Nixpkgs security tracker
7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): Low (L)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): Low (L)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
32 packages
- wordpressPackages.plugins.hcaptcha-for-forms-and-more
- chickenPackages_5.chickenEggs.sxml-transforms
- python313Packages.django-formset-js-improved
- python312Packages.django-formset-js-improved
- home-assistant-component-tests.modern_forms
- wordpressPackages.plugins.wpforms-lite
- nodePackages_latest.@tailwindcss/forms
- python313Packages.django-crispy-forms
- python312Packages.django-crispy-forms
- python313Packages.wtforms-bootstrap5
- python313Packages.wtforms-sqlalchemy
- python312Packages.wtforms-sqlalchemy
- python312Packages.wtforms-bootstrap5
- python313Packages.permissionedforms
- python312Packages.permissionedforms
- inkscape-extensions.applytransforms
- haskellPackages.unicode-transforms
- python313Packages.craft-platforms
- python312Packages.craft-platforms
- python313Packages.aiomodernforms
- python313Packages.beanhub-forms
- python312Packages.aiomodernforms
- python312Packages.beanhub-forms
- haskellPackages.unsafeperformst
- nodePackages.@tailwindcss/forms
- python313Packages.transforms3d
- python312Packages.transforms3d
- python313Packages.nitransforms
- python312Packages.nitransforms
- python313Packages.wtforms
- python312Packages.wtforms
- platformsh
- @LeSuisse dismissed
In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply …
In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.
References
Affected products
- =<8.13.16
Ignored packages (32)
pkgs.platformsh
Unified tool for managing your Platform.sh services from the command line
pkgs.python312Packages.wtforms
Flexible forms validation and rendering library for Python
pkgs.python313Packages.wtforms
Flexible forms validation and rendering library for Python
pkgs.python312Packages.nitransforms
Geometric transformations for images and surfaces
pkgs.python312Packages.transforms3d
Convert between various geometric transformations
-
nixos-unstable transforms3d-0.4.2
- nixpkgs-unstable transforms3d-0.4.2
- nixos-unstable-small transforms3d-0.4.2
pkgs.python313Packages.nitransforms
Geometric transformations for images and surfaces
pkgs.python313Packages.transforms3d
Convert between various geometric transformations
-
nixos-unstable transforms3d-0.4.2
- nixpkgs-unstable transforms3d-0.4.2
- nixos-unstable-small transforms3d-0.4.2
pkgs.haskellPackages.unsafeperformst
Like unsafeperformIO, but for the ST monad
pkgs.nodePackages.%40tailwindcss%2Fforms
A plugin that provides a basic reset for form styles that makes form elements easy to override with utilities.
pkgs.python312Packages.beanhub-forms
Library for generating and processing BeanHub's custom forms
pkgs.python313Packages.beanhub-forms
Library for generating and processing BeanHub's custom forms
pkgs.python312Packages.aiomodernforms
Asynchronous Python client for Modern Forms fans
pkgs.python313Packages.aiomodernforms
Asynchronous Python client for Modern Forms fans
pkgs.python312Packages.craft-platforms
Manage platforms and architectures for charm applications
pkgs.python313Packages.craft-platforms
Manage platforms and architectures for charm applications
pkgs.haskellPackages.unicode-transforms
Unicode normalization
pkgs.inkscape-extensions.applytransforms
Inkscape extension which removes all matrix transforms by applying them recursively to shapes
-
nixos-unstable 0.pre+unstable=2021-05-11
- nixpkgs-unstable 0.pre+unstable=2021-05-11
- nixos-unstable-small 0.pre+unstable=2021-05-11
pkgs.python312Packages.wtforms-bootstrap5
Simple library for rendering WTForms in HTML as Bootstrap 5 form controls
-
nixos-unstable bootstrap5-0.3.0
- nixpkgs-unstable bootstrap5-0.3.0
- nixos-unstable-small bootstrap5-0.3.0
pkgs.python312Packages.wtforms-sqlalchemy
WTForms integration for SQLAlchemy
pkgs.python313Packages.wtforms-bootstrap5
Simple library for rendering WTForms in HTML as Bootstrap 5 form controls
-
nixos-unstable bootstrap5-0.3.0
- nixpkgs-unstable bootstrap5-0.3.0
- nixos-unstable-small bootstrap5-0.3.0
pkgs.python313Packages.wtforms-sqlalchemy
WTForms integration for SQLAlchemy
pkgs.python312Packages.django-crispy-forms
Best way to have DRY Django forms
pkgs.python313Packages.django-crispy-forms
Best way to have DRY Django forms
pkgs.nodePackages_latest.%40tailwindcss%2Fforms
A plugin that provides a basic reset for form styles that makes form elements easy to override with utilities.
pkgs.wordpressPackages.plugins.wpforms-lite
None
pkgs.home-assistant-component-tests.modern_forms
Open source home automation that puts local control and privacy first
pkgs.python312Packages.django-formset-js-improved
Wrapper for a JavaScript formset helper
pkgs.python313Packages.django-formset-js-improved
Wrapper for a JavaScript formset helper
pkgs.chickenPackages_5.chickenEggs.sxml-transforms
The SXML transformations (to XML, SXML, and HTML) from the SSAX project at Sourceforge