource_REDHAT vdb-entry
RHBZ#2366513 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4476 x_refsource_REDHAT vdb-entry
RHBZ#2366513 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4476 x_refsource_REDHAT vdb-entry
RHBZ#2366513 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4476 x_refsource_REDHAT vdb-entry
RHBZ#2366513 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4476 x_refsource_REDHAT vdb-entry
RHBZ#2366513 issue-tracking x_refsource_REDHAT

Affected products

libsoup

<3.6.6

libsoup3

Matching in nixpkgs

pkgs.libsoup_3

HTTP client/server library for GNOME

nixos-unstable -
- nixpkgs-unstable 3.6.5

pkgs.libsoup_2_4

HTTP client/server library for GNOME

nixos-unstable -
- nixpkgs-unstable 2.74.3

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libsoup-gnome-2.4%22

Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
@lovek323 Jason O'Conal <jason@oconal.id.au>
@bobby285271 Bobby Rong <rjl931189261@126.com>

Permalink CVE-2025-31062

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

created 6 months ago

WordPress Wishlist <= 2.1.0 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in redqteam Wishlist allows Retrieve Embedded Sensitive Data. This issue affects Wishlist: from n/a through 2.1.0.

References

https://patchstack.com/database/wordpress/plugin/wishlist/vulnerability/wordpre… vdb-entry

Affected products

wishlist

=<2.1.0

Matching in nixpkgs

pkgs.wishlist

Single entrypoint for multiple SSH endpoints

nixos-unstable -
- nixpkgs-unstable 0.15.2

Package maintainers

@caarlos0 Carlos A Becker <carlos@becker.software>
@penguwin Nicolas Martin <penguwin@penguwin.eu>

Permalink CVE-2025-31639

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): NONE

created 6 months ago

WordPress Spare <= 1.7 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare allows Cross Site Request Forgery. This issue affects Spare: from n/a through 1.7.

References

https://patchstack.com/database/wordpress/theme/spare/vulnerability/wordpress-s… vdb-entry

Affected products

spare

=<1.7

Matching in nixpkgs

pkgs.asciiquarium-transparent

Aquarium/sea animation in ASCII art (with option of transparent background)

nixos-unstable -
- nixpkgs-unstable 1.4

pkgs.materia-theme-transparent

Transparent Material Design theme for GNOME/GTK based desktop environments

nixos-unstable -
- nixpkgs-unstable 0-unstable-2021-03-22

pkgs.gnomeExtensions.transparent-top-bar

Bring back the transparent top bar when free-floating in GNOME Shell 3.32.

nixos-unstable -
- nixpkgs-unstable 24

pkgs.gnomeExtensions.transparent-window-moving

Makes the window semi-transparent when moving or resizing

nixos-unstable -
- nixpkgs-unstable 19

pkgs.sway-contrib.inactive-windows-transparency

It makes inactive sway windows transparent

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-03-19

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency

Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar

nixos-unstable -
- nixpkgs-unstable 24

Package maintainers

@quantenzitrone quantenzitrone <nix@dev.quantenzitrone.eu>
@honnip Jung seungwoo <me@honnip.page>
@CorbinWunderlich Corbin Wunderlich <corbin@wcopy.net>
@evils Evils <evils.devils@protonmail.com>

Permalink CVE-2025-40907

5.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): LOW

created 6 months ago

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.

References

http://www.openwall.com/lists/oss-security/2025/04/23/4 mailing-list
https://github.com/FastCGI-Archives/fcgi2/issues/67 issue-tracking
https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5 patch
https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi… technical-description
https://github.com/perl-catalyst/FCGI/issues/14 issue-tracking
https://patch-diff.githubusercontent.com/raw/FastCGI-Archives/fcgi2/pull/74.pat… patch
http://www.openwall.com/lists/oss-security/2025/04/23/4 mailing-list
https://github.com/FastCGI-Archives/fcgi2/issues/67 issue-tracking
https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5 patch
https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi… technical-description
https://github.com/perl-catalyst/FCGI/issues/14 issue-tracking
https://patch-diff.githubusercontent.com/raw/FastCGI-Archives/fcgi2/pull/74.pat… patch

Affected products

FCGI

=<0.82

Matching in nixpkgs

pkgs.perlPackages.FCGI

Fast CGI module

nixos-unstable -
- nixpkgs-unstable 0.82

pkgs.perl538Packages.FCGI

Fast CGI module

nixos-unstable -
- nixpkgs-unstable 0.82

pkgs.perl540Packages.FCGI

Fast CGI module

nixos-unstable -
- nixpkgs-unstable 0.82

pkgs.perlPackages.FCGIClient

Client library for fastcgi protocol

nixos-unstable -
- nixpkgs-unstable 0.09

pkgs.perl538Packages.FCGIClient

Client library for fastcgi protocol

nixos-unstable -
- nixpkgs-unstable 0.09

pkgs.perl540Packages.FCGIClient

Client library for fastcgi protocol

nixos-unstable -
- nixpkgs-unstable 0.09

pkgs.perlPackages.FCGIProcManager

Perl-based FastCGI process manager

nixos-unstable -
- nixpkgs-unstable 0.28

pkgs.perl538Packages.FCGIProcManager

Perl-based FastCGI process manager

nixos-unstable -
- nixpkgs-unstable 0.28

pkgs.perl540Packages.FCGIProcManager

Perl-based FastCGI process manager

nixos-unstable -
- nixpkgs-unstable 0.28

Permalink CVE-2025-40906

9.8 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities

BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities. Those include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755. BSON-XS was the official Perl XS implementation of MongoDB's BSON serialization, but this distribution has reached its end of life as of August 13, 2020 and is no longer supported.

