Nixpkgs Security Tracker

Permalink CVE-2012-4441

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed
10 packages
- jenkins-job-builder
- python312Packages.jenkinsapi
- python313Packages.jenkinsapi
- python314Packages.jenkinsapi
- python312Packages.python-jenkins
- python313Packages.python-jenkins
- python314Packages.python-jenkins
- python312Packages.jenkins-job-builder
- python313Packages.jenkins-job-builder
- python314Packages.jenkins-job-builder
1 month ago

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS …

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.

References

https://www.cloudbees.com/jenkins-security-advisory-2012-09-17 x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/09/21/2 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-4441 x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/09/21/2 x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-4441 x_transferred x_refsource_MISC
https://www.cloudbees.com/jenkins-security-advisory-2012-09-17 x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/09/21/2 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-4441 x_refsource_MISC
https://www.cloudbees.com/jenkins-security-advisory-2012-09-17 x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/09/21/2 x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-4441 x_transferred x_refsource_MISC
https://www.cloudbees.com/jenkins-security-advisory-2012-09-17 x_transferred x_refsource_MISC

Affected products

jenkins

==1.482

Matching in nixpkgs

pkgs.jenkins

Extendable open source continuous integration server

nixos-unstable 2.541.1
- nixpkgs-unstable 2.541.1
- nixos-unstable-small 2.541.1
nixos-25.11 2.541.1
- nixos-25.11-small 2.541.1
- nixpkgs-25.11-darwin 2.541.1

Ignored packages (10)

pkgs.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python312Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python313Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15
nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python314Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15

pkgs.python312Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python313Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3
nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python314Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3

pkgs.python312Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python313Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python314Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2

Package maintainers

@coreyoconnor Corey O'Connor <coreyoconnor@gmail.com>
@earldouglas James Earl Douglas <james@earldouglas.com>
@NeQuissimus Tim Steinbach <tim@nequissimus.com>

Permalink CVE-2012-5644

created 1 month ago

libuser has information disclosure when moving user's home directory

References

https://security-tracker.debian.org/tracker/CVE-2012-5644 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5644 x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html x_refsource_MISC
Red Hat vendor-advisory x_refsource_REDHAT
https://security-tracker.debian.org/tracker/CVE-2012-5644 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5644 x_transferred x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html x_transferred x_refsource_MISC
Red Hat vendor-advisory x_refsource_REDHAT x_transferred
https://security-tracker.debian.org/tracker/CVE-2012-5644 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5644 x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html x_refsource_MISC
Red Hat vendor-advisory x_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html x_transferred x_refsource_MISC
Red Hat vendor-advisory x_refsource_REDHAT x_transferred
https://security-tracker.debian.org/tracker/CVE-2012-5644 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5644 x_transferred x_refsource_MISC

Affected products

libuser

==Fixed in 1:0.60

Matching in nixpkgs

pkgs.lomiri.libusermetrics

Enables apps to locally store interesting numerical data for later presentation

nixos-unstable 1.4.0
- nixpkgs-unstable 1.4.0
- nixos-unstable-small 1.4.0
nixos-25.11 1.3.3
- nixos-25.11-small 1.3.3
- nixpkgs-25.11-darwin 1.3.3

Package maintainers

@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>

Permalink CVE-2012-2078

created 1 month ago

Cross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for …

Cross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for Drupal.

References

http://www.openwall.com/lists/oss-security/2012/04/07/1 x_refsource_MISC
https://www.drupal.org/node/1506562 x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/04/07/1 x_transferred x_refsource_MISC
https://www.drupal.org/node/1506562 x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/04/07/1 x_refsource_MISC
https://www.drupal.org/node/1506562 x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/04/07/1 x_transferred x_refsource_MISC
https://www.drupal.org/node/1506562 x_transferred x_refsource_MISC

