Search CVE reports
1 – 10 of 23 results
CVE-2024-47174
Medium priorityNix is a package manager for Linux and other Unix systems. Starting in version 1.11 and prior to versions 2.18.8 and 2.24.8, `<nix/fetchurl.nix>` did not verify TLS certificates on HTTPS connections. This could lead to connection...
1 affected packages
nix
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nix | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-45593
Medium priorityNix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6 allows a substituter or malicious user to craft a NAR that, when unpacked by Nix, causes Nix to write to arbitrary file system locations...
1 affected packages
nix
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nix | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-45845
Medium priorityRejected reason: DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2024-45593. Reason: This record is a reservation duplicate of CVE-2024-45593. Notes: All CVE users should reference CVE-2024-45593 instead of this record....
1 affected packages
nix
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nix | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-38531
Medium priorityNix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary...
1 affected packages
nix
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nix | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-36050
Medium priorityNix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request.
1 affected packages
nix
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nix | Needs evaluation | Needs evaluation | Not in release | — | — |
CVE-2024-1013
Medium prioritySome fixes available 7 of 8
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can...
1 affected packages
unixodbc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
unixodbc | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2024-27297
Medium priorityNix is a package manager for Linux and other Unix systems. A fixed-output derivations on Linux can send file descriptors to files in the Nix store to another program running on the host (or another fixed-output derivation) via...
2 affected packages
guix, nix
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
guix | Not affected | Needs evaluation | Not in release | — | — |
nix | Vulnerable | Vulnerable | Not in release | — | — |
CVE-2022-40704
Low priorityA XSS vulnerability was found in phoromatic_r_add_test_details.php in phoronix-test-suite.
1 affected packages
phoronix-test-suite
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
phoronix-test-suite | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
CVE-2022-0571
Medium priorityCross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.
1 affected packages
phoronix-test-suite
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
phoronix-test-suite | — | — | — | Needs evaluation | Needs evaluation |
CVE-2022-0238
Medium priorityphoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)
1 affected packages
phoronix-test-suite
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
phoronix-test-suite | — | — | — | Needs evaluation | Needs evaluation |