Nixpkgs security tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2025-58997
9.6 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 6 months ago by @LeSuisse Activity log
  • Created suggestion 7 months, 2 weeks ago
  • @LeSuisse ignored
    8 packages
    • libmowgli
    • python312Packages.aioautomower
    • python313Packages.aioautomower
    • python312Packages.automower-ble
    • python313Packages.automower-ble
    • home-assistant-component-tests.lawn_mower
    • home-assistant-component-tests.husqvarna_automower
    • home-assistant-component-tests.husqvarna_automower_ble
    6 months ago
  • @LeSuisse dismissed 6 months ago
WordPress Mow Theme <= 4.10 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Frenify Mow allows Code Injection. This issue affects Mow: from n/a through 4.10.

Affected products

mow
  • =<4.10
Ignored packages (8)

pkgs.libmowgli

Development framework for C providing high performance and highly flexible algorithms

  • nixos-unstable -