Affected products

Activity

==6.x-1.x

Matching in nixpkgs

pkgs.pg_activity

Top like application for PostgreSQL server activity monitoring

nixos-unstable 3.6.1
- nixpkgs-unstable 3.6.1
- nixos-unstable-small 3.6.1
nixos-25.11 3.6.1
- nixos-25.11-small 3.6.1
- nixpkgs-25.11-darwin 3.6.1

pkgs.activitywatch

The best free and open-source automated time tracker

nixos-unstable 0.13.2
- nixpkgs-unstable 0.13.2
- nixos-unstable-small 0.13.2
nixos-25.11 0.13.2
- nixos-25.11-small 0.13.2
- nixpkgs-25.11-darwin 0.13.2

pkgs.ocamlPackages.get-activity

Collect activity and format as markdown for a journal

nixos-unstable 2.0.1
- nixpkgs-unstable 2.0.1
- nixos-unstable-small 2.0.1
nixos-25.11 2.0.1
- nixos-25.11-small 2.0.1
- nixpkgs-25.11-darwin 2.0.1

pkgs.libsForQt5.kactivitymanagerd

None

pkgs.kdePackages.kactivitymanagerd

System service to manage user's activities, track the usage patterns etc.

nixos-unstable 6.5.5
- nixpkgs-unstable 6.5.5
- nixos-unstable-small 6.5.5
nixos-25.11 6.5.5
- nixos-25.11-small 6.5.5
- nixpkgs-25.11-darwin 6.5.5

pkgs.ocamlPackages.get-activity-lib

Collect activity and format as markdown for a journal (lib)

nixos-unstable 2.0.1
- nixpkgs-unstable 2.0.1
- nixos-unstable-small 2.0.1
nixos-25.11 2.0.1
- nixos-25.11-small 2.0.1
- nixpkgs-25.11-darwin 2.0.1

pkgs.ocamlPackages_latest.get-activity

Collect activity and format as markdown for a journal

nixos-unstable 2.0.1
- nixpkgs-unstable 2.0.1
- nixos-unstable-small 2.0.1

pkgs.plasma5Packages.kactivitymanagerd

None

pkgs.haskellPackages.gogol-apps-activity

Google Drive Activity SDK

nixos-unstable 1.0.0
- nixpkgs-unstable 1.0.0
- nixos-unstable-small 1.0.0
nixos-25.11 1.0.0
- nixos-25.11-small 1.0.0
- nixpkgs-25.11-darwin 1.0.0

pkgs.haskellPackages.gogol-driveactivity

Google Drive Activity SDK

nixos-unstable 1.0.0
- nixpkgs-unstable 1.0.0
- nixos-unstable-small 1.0.0
nixos-25.11 1.0.0
- nixos-25.11-small 1.0.0
- nixpkgs-25.11-darwin 1.0.0

pkgs.python312Packages.django-pgactivity

View, filter, and kill Postgres queries

nixos-25.11 1.7.1
- nixos-25.11-small 1.7.1
- nixpkgs-25.11-darwin 1.7.1

pkgs.python313Packages.django-pgactivity

View, filter, and kill Postgres queries

nixos-unstable 1.8.0
- nixpkgs-unstable 1.8.0
- nixos-unstable-small 1.8.0
nixos-25.11 1.7.1
- nixos-25.11-small 1.7.1
- nixpkgs-25.11-darwin 1.7.1

pkgs.python314Packages.django-pgactivity

View, filter, and kill Postgres queries

nixos-unstable 1.8.0
- nixpkgs-unstable 1.8.0
- nixos-unstable-small 1.8.0

pkgs.gnomeExtensions.activitywatch-status

Shows the total time spent on the computer, fork of [activitywatch-status-gnome-shell](https://codeberg.org/cweiske/activitywatch-status-gnome-shell/)

nixos-unstable 2
- nixpkgs-unstable 2
- nixos-unstable-small 2
nixos-25.11 2
- nixos-25.11-small 2
- nixpkgs-25.11-darwin 2

pkgs.gnomeExtensions.activity-app-launcher

Integrates a category-based application launcher in the activities window. IMPORTANT: it needs the 'gnome-menus' and 'libgnome-menu-3-dev'; they must be installed in the system before installing this extension.

