Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2025-53430
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 months ago by @LeSuisse Activity log
  • Created automatic suggestion 2 months ago
  • @LeSuisse removed
    10 packages
    • chickenPackages_5.chickenEggs.henrietta-cache-git
    • chickenPackages_5.chickenEggs.henrietta-cache
    • chickenPackages_5.chickenEggs.henrietta
    • python313Packages.django-rosetta
    • python312Packages.django-rosetta
    • python313Packages.palettable
    • python312Packages.palettable
    • typstPackages.quetta_0_2_0
    • typstPackages.quetta_0_1_0
    • ocamlPackages.rosetta
    2 months ago
  • @LeSuisse dismissed 2 months ago
WordPress Etta theme <= 1.14.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Etta etta allows PHP Local File Inclusion.This issue affects Etta: from n/a through <= 1.14.0.

References

Affected products

etta
  • =<<= 1.14.0 
WP theme not present in nixpkgs