Nixpkgs security tracker
Dismissed
Permalink
CVE-2025-58199
4.3 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): Low (L)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): Low (L)
- Modified Availability (MA): None (N)
by @mweinelt Activity log
- Created suggestion
-
@mweinelt
ignored
3 packages
- fastly
- prometheus-fastly-exporter
- terraform-providers.fastly
- @mweinelt dismissed
WordPress Fastly Plugin <= 1.2.28 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Fastly Fastly allows Cross Site Request Forgery. This issue affects Fastly: from n/a through 1.2.28.
References
Affected products
fastly
- =<1.2.28
Ignored packages (3)
pkgs.fastly
Command line tool for interacting with the Fastly API
pkgs.prometheus-fastly-exporter
Prometheus exporter for the Fastly Real-time Analytics API
pkgs.terraform-providers.fastly
None