nixos-unstable 47
- nixpkgs-unstable 47
- nixos-unstable-small 47
nixos-25.11 45
- nixos-25.11-small 45
- nixpkgs-25.11-darwin 45

pkgs.ocamlPackages_latest.get-activity-lib

Collect activity and format as markdown for a journal (lib)

nixos-unstable 2.0.1
- nixpkgs-unstable 2.0.1
- nixos-unstable-small 2.0.1

pkgs.gnomeExtensions.drive-activity-indicator

Visualize the activity of storage drives (disk activity LED simulator).

nixos-unstable 8
- nixpkgs-unstable 8
- nixos-unstable-small 8
nixos-25.11 8
- nixos-25.11-small 8
- nixpkgs-25.11-darwin 8

pkgs.haskellPackages.rdf4h-vocab-activitystreams

The ActivityStreams 2 RDF vocabulary for rdf4h

nixos-unstable 1.0.0
- nixpkgs-unstable 1.0.0
- nixos-unstable-small 1.0.0
nixos-25.11 1.0.0
- nixos-25.11-small 1.0.0
- nixpkgs-25.11-darwin 1.0.0

Package maintainers

@huantianad David Li <davidtianli@gmail.com>
@honnip Jung seungwoo <me@honnip.page>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@nyanloutre Paul Trehiou <paul@nyanlout.re>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@bkchr Bastian Köcher <nixos@kchr.de>
@NickCao Nick Cao <nickcao@nichi.co>
@peterhoeg Peter Hoeg <peter@hoeg.com>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@K900 Ilya K. <me@0upti.me>
@SCOTT-HAMILTON Scott Hamilton <sgn.hamilton@protonmail.com>
@FRidh Frederik Rietdijk <fridh@fridh.nl>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@mausch Mauricio Scheffer <mauricioscheffer@gmail.com>
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
@zazedd Leonardo Santos <leomendesantos@gmail.com>

Permalink CVE-2012-1567

created 1 month ago

LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in …

LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate.

References

https://github.com/linuxmint/mintupdate/blob/master/usr/lib/linuxmint/mintUpdat… x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/03/19/14 x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/03/19/14 x_transferred x_refsource_MISC
https://github.com/linuxmint/mintupdate/blob/master/usr/lib/linuxmint/mintUpdat… x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/03/19/14 x_refsource_MISC
https://github.com/linuxmint/mintupdate/blob/master/usr/lib/linuxmint/mintUpdat… x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/03/19/14 x_transferred x_refsource_MISC
https://github.com/linuxmint/mintupdate/blob/master/usr/lib/linuxmint/mintUpdat… x_transferred x_refsource_MISC

Affected products

Mint

==2012-03-19

Matching in nixpkgs

pkgs.mint

Refreshing language for the front-end web

nixos-unstable 0.28.1
nixos-25.11 0.24.1
- nixos-25.11-small 0.24.1
- nixpkgs-25.11-darwin 0.24.1

pkgs.mintotp

Minimal TOTP generator

nixos-unstable 0.3.0
- nixpkgs-unstable 0.3.0
- nixos-unstable-small 0.3.0
nixos-25.11 0.3.0
- nixos-25.11-small 0.3.0
- nixpkgs-25.11-darwin 0.3.0

pkgs.fedimint

Federated E-Cash Mint

nixos-unstable 0.7.1
- nixpkgs-unstable 0.7.1
- nixos-unstable-small 0.7.1
nixos-25.11 0.7.1
- nixos-25.11-small 0.7.1
- nixpkgs-25.11-darwin 0.7.1

pkgs.tendermint

Byzantine-Fault Tolerant State Machines. Or Blockchain, for short

nixos-unstable 0.35.9
- nixpkgs-unstable 0.35.9
- nixos-unstable-small 0.35.9
nixos-25.11 0.35.9
- nixos-25.11-small 0.35.9
- nixpkgs-25.11-darwin 0.35.9

pkgs.garmintools

Provides the ability to communicate with the Garmin Forerunner 305 via the USB interface

nixos-unstable 0.10
- nixpkgs-unstable 0.10
- nixos-unstable-small 0.10
nixos-25.11 0.10
- nixos-25.11-small 0.10
- nixpkgs-25.11-darwin 0.10

pkgs.latexminted

Python executable for LaTeX minted package

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0
nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.mint-themes