References

https://www.mongodb.com/community/forums/t/mongodb-perl-driver-end-of-life/7890 vendor-advisory
https://lists.debian.org/debian-lts-announce/2025/05/msg00012.html mailing-list
https://lists.debian.org/debian-lts-announce/2025/05/msg00012.html mailing-list
https://www.mongodb.com/community/forums/t/mongodb-perl-driver-end-of-life/7890 vendor-advisory
https://lists.debian.org/debian-lts-announce/2025/05/msg00012.html mailing-list
https://www.mongodb.com/community/forums/t/mongodb-perl-driver-end-of-life/7890 vendor-advisory
https://lists.debian.org/debian-lts-announce/2025/05/msg00012.html mailing-list
https://www.mongodb.com/community/forums/t/mongodb-perl-driver-end-of-life/7890 vendor-advisory

Affected products

BSON-XS

=<0.8.4

Matching in nixpkgs

pkgs.perlPackages.BSONXS

XS implementation of MongoDB's BSON serialization (EOL)

nixos-unstable -
- nixpkgs-unstable 0.8.4

pkgs.perl538Packages.BSONXS

XS implementation of MongoDB's BSON serialization (EOL)

nixos-unstable -
- nixpkgs-unstable 0.8.4

pkgs.perl540Packages.BSONXS

XS implementation of MongoDB's BSON serialization (EOL)

nixos-unstable -
- nixpkgs-unstable 0.8.4

Permalink CVE-2025-4478

7.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): HIGH

created 6 months ago

Gnome-remote-desktop: unauthenticated rdp packet causes segfault in gnome-remote-desktop leading to denial of service

A flaw was found in the gnome-remote-desktop used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.

References

https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
RHSA-2025:9307 vendor-advisory x_refsource_REDHAT
RHSA-2025:9307 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://github.com/FreeRDP/FreeRDP/pull/11573
RHSA-2025:9307 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://github.com/FreeRDP/FreeRDP/pull/11573
RHSA-2025:9307 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://github.com/FreeRDP/FreeRDP/pull/11573
RHSA-2025:9307 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://github.com/FreeRDP/FreeRDP/pull/11573
RHSA-2025:9307 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4478 x_refsource_REDHAT vdb-entry
RHBZ#2365232 issue-tracking x_refsource_REDHAT
https://github.com/FreeRDP/FreeRDP/pull/11573

Affected products

freerdp

<3.16.0
*

gnome-remote-desktop

Matching in nixpkgs

pkgs.gnome-remote-desktop

GNOME Remote Desktop server

nixos-unstable -
- nixpkgs-unstable 48.1

Package maintainers

@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
@jtojnar Jan Tojnar <jtojnar@gmail.com>
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
@bobby285271 Bobby Rong <rjl931189261@126.com>

Permalink CVE-2025-4574

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

Crossbeam-channel: crossbeam-channel vulnerable to double free on drop

In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption.

References

https://access.redhat.com/security/cve/CVE-2025-4574 x_refsource_REDHAT vdb-entry
RHBZ#2358890 issue-tracking x_refsource_REDHAT
https://github.com/crossbeam-rs/crossbeam/pull/1187
https://github.com/crossbeam-rs/crossbeam/pull/1187
https://access.redhat.com/security/cve/CVE-2025-4574 x_refsource_REDHAT vdb-entry
RHBZ#2358890 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4574 x_refsource_REDHAT vdb-entry
RHBZ#2358890 issue-tracking x_refsource_REDHAT
https://github.com/crossbeam-rs/crossbeam/pull/1187
https://access.redhat.com/security/cve/CVE-2025-4574 x_refsource_REDHAT vdb-entry
RHBZ#2358890 issue-tracking x_refsource_REDHAT
https://github.com/crossbeam-rs/crossbeam/pull/1187
https://github.com/crossbeam-rs/crossbeam/pull/1187
https://access.redhat.com/security/cve/CVE-2025-4574 x_refsource_REDHAT vdb-entry
RHBZ#2358890 issue-tracking x_refsource_REDHAT
RHBZ#2358890 issue-tracking x_refsource_REDHAT
https://github.com/crossbeam-rs/crossbeam/pull/1187
https://access.redhat.com/security/cve/CVE-2025-4574 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2025-4574 x_refsource_REDHAT vdb-entry
RHBZ#2358890 issue-tracking x_refsource_REDHAT
https://github.com/crossbeam-rs/crossbeam/pull/1187
RHBZ#2358890 issue-tracking x_refsource_REDHAT
https://github.com/crossbeam-rs/crossbeam/pull/1187
https://access.redhat.com/security/cve/CVE-2025-4574 x_refsource_REDHAT vdb-entry

Affected products

gjs

rust

firefox

librsvg2

conmon-rs

rpm-ostree

389-ds-base

thunderbird

python-maturin

rust-afterburn

kata-containers

coreos-installer

crossbeam-channel

<0.5.15

python3.12-maturin

rhtas/tuffer-rhel9

rhtas/tuftool-rhel9

rust-coreos-installer

389-ds:1.4/389-ds-base

rust-toolset:rhel8/rust

redhat-ds:11/389-ds-base

redhat-ds:12/389-ds-base

trustee-guest-components

rhoai/odh-feast-operator-rhel8

rhoai/odh-feature-server-rhel8

rhtpa/rhtpa-trustification-service-rhel9

Matching in nixpkgs

pkgs.irust

Cross Platform Rust Repl

nixos-unstable -
- nixpkgs-unstable 1.76.2

pkgs.mrustc

Mutabah's Rust Compiler

nixos-unstable -
- nixpkgs-unstable 0.11.2

pkgs.rustup

Rust toolchain installer

nixos-unstable -
- nixpkgs-unstable 1.28.2

pkgs.rustus

TUS protocol implementation in Rust

nixos-unstable -
- nixpkgs-unstable 1.1.3

pkgs.rustcat

Port listener and reverse shell

nixos-unstable -
- nixpkgs-unstable 3.0.0

pkgs.rustfmt

Tool for formatting Rust code according to style guidelines

nixos-unstable -
- nixpkgs-unstable 1.89.0

pkgs.rustdesk

Virtual / remote desktop infrastructure for everyone! Open source TeamViewer / Citrix alternative

