Nixpkgs Security Tracker

Dismissed

Permalink CVE-2026-1171

5.3 MEDIUM

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

updated 2 months ago by @LeSuisse Activity log

Created automatic suggestion 2 months ago
@LeSuisse removed
45 packages
- mprime
- primecount
- primesieve
- prime-server
- courier-prime
- CuboCore.libcprime
- quartus-prime-lite
- rubyPackages.prime
- dolphin-emu-primehack
- haskellPackages.primes
- rubyPackages_3_1.prime
- rubyPackages_3_2.prime
- rubyPackages_3_3.prime
- rubyPackages_3_4.prime
- rubyPackages_3_5.prime
- haskellPackages.nth-prime
- python312Packages.msprime
- python312Packages.primepy
- python312Packages.primer3
- python313Packages.msprime
- python313Packages.primepy
- python313Packages.primer3
- haskellPackages.antiprimes
- haskellPackages.primecount
- haskellPackages.primesieve
- perlPackages.MathPrimeUtil
- akkuPackages.chibi-math-prime
- haskellPackages.prelude-prime
- perl538Packages.MathPrimeUtil
- perl540Packages.MathPrimeUtil
- perlPackages.MathProvablePrime
- perlPackages.MathPrimeUtilGMP
- python312Packages.primecountpy
- python313Packages.primecountpy
- haskellPackages.opentheory-prime
- perl538Packages.MathPrimeUtilGMP
- perl540Packages.MathPrimeUtilGMP
- rubyPackages.jekyll-theme-primer
- perl538Packages.MathProvablePrime
- perl540Packages.MathProvablePrime
- rubyPackages_3_1.jekyll-theme-primer
- rubyPackages_3_2.jekyll-theme-primer
- rubyPackages_3_3.jekyll-theme-primer
- rubyPackages_3_4.jekyll-theme-primer
- rubyPackages_3_5.jekyll-theme-primer
2 months ago
@LeSuisse dismissed 2 months ago

birkir prime GraphQL Field graphql denial of service

A flaw has been found in birkir prime up to 0.4.0.beta.0. Impacted is an unknown function of the file /graphql of the component GraphQL Field Handler. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

References

https://github.com/birkir/prime/issues/542 issue-tracking exploit
VDB-341765 | birkir prime GraphQL Field graphql denial of service vdb-entry
VDB-341765 | CTI Indicators (IOB, IOC, TTP, IOA) signature permissions-required
Submit #731101 | birkir prime <=0.4.0 GraphQL Field Duplication Vulnerability third-party-advisory
VDB-341765 | birkir prime GraphQL Field graphql denial of service vdb-entry
VDB-341765 | CTI Indicators (IOB, IOC, TTP, IOA) signature permissions-required
Submit #731101 | birkir prime <=0.4.0 GraphQL Field Duplication Vulnerability third-party-advisory
https://github.com/birkir/prime/issues/542 issue-tracking exploit

Affected products

prime

==0.4.0.beta

Impacted software not present in nixpkgs.

Suggestion detail

References

Affected products