Mint-X and Mint-Y themes for the cinnamon desktop

nixos-unstable 2.3.8
- nixpkgs-unstable 2.3.8
- nixos-unstable-small 2.3.8
nixos-25.11 2.3.2
- nixos-25.11-small 2.3.2
- nixpkgs-25.11-darwin 2.3.2

pkgs.mint-artwork

Artwork for the cinnamon desktop

nixos-unstable 1.9.3
- nixpkgs-unstable 1.9.3
- nixos-unstable-small 1.9.3
nixos-25.11 1.9.2
- nixos-25.11-small 1.9.2
- nixpkgs-25.11-darwin 1.9.2

pkgs.mint-l-icons

Mint-L icon theme

nixos-unstable 1.8.0
- nixpkgs-unstable 1.8.0
- nixos-unstable-small 1.8.0
nixos-25.11 1.7.8
- nixos-25.11-small 1.7.8
- nixpkgs-25.11-darwin 1.7.8

pkgs.mint-l-theme

Mint-L theme for the Cinnamon desktop

nixos-unstable 2.0.6
- nixpkgs-unstable 2.0.6
- nixos-unstable-small 2.0.6
nixos-25.11 2.0.2
- nixos-25.11-small 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.mint-x-icons

Mint/metal theme based on mintified versions of Clearlooks Revamp, Elementary and Faenza

nixos-unstable 1.7.5
- nixpkgs-unstable 1.7.5
- nixos-unstable-small 1.7.5
nixos-25.11 1.7.4
- nixos-25.11-small 1.7.4
- nixpkgs-25.11-darwin 1.7.4

pkgs.mint-y-icons

Mint-Y icon theme

nixos-unstable 1.9.1
- nixpkgs-unstable 1.9.1
- nixos-unstable-small 1.9.1
nixos-25.11 1.8.8
- nixos-25.11-small 1.8.8
- nixpkgs-25.11-darwin 1.8.8

pkgs.marwaita-mint

Variation for marwaita GTK theme based on linux mint color scheme

nixos-unstable 24
- nixpkgs-unstable 24
- nixos-unstable-small 24
nixos-25.11 24
- nixos-25.11-small 24
- nixpkgs-25.11-darwin 24

pkgs.mint-cursor-themes

Linux Mint cursor themes

nixos-unstable 1.0.2
- nixpkgs-unstable 1.0.2
- nixos-unstable-small 1.0.2
nixos-25.11 1.0.2
- nixos-25.11-small 1.0.2
- nixpkgs-25.11-darwin 1.0.2

pkgs.haskellPackages.mintty

A reliable way to detect the presence of a MinTTY console on Windows

nixos-unstable 0.1.4
- nixpkgs-unstable 0.1.4
- nixos-unstable-small 0.1.4
nixos-25.11 0.1.4
- nixos-25.11-small 0.1.4
- nixpkgs-25.11-darwin 0.1.4

pkgs.octavePackages.optiminterp

Optimal interpolation toolbox for octave

nixos-unstable 10.3.0-optiminterp-0.3.7
- nixpkgs-unstable 10.3.0-optiminterp-0.3.7
- nixos-unstable-small 10.3.0-optiminterp-0.3.7
nixos-25.11 10.3.0-optiminterp-0.3.7
- nixos-25.11-small 10.3.0-optiminterp-0.3.7
- nixpkgs-25.11-darwin 10.3.0-optiminterp-0.3.7