nixos-unstable -
- nixpkgs-unstable 1.4.1

pkgs.rustical

Yet another calendar server aiming to be simple, fast and passwordless

nixos-unstable -
- nixpkgs-unstable 0.9.3

pkgs.rustscan

Faster Nmap Scanning with Rust

nixos-unstable -
- nixpkgs-unstable 2.4.1

pkgs.rustycli

Access the rust playground right in terminal

nixos-unstable -
- nixpkgs-unstable 0.1.1

pkgs.svd2rust

Generate Rust register maps (`struct`s) from SVD files

nixos-unstable -
- nixpkgs-unstable 0.37.0

pkgs.conmon-rs

OCI container runtime monitor written in Rust

nixos-unstable -
- nixpkgs-unstable 0.7.2

pkgs.hath-rust

Unofficial Hentai@Home client written in Rust

nixos-unstable -
- nixpkgs-unstable 1.12.1

pkgs.rust-motd

Beautiful, useful MOTD generation with zero runtime dependencies

nixos-unstable -
- nixpkgs-unstable 2.1.0

pkgs.rustdress

Self-hosted Lightning Address Server

nixos-unstable -
- nixpkgs-unstable 0.5.2

pkgs.rusti-cal

Minimal command line calendar, similar to cal

nixos-unstable -
- nixpkgs-unstable 1.1.0

pkgs.rustic-rs

Fast, encrypted, deduplicated backups powered by pure Rust

nixos-unstable -
- nixpkgs-unstable 0.10.0

pkgs.rustlings

Explore the Rust programming language and learn more about it while doing exercises

nixos-unstable -
- nixpkgs-unstable 6.4.0

pkgs.rusty-man

Command-line viewer for documentation generated by rustdoc

nixos-unstable -
- nixpkgs-unstable 0.5.0

pkgs.rusty-psn

Simple tool to grab updates for PS3 games, directly from Sony's servers using their updates API

nixos-unstable -
- nixpkgs-unstable 0.5.9

pkgs.rustywind

CLI for organizing Tailwind CSS classes

nixos-unstable -
- nixpkgs-unstable 0.24.3

pkgs.xulrunner

Web browser built from Firefox source tree

nixos-unstable -
- nixpkgs-unstable 142.0.1

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable -
- nixpkgs-unstable 2.15.0

pkgs.rpm-ostree

Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model

nixos-unstable -
- nixpkgs-unstable 2024.8

pkgs.rustfinity

CLI for Rustfinity challenges solving

nixos-unstable -
- nixpkgs-unstable 0.2.14

pkgs.rustls-ffi

C-to-rustls bindings

nixos-unstable -
- nixpkgs-unstable 0.15.0

pkgs.rustplayer

Local audio player and network m3u8 radio player using a terminal interface

nixos-unstable -
- nixpkgs-unstable 1.1.2-unstable-2024-07-14

pkgs.rustpython

Python 3 interpreter in written Rust

nixos-unstable -
- nixpkgs-unstable 0.4.0

pkgs.rusty-bash

Bash written with Rust, a.k.a. sushi shell

nixos-unstable -
- nixpkgs-unstable 0.8.5

pkgs.rustypaste

Minimal file upload/pastebin service

nixos-unstable -
- nixpkgs-unstable 0.16.1

pkgs.slowlorust

Lightweight slowloris (HTTP DoS) tool

nixos-unstable -
- nixpkgs-unstable 0.1.1

pkgs.trustymail

Tool to scan domains and return data based on trustworthy email best practices

nixos-unstable -
- nixpkgs-unstable 1.1.0

pkgs.uncrustify

Source code beautifier for C, C++, C#, ObjectiveC, D, Java, Pawn and VALA

nixos-unstable -
- nixpkgs-unstable 0.81.0

pkgs.ff2mpv-rust

Native messaging host for ff2mpv written in Rust

nixos-unstable -
- nixpkgs-unstable 1.1.7

pkgs.rust-script

Run Rust files and expressions as scripts without any setup or compilation step

nixos-unstable -
- nixpkgs-unstable 0.36.0

pkgs.rustmission

TUI for the Transmission daemon

nixos-unstable -
- nixpkgs-unstable 0.5.1

pkgs._389-ds-base

Enterprise-class Open Source LDAP server for Linux

nixos-unstable -
- nixpkgs-unstable 3.1.3

pkgs.buildcatrust

Build SSL/TLS trust stores

nixos-unstable -
- nixpkgs-unstable 0.4.0

pkgs.rust-bindgen

Automatically generates Rust FFI bindings to C (and some C++) libraries

nixos-unstable -
- nixpkgs-unstable 0.72.0

pkgs.rust-petname

Generate human readable random names

nixos-unstable -
- nixpkgs-unstable 2.0.2

pkgs.rustc-wasm32

Safe, concurrent, practical language (wrapper script)

nixos-unstable -
- nixpkgs-unstable 1.89.0

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

nixos-unstable -
- nixpkgs-unstable 2.79.3

pkgs.i3status-rust

Very resource-friendly and feature-rich replacement for i3status

nixos-unstable -
- nixpkgs-unstable 0.34.0

pkgs.parinfer-rust

Infer parentheses for Clojure, Lisp, and Scheme

nixos-unstable -
- nixpkgs-unstable 0.4.3-unstable-2024-05-07

pkgs.rust-analyzer

Modular compiler frontend for the Rust language

nixos-unstable -
- nixpkgs-unstable 2025-08-25

pkgs.rust-cbindgen

Project for generating C bindings from Rust code

nixos-unstable -
- nixpkgs-unstable 0.29.0

pkgs.rust-parallel

Rust shell tool to run commands in parallel with a similar interface to GNU parallel

nixos-unstable -
- nixpkgs-unstable 1.18.1

pkgs.rust-traverse

Terminal based file explorer

nixos-unstable -
- nixpkgs-unstable 2.0.0

pkgs.rustls-libssl

Partial reimplementation of the OpenSSL 3 libssl ABI using rustls

nixos-unstable -
- nixpkgs-unstable 0.2.1

pkgs.rusty-psn-gui

Simple tool to grab updates for PS3 games, directly from Sony's servers using their updates API

