Nixpkgs Security Tracker

Login with GitHub

Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:
Compact
Detailed
Permalink CVE-2024-24705
5.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 6 months ago
WordPress Accessibility Plugin <= 1.0.6 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Octa Code Accessibility.This issue affects Accessibility: from n/a through 1.0.6.

References

Affected products

accessibility
  • =<1.0.6

Matching in nixpkgs

Permalink CVE-2024-27132
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe.

Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables.

References

Affected products

mlflow
  • =<2.9.2

Matching in nixpkgs

pkgs.mlflow-server

Open source platform for the machine learning lifecycle

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-27133
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset.

Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. This issue leads to a client-side RCE when running the recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over dataset table fields.

References

Affected products

mlflow
  • =<2.9.2

Matching in nixpkgs

pkgs.mlflow-server

Open source platform for the machine learning lifecycle

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-27319
4.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 6 months ago
Versions of the package onnx before and including 1.15.0 are …

Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.

References

Affected products

onnx
  • =<1.15.0

Matching in nixpkgs

pkgs.onnxruntime

Cross-platform, high performance scoring engine for ML models

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-27318
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 6 months ago
Versions of the package onnx before and including 1.15.0 are …

Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch added for CVE-2022-25882.

References

Affected products

onnx
  • =<1.15.0

Matching in nixpkgs

pkgs.onnxruntime

Cross-platform, high performance scoring engine for ML models

  • nixos-unstable -

Package maintainers

Permalink CVE-2023-3966
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 6 months ago
Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.

References

Affected products

openvswitch
  • ==3.1.0
openvswitch3.0
openvswitch3.1
openvswitch3.2
openvswitch2.10
openvswitch2.11
openvswitch2.12
openvswitch2.13
openvswitch2.15
openvswitch2.16
openvswitch2.17
rdo-openvswitch
openvswitch-ovn-kubernetes

Matching in nixpkgs

Package maintainers

Permalink CVE-2024-24798
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 6 months ago
WordPress Debug Plugin <= 1.10 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in SoniNow Team Debug.This issue affects Debug: from n/a through 1.10.

References

Affected products

debug
  • =<1.10

Matching in nixpkgs

pkgs.mspds

TI MSP430 FET debug driver

pkgs.udebug

OpenWrt debugging helper library/service

pkgs.mspdebug

Free programmer, debugger, and gdb proxy for MSP430 MCUs

  • nixos-unstable -

pkgs.debugedit

Provides programs and scripts for creating debuginfo and source file distributions, collect build-ids and rewrite source paths in DWARF data for debugging, tracing and profiling

  • nixos-unstable -

pkgs.mspds-bin

Unfree binary release of the TI MSP430 FET debug driver

pkgs.c64-debugger

Commodore 64, Atari XL/XE and NES code and memory debugger that works in real time

pkgs.perl-debug-adapter

Debug adapter, invokes perl -d and handles communication with VS Code or other editors

  • nixos-unstable -

pkgs.godot3-debug-server

Free and Open Source 2D and 3D game engine (debug server)

  • nixos-unstable -

pkgs.nixseparatedebuginfod

Downloads and provides debug symbols and source code for nix derivations to gdb and other debuginfod-capable debuggers as needed

  • nixos-unstable -

pkgs.react-native-debugger

Standalone app based on official debugger of React Native, and includes React Inspector / Redux DevTools

  • nixos-unstable -

pkgs.ios-webkit-debug-proxy

DevTools proxy (Chrome Remote Debugging Protocol) for iOS devices (Safari Remote Web Inspector)

  • nixos-unstable -

pkgs.nixseparatedebuginfod2

Downloads and provides debug symbols and source code for nix derivations to gdb and other debuginfod-capable debuggers as needed

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-25982
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 6 months ago
Msa-24-0005: csrf risk in language import utility

The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.

References

Affected products

4.2.6
  • ==and 4.1.9
moodle
  • ==4.3.3
  • <4.2.6
  • <4.1.9
  • <4.3.3

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

  • nixos-unstable -

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-1633
2.0 LOW
  • CVSS version: 3.1
  • Attack vector (AV): PHYSICAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 6 months ago
FIP Header Integer Overflow

During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the table “bl2_mem_params_descs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integer value, it can result to an integer overflow. An attacker can bypass memory range restriction and write data out of buffer bounds, which could result in bypass of secure boot. Affected git version from c2f286820471ed276c57e603762bd831873e5a17 until (not 

References

Affected products

arm-trusted-firmware
  • ==v2.5

Matching in nixpkgs

Package maintainers

Permalink CVE-2024-25983
3.5 LOW
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 6 months ago
Msa-24-0006: idor on dashboard comments block

Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).

References

Affected products

4.2.6
  • ==and 4.1.9
moodle
  • ==4.3.3
  • <4.2.6
  • <4.1.9
  • <4.3.3

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

  • nixos-unstable -

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

  • nixos-unstable -

Package maintainers