Package maintainers

@dpc Dawid Ciężarkiewicz <dpc@dpc.pw>
@romildo José Romildo Malaquias <malaquias@gmail.com>
@manveru Michael Fellinger <m.fellinger@gmail.com>
@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
@bobby285271 Bobby Rong <rjl931189261@126.com>
@KarlJoad Karl Hallsby <karl@hallsby.com>
@alexfmpe Alexandre Esteves <alexfmpe@proton.me>
@provokateurin Kate Döen

Permalink CVE-2010-3843

created 1 month ago

The GTK version of ettercap uses a global settings file …

The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack.

References

https://bugzilla.redhat.com/show_bug.cgi?id=643453 x_refsource_MISC
https://bugs.launchpad.net/ubuntu/+source/ettercap/+bug/656347 x_refsource_MISC
http://article.gmane.org/gmane.comp.security.oss.general/3660 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=643453 x_transferred x_refsource_MISC
https://bugs.launchpad.net/ubuntu/+source/ettercap/+bug/656347 x_transferred x_refsource_MISC
http://article.gmane.org/gmane.comp.security.oss.general/3660 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=643453 x_refsource_MISC
https://bugs.launchpad.net/ubuntu/+source/ettercap/+bug/656347 x_refsource_MISC
http://article.gmane.org/gmane.comp.security.oss.general/3660 x_refsource_MISC
https://bugs.launchpad.net/ubuntu/+source/ettercap/+bug/656347 x_transferred x_refsource_MISC
http://article.gmane.org/gmane.comp.security.oss.general/3660 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=643453 x_transferred x_refsource_MISC

Affected products

ettercap

==ettercap 0.7.5

Matching in nixpkgs

pkgs.ettercap

Comprehensive suite for man in the middle attacks

nixos-unstable 0.8.4-unstable-2025-07-16
- nixpkgs-unstable 0.8.4-unstable-2025-07-16
- nixos-unstable-small 0.8.4-unstable-2025-07-16
nixos-25.11 0.8.4-unstable-2025-07-16
- nixos-25.11-small 0.8.4-unstable-2025-07-16
- nixpkgs-25.11-darwin 0.8.4-unstable-2025-07-16

pkgs.bettercap

Man in the middle tool

nixos-unstable 2.41.5
- nixpkgs-unstable 2.41.5
- nixos-unstable-small 2.41.5
nixos-25.11 2.41.4
- nixos-25.11-small 2.41.4
- nixpkgs-25.11-darwin 2.41.4

Package maintainers

@y0no Yoann Ono <y0no@y0no.fr>
@pSub Pascal Wittmann <mail@pascal-wittmann.de>

Permalink CVE-2012-0433

created 1 month ago

insecure permissions on files containing confidential data

The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data.

References

https://bugzilla.suse.com/show_bug.cgi?id=783195 x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_transferred x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_transferred x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_transferred x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_transferred x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_transferred x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_transferred x_refsource_CONFIRM

Affected products

crowbar

<2012-10-02

Matching in nixpkgs

pkgs.crowbar

Brute forcing tool that can be used during penetration tests

nixos-unstable 2020-04-23
- nixpkgs-unstable 2020-04-23
- nixos-unstable-small 2020-04-23
nixos-25.11 2020-04-23
- nixos-25.11-small 2020-04-23
- nixpkgs-25.11-darwin 2020-04-23

pkgs.ocamlPackages.crowbar

Property fuzzing for OCaml

nixos-unstable 0.2.2
- nixpkgs-unstable 0.2.2
- nixos-unstable-small 0.2.2
nixos-25.11 0.2.1
- nixos-25.11-small 0.2.1
- nixpkgs-25.11-darwin 0.2.1

pkgs.ocamlPackages_latest.crowbar

Property fuzzing for OCaml

nixos-unstable 0.2.2
- nixpkgs-unstable 0.2.2
- nixos-unstable-small 0.2.2

Package maintainers

@Pamplemousse Xavier Maso <xav.maso@gmail.com>
@sternenseemann Lukas Epple <sternenseemann@systemli.org>