nixos-unstable -
- nixpkgs-unstable 0.5.9

pkgs.starlark-rust

Rust implementation of the Starlark language

nixos-unstable -
- nixpkgs-unstable 0.13.0

pkgs.svd2rust-form

Library for splitting apart a large file with multiple modules into the idiomatic rust directory structure

nixos-unstable -
- nixpkgs-unstable 0.13.0

pkgs.aw-server-rust

High-performance implementation of the ActivityWatch server, written in Rust

nixos-unstable -
- nixpkgs-unstable 0.13.2

pkgs.capnproto-rust

Cap'n Proto codegen plugin for Rust

nixos-unstable -
- nixpkgs-unstable 0.21.2

pkgs.doh-proxy-rust

Fast, mature, secure DoH server proxy written in Rust

nixos-unstable -
- nixpkgs-unstable 0.9.12

pkgs.faust2jackrust

The faust2jackrust script, part of faust functional programming language for realtime audio signal processing

nixos-unstable -
- nixpkgs-unstable 2.79.3

pkgs.rustc-demangle

Rust symbol demangling

nixos-unstable -
- nixpkgs-unstable 0.1.20

pkgs.rusty-diceware

Commandline diceware, with or without dice, written in Rustlang

nixos-unstable -
- nixpkgs-unstable 0.5.8

pkgs.rustypaste-cli

CLI tool for rustypaste

nixos-unstable -
- nixpkgs-unstable 0.9.4

pkgs.scx.rustscheds

Sched-ext Rust userspace schedulers

nixos-unstable -
- nixpkgs-unstable 1.0.16

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

nixos-unstable -
- nixpkgs-unstable 1.1.1

pkgs.protoc-gen-rust

Protobuf plugin for generating Rust code

nixos-unstable -
- nixpkgs-unstable 3.5.0

pkgs.rust-audit-info

Command-line tool to extract the dependency trees embedded in binaries by cargo-auditable

nixos-unstable -
- nixpkgs-unstable 0.5.2

pkgs.rust-streamdeck

ibusb based driver for Elgato StreamDeck devices

nixos-unstable -
- nixpkgs-unstable 0.9.0

pkgs.rustc-unwrapped

Safe, concurrent, practical language

nixos-unstable -
- nixpkgs-unstable 1.89.0

pkgs.rustdesk-server

RustDesk Server Program

nixos-unstable -
- nixpkgs-unstable 1.1.14

pkgs.mrustc-minicargo

Minimalist builder for Rust

nixos-unstable -
- nixpkgs-unstable 0.11.2

pkgs.rust-stakeholder

Generate impressive-looking terminal output to look busy when stakeholders walk by

nixos-unstable -
- nixpkgs-unstable 0-unstable-2025-03-15

pkgs.rustdesk-flutter

Virtual / remote desktop infrastructure for everyone! Open source TeamViewer / Citrix alternative

nixos-unstable -
- nixpkgs-unstable 1.4.1

pkgs.shadowsocks-rust

Rust port of Shadowsocks

nixos-unstable -
- nixpkgs-unstable 1.23.5

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable -
- nixpkgs-unstable 142.0.1

pkgs.languagetool-rust

LanguageTool API in Rust

nixos-unstable -
- nixpkgs-unstable 2.1.5

pkgs.cargo-bisect-rustc

Bisects rustc, either nightlies or CI artifacts

nixos-unstable -
- nixpkgs-unstable 0.6.8

pkgs.lomiri.trust-store

Common implementation of a trust store to be used by trusted helpers

nixos-unstable -
- nixpkgs-unstable 2.0.2

pkgs.piping-server-rust

Infinitely transfer between every device over pure HTTP with pipes or browsers

nixos-unstable -
- nixpkgs-unstable 0.18.0

pkgs.rust-code-analysis

Analyze and collect metrics on source code

nixos-unstable -
- nixpkgs-unstable 0.0.25

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account

nixos-unstable -
- nixpkgs-unstable 1.9.0

pkgs.parinfer-rust-emacs

Emacs centric fork of parinfer-rust

nixos-unstable -
- nixpkgs-unstable 0.4.7

pkgs.jetbrains.rust-rover

Rust IDE from JetBrains

nixos-unstable -
- nixpkgs-unstable 2025.2.1

pkgs.protoc-gen-rust-grpc

Protobuf plugin for generating Rust code for gRPC

nixos-unstable -
- nixpkgs-unstable 0.8.3

pkgs.firefox-esr-unwrapped

Web browser built from Firefox source tree

nixos-unstable -
- nixpkgs-unstable 140.2.0esr

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.armTrustedFirmwareS905

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable -
- nixpkgs-unstable 144.0b1

pkgs.rocmPackages.rocthrust

ROCm parallel algorithm library

nixos-unstable -
- nixpkgs-unstable 6.3.3

pkgs.rust-bindgen-unwrapped

Automatically generates Rust FFI bindings to C (and some C++) libraries

nixos-unstable -
- nixpkgs-unstable 0.72.0

pkgs.tests.writers.bin.rust

None

nixos-unstable -
- nixpkgs-unstable

pkgs.armTrustedFirmwareTools

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.rust-analyzer-unwrapped

Modular compiler frontend for the Rust language

nixos-unstable -
- nixpkgs-unstable 2025-08-25

pkgs.vimPlugins.rustaceanvim

🦀 Supercharge your Rust experience in Neovim! A heavily modified fork of rust-tools.nvim

nixos-unstable -
- nixpkgs-unstable luajit2.1-rustaceanvim-6.9.2-1-unstable-6.9.2-1

pkgs.armTrustedFirmwareRK3328

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable rk3328-2.13.0

pkgs.armTrustedFirmwareRK3399

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable rk3399-2.13.0

pkgs.armTrustedFirmwareRK3568

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable rk3568-2.13.0

pkgs.armTrustedFirmwareRK3588

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable rk3588-2.13.0

pkgs.luaPackages.rustaceanvim

🦀 Supercharge your Rust experience in Neovim! A heavily modified fork of rust-tools.nvim

