Nixpkgs security tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2025-67528
5.1 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): Low (L)
  • Integrity (I): None (N)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): Low (L)
updated 4 months, 4 weeks ago by @LeSuisse Activity log
  • Created suggestion 4 months, 4 weeks ago
  • @LeSuisse ignored
    31 packages
    • furnace
    • xournalpp
    • journalist
    • lazyjournal
    • qjournalctl
    • tui-journal
    • journalwatch
    • annapurna-sil
    • journaldriver
    • systemd-journal2gelf
    • kdePackages.kjournald
    • perlPackages.LogJournald
    • perl538Packages.LogJournald
    • perl540Packages.LogJournald
    • python312Packages.swh-journal
    • python313Packages.swh-journal
    • python312Packages.waterfurnace
    • typstPackages.starter-journal-article_0_4_0
    • typstPackages.starter-journal-article_0_3_3
    • typstPackages.starter-journal-article_0_3_2
    • typstPackages.starter-journal-article_0_3_1
    • typstPackages.starter-journal-article_0_3_0
    • typstPackages.starter-journal-article_0_2_0
    • typstPackages.starter-journal-article_0_1_1
    • haskellPackages.logging-facade-journald
    • typstPackages.starter-journal-article
    • python313Packages.logging-journald
    • python312Packages.logging-journald
    • haskellPackages.libsystemd-journal
    • haskellPackages.journalctl-stream
    • python313Packages.waterfurnace
    4 months, 4 weeks ago
  • @LeSuisse dismissed 4 months, 4 weeks ago
WordPress Urna theme <= 2.5.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through <= 2.5.12.

Affected products

urna
  • =<<= 2.5.12
Ignored packages (31)

pkgs.furnace

Multi-system chiptune tracker compatible with DefleMask modules

pkgs.xournalpp

Xournal++ is a handwriting Notetaking software with PDF annotation support

pkgs.lazyjournal

TUI for journalctl, file system logs, as well as Docker and Podman containers

pkgs.qjournalctl

Qt-based graphical user interface for systemd's journalctl command

pkgs.journalwatch

Tool to find error messages in the systemd journal

pkgs.annapurna-sil

Unicode-based font family with broad support for writing systems that use the Devanagari script

WP theme not present in nixpkgs