Permalink CVE-2012-0046

created 1 month ago

mediawiki allows deleted text to be exposed

References

https://security-tracker.debian.org/tracker/CVE-2012-0046 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0046 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0046 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-0046 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0046 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0046 x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-0046 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0046 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0046 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-0046 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0046 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0046 x_transferred x_refsource_MISC

Affected products

mediawiki

==1.16

Matching in nixpkgs

pkgs.mediawiki

Collaborative editing software that runs Wikipedia

nixos-unstable 1.45.1
- nixpkgs-unstable 1.45.1
- nixos-unstable-small 1.45.1
nixos-25.11 1.44.3
- nixos-25.11-small 1.44.3
- nixpkgs-25.11-darwin 1.44.3

Package maintainers

@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@gshipunov Grigory Shipunov <blame@oxapentane.com>
@tanneberger Tassilo Tanneberger <revol-xut@protonmail.com>
@astro Astro <astro@spaceboyz.net>

Permalink CVE-2011-2897

created 1 month ago

gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing …

gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2897 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-2897 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2011-2897 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2011-2897 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2897 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-2897 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2897 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-2897 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2011-2897 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2011-2897 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2897 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-2897 x_transferred x_refsource_MISC

Affected products

gdk-pixbuf

==through 2.31.1

Matching in nixpkgs

pkgs.gdk-pixbuf

Library for image loading and manipulation

nixos-unstable 2.44.4
- nixpkgs-unstable 2.44.4
- nixos-unstable-small 2.44.4
nixos-25.11 2.44.4
- nixos-25.11-small 2.44.4
- nixpkgs-25.11-darwin 2.44.4

pkgs.gdk-pixbuf-xlib

Deprecated API for integrating GdkPixbuf with Xlib data types

nixos-unstable 2.40.2
- nixpkgs-unstable 2.40.2
- nixos-unstable-small 2.40.2
nixos-25.11 2.40.2
- nixos-25.11-small 2.40.2
- nixpkgs-25.11-darwin 2.40.2

pkgs.sbclPackages.cl-cffi-gtk-gdk-pixbuf

None

nixos-unstable 20230214-git
- nixpkgs-unstable 20230214-git
- nixos-unstable-small 20230214-git
nixos-25.11 20230214-git
- nixos-25.11-small 20230214-git
- nixpkgs-25.11-darwin 20230214-git

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22gdk-pixbuf-2.0%22

Test whether gdk-pixbuf-2.42.12 exposes pkg-config modules gdk-pixbuf-2.0

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

Package maintainers

@bobby285271 Bobby Rong <rjl931189261@126.com>
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
@jtojnar Jan Tojnar <jtojnar@gmail.com>
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
@lukego Luke Gorrie <luke@snabb.co>
@hraban Hraban Luyat <hraban@0brg.net>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
@nagy Daniel Nagy <danielnagy@posteo.de>
@Uthar Kasper Gałkowski <galkowskikasper@gmail.com>

Permalink CVE-2010-4661

created 1 month ago

udisks before 1.0.3 allows a local user to load arbitrary …

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

References

https://access.redhat.com/security/cve/cve-2010-4661 x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2010-4661 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4661 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2010-4661 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4661 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2010-4661 x_transferred x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4661 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2010-4661 x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2010-4661 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2010-4661 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4661 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2010-4661 x_transferred x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html x_transferred x_refsource_MISC