nixos-unstable -
- nixpkgs-unstable 6.9.2-1

pkgs.rocmPackages_6.rocthrust

ROCm parallel algorithm library

nixos-unstable -
- nixpkgs-unstable 6.3.3

pkgs.vimPlugins.parinfer-rust

Infer parentheses for Clojure, Lisp, and Scheme

nixos-unstable -
- nixpkgs-unstable 0.4.3-unstable-2024-05-07

pkgs.python312Packages.trustme

High quality TLS certs while you wait, for the discerning tester

nixos-unstable -
- nixpkgs-unstable 1.2.1

pkgs.python313Packages.trustme

High quality TLS certs while you wait, for the discerning tester

nixos-unstable -
- nixpkgs-unstable 1.2.1

pkgs.lua51Packages.rustaceanvim

🦀 Supercharge your Rust experience in Neovim! A heavily modified fork of rust-tools.nvim

nixos-unstable -
- nixpkgs-unstable 6.9.2-1

pkgs.lua52Packages.rustaceanvim

🦀 Supercharge your Rust experience in Neovim! A heavily modified fork of rust-tools.nvim

nixos-unstable -
- nixpkgs-unstable 6.9.2-1

pkgs.lua53Packages.rustaceanvim

🦀 Supercharge your Rust experience in Neovim! A heavily modified fork of rust-tools.nvim

nixos-unstable -
- nixpkgs-unstable 6.9.2-1

pkgs.lua54Packages.rustaceanvim

🦀 Supercharge your Rust experience in Neovim! A heavily modified fork of rust-tools.nvim

nixos-unstable -
- nixpkgs-unstable 6.9.2-1

pkgs.armTrustedFirmwareAllwinner

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable sun50i_a64-2.13.0

pkgs.flutter_rust_bridge_codegen

Flutter/Dart <-> Rust binding generator, feature-rich, but seamless and simple

nixos-unstable -
- nixpkgs-unstable 2.11.1

pkgs.luajitPackages.rustaceanvim

🦀 Supercharge your Rust experience in Neovim! A heavily modified fork of rust-tools.nvim

nixos-unstable -
- nixpkgs-unstable 6.9.2-1

pkgs.python312Packages.rustworkx

High performance Python graph library implemented in Rust

nixos-unstable -
- nixpkgs-unstable 0.16.0

pkgs.python313Packages.rustworkx

High performance Python graph library implemented in Rust

nixos-unstable -
- nixpkgs-unstable 0.16.0

pkgs.rust-synapse-state-compress

Tool to compress some state in a Synapse instance's database

nixos-unstable -
- nixpkgs-unstable 0.1.4

pkgs.tests.writers.wrapping.rust

None

nixos-unstable -
- nixpkgs-unstable

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable -
- nixpkgs-unstable 144.0b1

pkgs.kakounePlugins.parinfer-rust

Infer parentheses for Clojure, Lisp, and Scheme

nixos-unstable -
- nixpkgs-unstable 0.4.3-unstable-2024-05-07

pkgs.python312Packages.truststore

Verify certificates using native system trust stores

nixos-unstable -
- nixpkgs-unstable 0.10.1

pkgs.python313Packages.truststore

Verify certificates using native system trust stores

nixos-unstable -
- nixpkgs-unstable 0.10.1

pkgs.vimPlugins.coc-rust-analyzer

rust-analyzer for Vim/Neovim, works as an extension with coc.nvim

nixos-unstable -
- nixpkgs-unstable 0.81.0

pkgs.armTrustedFirmwareAllwinnerH6

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable sun50i_h6-2.13.0

pkgs.buildkite-test-collector-rust

Rust adapter for Buildkite Test Analytics

nixos-unstable -
- nixpkgs-unstable 0.1.3

pkgs.nodePackages.coc-rust-analyzer

rust-analyzer for Vim/Neovim, works as an extension with coc.nvim

nixos-unstable -
- nixpkgs-unstable 0.81.0

pkgs.python312Packages.buildcatrust

Build SSL/TLS trust stores

nixos-unstable -
- nixpkgs-unstable 0.4.0

pkgs.python313Packages.buildcatrust

Build SSL/TLS trust stores

nixos-unstable -
- nixpkgs-unstable 0.4.0

pkgs.typstPackages.qec-thrust_0_1_0

A package for drawing quantum error correction codes with Typst

nixos-unstable -
- nixpkgs-unstable 0.1.0

pkgs.armTrustedFirmwareAllwinnerH616

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable sun50i_h616-2.13.0

pkgs.rustup-toolchain-install-master

Install a rustc master toolchain usable from rustup

nixos-unstable -
- nixpkgs-unstable 1.9.0

pkgs.gnomeExtensions.firefox-profiles

Easily launch Firefox with your favorite profile right from the indicator menu!

nixos-unstable -
- nixpkgs-unstable 4

pkgs.haskellPackages.tree-sitter-rust

Tree-sitter grammar/parser for Rust

nixos-unstable -
- nixpkgs-unstable 0.1.0.2

pkgs.perlPackages.PodCoverageTrustPod

Allow a module's pod to contain Pod::Coverage hints

nixos-unstable -
- nixpkgs-unstable 0.100006

pkgs.python312Packages.skytemple-rust

Binary Rust extensions for SkyTemple

nixos-unstable -
- nixpkgs-unstable 1.8.5

pkgs.python313Packages.skytemple-rust

Binary Rust extensions for SkyTemple

nixos-unstable -
- nixpkgs-unstable 1.8.5

pkgs.haskellPackages.lambdabot-trusted

Lambdabot trusted code

nixos-unstable -
- nixpkgs-unstable 5.3.1.2

pkgs.python312Packages.setuptools-rust

Setuptools plugin for Rust support

nixos-unstable -
- nixpkgs-unstable 1.12.0

pkgs.python313Packages.setuptools-rust

Setuptools plugin for Rust support

nixos-unstable -
- nixpkgs-unstable 1.12.0

pkgs.python312Packages.py-rust-stemmers

High-performance Python wrapper around the rust-stemmers library, utilizing the Snowball stemming algorithm

