Nixpkgs security tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2025-68505
8.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 3 months, 1 week ago by @LeSuisse Activity log
  • Created suggestion 3 months, 1 week ago
  • @LeSuisse ignored
    7 packages
    • python312Packages.h5py
    • python313Packages.h5py
    • python312Packages.h5py-mpi
    • python313Packages.h5py-mpi
    • python312Packages.airtouch5py
    • python313Packages.airtouch5py
    • pkgsRocm.python3Packages.h5py-mpi
    3 months, 1 week ago
  • @LeSuisse dismissed 3 months, 1 week ago
WordPress H5P plugin <= 1.16.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in icc0rz H5P h5p allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects H5P: from n/a through <= 1.16.1.

Affected products

h5p
  • =<<= 1.16.1
Ignored packages (7) 
WP plugin not packaged in nixpkgs