Affected products

udisks

==before 1.0.3

Matching in nixpkgs

pkgs.udisks

Daemon, tools and libraries to access and manipulate disks, storage devices and technologies

nixos-unstable 2.11.0
- nixpkgs-unstable 2.11.0
- nixos-unstable-small 2.11.0
nixos-25.11 2.10.2
- nixos-25.11-small 2.10.2
- nixpkgs-25.11-darwin 2.10.2

pkgs.udisks2

Daemon, tools and libraries to access and manipulate disks, storage devices and technologies

nixos-unstable 2.11.0
- nixpkgs-unstable 2.11.0
- nixos-unstable-small 2.11.0
nixos-25.11 2.10.2
- nixos-25.11-small 2.10.2
- nixpkgs-25.11-darwin 2.10.2

pkgs.deepin.udisks2-qt5

UDisks2 D-Bus interfaces binding for Qt5

Package maintainers

@wineee Lu Hongxu <lhongxu@outlook.com>
@JohnAZoidberg Daniel Schäfer <git@danielschaefer.me>
@jtojnar Jan Tojnar <jtojnar@gmail.com>

Permalink CVE-2011-2668

created 1 month ago

Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the …

Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header

References

http://jvn.jp/en/jp/JVN36721438/index.html x_refsource_MISC
http://jvn.jp/en/jp/JVN36721438/index.html x_transferred x_refsource_MISC
http://jvn.jp/en/jp/JVN36721438/index.html x_refsource_MISC
http://jvn.jp/en/jp/JVN36721438/index.html x_transferred x_refsource_MISC

Affected products

Firefox

==1.5.0.3 and earlier

Matching in nixpkgs

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

nixos-unstable 2.83.1
- nixpkgs-unstable 2.83.1
- nixos-unstable-small 2.83.1
nixos-25.11 2.79.3
- nixos-25.11-small 2.79.3
- nixpkgs-25.11-darwin 2.79.3

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

nixos-unstable 1.1.1
- nixpkgs-unstable 1.1.1
- nixos-unstable-small 1.1.1
nixos-25.11 1.1.1
- nixos-25.11-small 1.1.1
- nixpkgs-25.11-darwin 1.1.1

pkgs.pkgsRocm.firefox

Web browser built from Firefox source tree

nixos-unstable 147.0.3
- nixpkgs-unstable 147.0.3
- nixos-unstable-small 147.0.3
nixos-25.11 147.0.3
- nixos-25.11-small 147.0.3
- nixpkgs-25.11-darwin 147.0.3

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.3
- nixpkgs-unstable 147.0.3
- nixos-unstable-small 147.0.3
nixos-25.11 147.0.3
- nixos-25.11-small 147.0.3
- nixpkgs-25.11-darwin 147.0.3

pkgs.firefox-gnome-theme

GNOME theme for Firefox

nixos-unstable 143
- nixpkgs-unstable 143
- nixos-unstable-small 143
nixos-25.11 143
- nixos-25.11-small 143
- nixpkgs-25.11-darwin 143

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account.

nixos-unstable 1.9.0
- nixpkgs-unstable 1.9.0
- nixos-unstable-small 1.9.0
nixos-25.11 1.9.0
- nixos-25.11-small 1.9.0
- nixpkgs-25.11-darwin 1.9.0

pkgs.pkgsRocm.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.firefox-esr-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.7.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-beta

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.firefox-mobile

Web browser built from Firefox source tree

nixos-unstable 147.0.3
- nixpkgs-unstable 147.0.3
- nixos-unstable-small 147.0.3
nixos-25.11 147.0.3
- nixos-25.11-small 147.0.3
- nixpkgs-25.11-darwin 147.0.3

pkgs.firefox-esr-140-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.7.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.3
- nixpkgs-unstable 147.0.3
- nixos-unstable-small 147.0.3
nixos-25.11 147.0.3
- nixos-25.11-small 147.0.3
- nixpkgs-25.11-darwin 147.0.3

pkgs.pkgsRocm.firefox-devedition

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b14
nixos-25.11 148.0b14
- nixos-25.11-small 148.0b14
- nixpkgs-25.11-darwin 148.0b14

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b14
nixos-25.11 148.0b14
- nixos-25.11-small 148.0b14
- nixpkgs-25.11-darwin 148.0b14

pkgs.pkgsRocm.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.gnomeExtensions.firefox-profiles