nixos-unstable -
- nixpkgs-unstable 0.1.5

pkgs.python312Packages.tree-sitter-rust

Rust grammar for tree-sitter

nixos-unstable -
- nixpkgs-unstable 0.24.0

pkgs.python313Packages.py-rust-stemmers

High-performance Python wrapper around the rust-stemmers library, utilizing the Snowball stemming algorithm

nixos-unstable -
- nixpkgs-unstable 0.1.5

pkgs.python313Packages.tree-sitter-rust

Rust grammar for tree-sitter

nixos-unstable -
- nixpkgs-unstable 0.24.0

pkgs.azure-cli-extensions.trustedsigning

Microsoft Azure Command-Line Tools Trustedsigning Extension

nixos-unstable -
- nixpkgs-unstable 1.0.0b2

pkgs.perl538Packages.PodCoverageTrustPod

Allow a module's pod to contain Pod::Coverage hints

nixos-unstable -
- nixpkgs-unstable 0.100006

pkgs.perl540Packages.PodCoverageTrustPod

Allow a module's pod to contain Pod::Coverage hints

nixos-unstable -
- nixpkgs-unstable 0.100006

pkgs.python312Packages.ipv8-rust-tunnels

A set of performance enhancements to the TunnelCommunity, the anonymization layer used in IPv8 and Tribler

nixos-unstable -
- nixpkgs-unstable ipv8-rust-tunnels-0.1.34

pkgs.python313Packages.ipv8-rust-tunnels

A set of performance enhancements to the TunnelCommunity, the anonymization layer used in IPv8 and Tribler

nixos-unstable -
- nixpkgs-unstable ipv8-rust-tunnels-0.1.34

pkgs.roundcubePlugins.thunderbird_labels

None

nixos-unstable -
- nixpkgs-unstable 1.6.0

pkgs.thunderbirdPackages.thunderbird-128

Full-featured e-mail client

nixos-unstable -
- nixpkgs-unstable 128.14.0esr

pkgs.thunderbirdPackages.thunderbird-esr

Full-featured e-mail client

nixos-unstable -
- nixpkgs-unstable 140.2.1esr

pkgs.luaPackages.luarocks-build-rust-mlua

A LuaRocks build backend for Lua modules written in Rust using mlua

nixos-unstable -
- nixpkgs-unstable 0.2.5-1

pkgs.linuxPackages.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.nodePackages_latest.coc-rust-analyzer

rust-analyzer for Vim/Neovim, works as an extension with coc.nvim

nixos-unstable -
- nixpkgs-unstable 0.81.0

pkgs.tree-sitter-grammars.tree-sitter-rust

None

nixos-unstable -
- nixpkgs-unstable 0.25.6

pkgs.lua51Packages.luarocks-build-rust-mlua

A LuaRocks build backend for Lua modules written in Rust using mlua

nixos-unstable -
- nixpkgs-unstable 0.2.5-1

pkgs.lua52Packages.luarocks-build-rust-mlua

A LuaRocks build backend for Lua modules written in Rust using mlua

nixos-unstable -
- nixpkgs-unstable 0.2.5-1

pkgs.lua53Packages.luarocks-build-rust-mlua

A LuaRocks build backend for Lua modules written in Rust using mlua

nixos-unstable -
- nixpkgs-unstable 0.2.5-1

pkgs.lua54Packages.luarocks-build-rust-mlua

A LuaRocks build backend for Lua modules written in Rust using mlua

nixos-unstable -
- nixpkgs-unstable 0.2.5-1

pkgs.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable -
- nixpkgs-unstable 142.0

pkgs.luajitPackages.luarocks-build-rust-mlua

A LuaRocks build backend for Lua modules written in Rust using mlua

nixos-unstable -
- nixpkgs-unstable 0.2.5-1

pkgs.vimPlugins.nvim-treesitter-parsers.rust

None

nixos-unstable -
- nixpkgs-unstable

pkgs.python312Packages.betterproto-rust-codec

Converter between betterproto messages and the Protobuf wire format

nixos-unstable -
- nixpkgs-unstable 0.1.1

pkgs.python313Packages.betterproto-rust-codec

Converter between betterproto messages and the Protobuf wire format

nixos-unstable -
- nixpkgs-unstable 0.1.1

pkgs.linuxPackages_lqx.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxPackages_zen.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.python312Packages.setuptoolsRustBuildHook

None

nixos-unstable -
- nixpkgs-unstable

pkgs.python313Packages.setuptoolsRustBuildHook

None

nixos-unstable -
- nixpkgs-unstable

pkgs.vscode-extensions.rust-lang.rust-analyzer

Alternative rust language server to the RLS

nixos-unstable -
- nixpkgs-unstable 0.3.2308

pkgs.vscode-extensions.techtheawesome.rust-yew

VSCode extension that provides some language features for Yew's html macro syntax

nixos-unstable -
- nixpkgs-unstable 0.2.3

pkgs.linuxPackages-libre.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxPackages_latest.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxPackages_xanmod.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxPackages_latest-libre.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxPackages_xanmod_stable.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxKernel.packages.linux_lqx.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxKernel.packages.linux_zen.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxKernel.packages.linux_6_12.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxKernel.packages.linux_6_16.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.python312Packages.tree-sitter-grammars.tree-sitter-rust

Python bindings for tree-sitter-rust

nixos-unstable -
- nixpkgs-unstable 0.25.6

pkgs.python313Packages.tree-sitter-grammars.tree-sitter-rust

Python bindings for tree-sitter-rust

nixos-unstable -
- nixpkgs-unstable 0.25.6

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

nixos-unstable -
- nixpkgs-unstable 2.15.0

pkgs.linuxKernel.packages.linux_libre.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxKernel.packages.linux_xanmod.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxKernel.packages.linux_hardened.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxKernel.packages.linux_latest_libre.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxKernel.packages.linux_6_12_hardened.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

pkgs.linuxKernel.packages.linux_xanmod_stable.rust-out-of-tree-module

Basic template for an out-of-tree Linux kernel module written in Rust

nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-06

Package maintainers

@ners ners <ners@gmx.ch>
@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@huantianad David Li <davidtianli@gmail.com>
@katexochen Paul Meyer <katexochen0@gmail.com>
@ulrikstrid Ulrik Strid <ulrik.strid@outlook.com>
@lukegb Luke Granger-Brown <nix@lukegb.com>
@jfroche Jean-François Roche <jfroche@pyxel.be>
@solson Scott Olson <scott@solson.me>
@mikroskeem Mark Vainomaa <mikroskeem@mikroskeem.eu>
@saschagrunert Sascha Grunert <mail@saschagrunert.de>
@vdemeester Vincent Demeester <vincent@sbr.pm>
@stephank Stéphan Kochen <nix@stephank.nl>
@pmahoney Patrick Mahoney <pat@polycrystal.org>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@ryze312 Ryze
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
@rhendric Ryan Hendrickson
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
@schnusch schnusch
@unode Renato Alves <alves.rjc@gmail.com>
@camillemndn Camille M. <camillemondon@free.fr>
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
@hatch01 Eymeric Dechelette <hatchchien@protonmail.com>
@honnip Jung seungwoo <me@honnip.page>
@Moraxyc Moraxyc Xu <i@qaq.li>
@backuitist Bruno Bieth <biethb@gmail.com>
@globin Robin Gloster <mail@glob.in>
@lelgenio Leonardo Eugênio <lelgenio@lelgenio.com>
@thiagokokada Thiago K. Okada <thiagokokada@gmail.com>
@GenericNerdyUsername GenericNerdyUsername <genericnerdyusername@proton.me>
@theCapypara Marco Köpcke <hello@capypara.de>
@jamesward James Ward <james@jamesward.com>
@edwtjo Edward Tjörnhammar <ed@cflags.cc>
@leona-ya Leona Maroni <nix@leona.is>
@eraserhd Jason Felice <jason.m.felice@gmail.com>
@name-snrl Yusup Urazaev
@blitz Julian Stecklina <js@alien8.de>
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
@mrcjkb Marc Jakobi <marc@jakobi.dev>
@progval Valentin Lorentz <progval+nix@progval.net>
@r-burns Ryan Burns <rtburns@protonmail.com>
@brsvh Burgess Chang <bsc@brsvh.org>
@figsoda figsoda <figsoda@pm.me>
@lucperkins Luc Perkins <lucperkins@gmail.com>
@sarahec Sarah Clark <seclark@nextquestion.net>
@mlaradji Mohamed Laradji <mlaradji@pm.me>
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@RaitoBezarius Ryan Lahfa <ryan@lahfa.xyz>
@marius851000 Marius David <nix@mariusdavid.fr>
@A-jay98 Ali Jamadi <ali@jamadi.me>
@adfaure Adrien Faure <adfaure@pm.me>
@stepbrobd Yifei Sun <ysun@hey.com>
@mightyiam Shahar "Dawn" Or <mightyiampresence@gmail.com>
@doronbehar Doron Behar <me@doronbehar.com>
@catern Spencer Baugh <sbaugh@catern.com>
@anthonyroussel Anthony Roussel <anthony@roussel.dev>
@mschwaig Martin Schwaighofer <mschwaig+nixpkgs@eml.cc>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@GZGavinZhao Gavin Zhao
@Flakebi Sebastian Neubauer <flakebi@t-online.de>
@oxalica oxalica <oxalicc@pm.me>
@JohnTitor Yuki Okushi <huyuumi.dev@gmail.com>
@sedlund Scott Edlund <scott+nixpkgs@teraton.com>
@0xda157 0xda157 <da157@voidq.com>
@blackheaven Gautier Di Folco <gautier.difolco@gmail.com>
@maralorn maralorn <mail@maralorn.de>
@zowoq zowoq
@winterqt Winter <nixos@winter.cafe>
@Mic92 Jörg Thalheim <joerg@thalheim.io>
@Havvy Ryan Scheel <ryan.havvy@gmail.com>
@tjni Theodore Ni <43ngvg@masqt.com>
@sledgehammervampire Kevin Tran
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
@Leixb Aleix Boné <abone9999@gmail.com>
@ocfox ocfox <i@ocfox.me>
@helsinki-Jo Joachim Ernst <joachim.ernst@helsinki-systems.de>
@Conni2461 Simon Hauser <simon-hauser@outlook.com>
@dasJ Janne Heß <janne@hess.ooo>
@gaelreyrol Gaël Reyrol <me@gaelreyrol.dev>
@jordan-bravo Jordan Bravo <jordan@bravo.cc>
@nartsisss Daniil Nartsissov <nartsiss@proton.me>
@basvandijk Bas van Dijk <v.dijk.bas@gmail.com>
@Detegr Antti Keränen <detegr@rbx.email>
@NobbZ Norbert Melzer <timmelzer+nixpkgs@gmail.com>
@philipmw Philip White <philip@mailworks.org>
@poperigby PopeRigby
@luftmensch-luftmensch Valentino Bocchetti <valentinobocchetti59@gmail.com>
@LeSuisse Thomas Gerbet <thomas@gerbet.me>
@cpu Daniel McCarney <daniel@binaryparadox.net>
@0x61nas Anas Elgarhy <anas.elgarhy.dev@gmail.com>
@oluceps oluceps <nixos@oluceps.uk>
@prusnak Pavol Rusnak <pavol@rusnak.io>
@happysalada Raphael Megzari <raphael@megzari.com>
@Aleksanaa Aleksana QwQ <me@aleksana.moe>
@CherryKitten CherryKitten <contact@cherrykitten.dev>
@Defelo Defelo
@AngryAnt Emil "AngryAnt" Johansen <git@eej.dk>
@seqizz Gurkan Gur <seqizz@gmail.com>
@Gliczy Gliczy
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@newAM Alex Martens <alex@thinglab.org>
@fidgetingbits fidgetingbits <nixpkgs.xe7au@passmail.net>
@vcunat Vladimír Čunát <v@cunat.cz>
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
@nbp Nicolas B. Pierron <nixos@nbp.name>
@cherrypiejam Gongqi Huang
@bjornfor Bjørn Forsman <bjorn.forsman@gmail.com>
@felschr Felix Schröter <dev@felschr.com>
@CardboardTurkey Kiran Ostrolenk <kiran@ostrolenk.co.uk>

Permalink CVE-2025-3931

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

Yggdrasil: local privilege escalation in yggdrasil

A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component. Yggdrasil creates a DBus method to dispatch messages to workers. However, it misses authentication and authorization checks, allowing every system user to call it. One available Yggdrasil worker acts as a package manager with capabilities to create and enable new repositories and install or remove packages. This flaw allows an attacker with access to the system to leverage the lack of authentication on the dispatch message to force the Yggdrasil worker to install arbitrary RPM packages. This issue results in local privilege escalation, enabling the attacker to access and modify sensitive system data.