Easily launch Firefox with your favorite profile right from the indicator menu!

nixos-unstable 5
- nixpkgs-unstable 5
- nixos-unstable-small 5
nixos-25.11 5
- nixos-25.11-small 5
- nixpkgs-25.11-darwin 5

pkgs.pkgsRocm.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b14
nixos-25.11 148.0b14
- nixos-25.11-small 148.0b14
- nixpkgs-25.11-darwin 148.0b14

pkgs.gnomeExtensions.firefox-pip-always-on-top

Automatically sets Picture-in-Picture windows to always be on top and visible on all workspaces

nixos-unstable 4
- nixpkgs-unstable 4
- nixos-unstable-small 4

pkgs.gnomeExtensions.pip-alwaysontop-for-firefox

Enable Picture-in-Picture(PIP) mode to always be on for Firefox in Gnome.

nixos-unstable 1
- nixpkgs-unstable 1
- nixos-unstable-small 1

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

nixos-unstable 2.15.0
- nixpkgs-unstable 2.15.0
- nixos-unstable-small 2.15.0
nixos-25.11 2.15.0
- nixos-25.11-small 2.15.0
- nixpkgs-25.11-darwin 2.15.0

Package maintainers

@pmahoney Patrick Mahoney <pat@polycrystal.org>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
@rhendric Ryan Hendrickson
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
@schnusch schnusch
@camillemndn Camille M. <camillemondon@free.fr>
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
@honnip Jung seungwoo <me@honnip.page>
@felschr Felix Schröter <dev@felschr.com>
@nekowinston winston <hey@winston.sh>
@booxter Ihar Hrachyshka <ihar.hrachyshka@gmail.com>

Automatically generated suggestions

References

Affected products

Matching in nixpkgs

pkgs.jenkins

pkgs.jenkins-job-builder

pkgs.python312Packages.jenkinsapi

pkgs.python313Packages.jenkinsapi

pkgs.python314Packages.jenkinsapi

pkgs.python312Packages.python-jenkins

pkgs.python313Packages.python-jenkins

pkgs.python314Packages.python-jenkins

pkgs.python312Packages.jenkins-job-builder

pkgs.python313Packages.jenkins-job-builder

pkgs.python314Packages.jenkins-job-builder

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.lomiri.libusermetrics

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.pg_activity

pkgs.activitywatch

pkgs.ocamlPackages.get-activity

pkgs.libsForQt5.kactivitymanagerd

pkgs.kdePackages.kactivitymanagerd

pkgs.ocamlPackages.get-activity-lib

pkgs.ocamlPackages_latest.get-activity

pkgs.plasma5Packages.kactivitymanagerd

pkgs.haskellPackages.gogol-apps-activity

pkgs.haskellPackages.gogol-driveactivity

pkgs.python312Packages.django-pgactivity

pkgs.python313Packages.django-pgactivity

pkgs.python314Packages.django-pgactivity

pkgs.gnomeExtensions.activitywatch-status

pkgs.gnomeExtensions.activity-app-launcher

pkgs.ocamlPackages_latest.get-activity-lib

pkgs.gnomeExtensions.drive-activity-indicator

pkgs.haskellPackages.rdf4h-vocab-activitystreams

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.mint

pkgs.mintotp

pkgs.fedimint

pkgs.tendermint

pkgs.garmintools

pkgs.latexminted

pkgs.mint-themes

pkgs.mint-artwork

pkgs.mint-l-icons

pkgs.mint-l-theme

pkgs.mint-x-icons

pkgs.mint-y-icons

pkgs.marwaita-mint

pkgs.mint-cursor-themes

pkgs.haskellPackages.mintty

pkgs.octavePackages.optiminterp

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.ettercap

pkgs.bettercap

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.crowbar

pkgs.ocamlPackages.crowbar

pkgs.ocamlPackages_latest.crowbar

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.mediawiki