References

https://access.redhat.com/security/cve/CVE-2025-3931 x_refsource_REDHAT vdb-entry
RHBZ#2362345 issue-tracking x_refsource_REDHAT
RHSA-2025:7592 vendor-advisory x_refsource_REDHAT
RHSA-2025:7592 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3931 x_refsource_REDHAT vdb-entry
RHBZ#2362345 issue-tracking x_refsource_REDHAT
RHSA-2025:7592 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3931 x_refsource_REDHAT vdb-entry
RHBZ#2362345 issue-tracking x_refsource_REDHAT
RHSA-2025:7592 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3931 x_refsource_REDHAT vdb-entry
RHBZ#2362345 issue-tracking x_refsource_REDHAT
https://github.com/RedHatInsights/yggdrasil/pull/336
RHSA-2025:7592 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3931 x_refsource_REDHAT vdb-entry
RHBZ#2362345 issue-tracking x_refsource_REDHAT
https://github.com/RedHatInsights/yggdrasil/pull/336
RHSA-2025:7592 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3931 x_refsource_REDHAT vdb-entry
RHBZ#2362345 issue-tracking x_refsource_REDHAT
https://github.com/RedHatInsights/yggdrasil/pull/336

Affected products

yggdrasil

<0.4.7
*

rhc-worker-playbook

Matching in nixpkgs

pkgs.yggdrasil

Experiment in scalable routing as an encrypted IPv6 overlay network

nixos-unstable -
- nixpkgs-unstable 0.5.12

pkgs.yggdrasil-jumper

Reduce latency of a connection over Yggdrasil Network

nixos-unstable -
- nixpkgs-unstable 0.3.1

Package maintainers

@gazally Gemini Lasswell <gazally@runbox.com>
@Lassulus Lassulus <lassulus@gmail.com>
@peigongdsd Peilin Lee <peigong2013@outlook.com>
@one-d-wide Remy D. Farley <one-d-wide@protonmail.com>

Permalink CVE-2024-4981

7.6 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

Pagure: _update_file_in_git() follows symbolic links in temporary clones

A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.

References

https://access.redhat.com/security/cve/CVE-2024-4981 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=2278745
RHBZ#2280723 issue-tracking x_refsource_REDHAT
https://pagure.io/pagure/c/454f2677bc50d7176f07da9784882eb2176537f4

Affected products

pagure

<5.14.1

Matching in nixpkgs

pkgs.haskellPackages.pagure

Pagure REST client library

nixos-unstable -
- nixpkgs-unstable 0.2.1

pkgs.haskellPackages.pagure-cli

A Pagure gitforge query tool

nixos-unstable -
- nixpkgs-unstable 0.2.2

Permalink CVE-2024-4982

7.6 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

Pagure: path traversal in view_issue_raw_file()

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.

References

https://access.redhat.com/security/cve/CVE-2024-4982 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=2279411
RHBZ#2280726 issue-tracking x_refsource_REDHAT
https://pagure.io/pagure/c/c43844d23c919133fc983fe8c0f1dfb3b86e67d0

Affected products

pagure

<5.14.1

Matching in nixpkgs

pkgs.haskellPackages.pagure

Pagure REST client library

nixos-unstable -
- nixpkgs-unstable 0.2.1

pkgs.haskellPackages.pagure-cli

A Pagure gitforge query tool

nixos-unstable -
- nixpkgs-unstable 0.2.2

Automatically generated suggestions

References

Affected products

Matching in nixpkgs

pkgs.libsoup_3

pkgs.libsoup_2_4

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libsoup-gnome-2.4%22

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.wishlist

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.asciiquarium-transparent

pkgs.materia-theme-transparent

pkgs.gnomeExtensions.transparent-top-bar

pkgs.gnomeExtensions.transparent-window-moving

pkgs.sway-contrib.inactive-windows-transparency

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.perlPackages.FCGI

pkgs.perl538Packages.FCGI

pkgs.perl540Packages.FCGI

pkgs.perlPackages.FCGIClient

pkgs.perl538Packages.FCGIClient

pkgs.perl540Packages.FCGIClient

pkgs.perlPackages.FCGIProcManager

pkgs.perl538Packages.FCGIProcManager

pkgs.perl540Packages.FCGIProcManager

References

Affected products

Matching in nixpkgs

pkgs.perlPackages.BSONXS

pkgs.perl538Packages.BSONXS

pkgs.perl540Packages.BSONXS

References

Affected products

Matching in nixpkgs

pkgs.gnome-remote-desktop

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.irust

pkgs.mrustc

pkgs.rustup

pkgs.rustus

pkgs.rustcat

pkgs.rustfmt

pkgs.rustdesk

pkgs.rustical

pkgs.rustscan

pkgs.rustycli

pkgs.svd2rust

pkgs.conmon-rs

pkgs.hath-rust

pkgs.rust-motd

pkgs.rustdress

pkgs.rusti-cal

pkgs.rustic-rs

pkgs.rustlings

pkgs.rusty-man

pkgs.rusty-psn

pkgs.rustywind

pkgs.xulrunner

pkgs.firefoxpwa

pkgs.rpm-ostree

pkgs.rustfinity

pkgs.rustls-ffi

pkgs.rustplayer

pkgs.rustpython

pkgs.rusty-bash

pkgs.rustypaste

pkgs.slowlorust