Nixpkgs security tracker

Login with GitHub

Suggestion detail

Dismissed

Permalink CVE-2025-53430

8.1 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 4 months ago by @LeSuisse Activity log

Created suggestion 4 months ago
@LeSuisse ignored
10 packages
- chickenPackages_5.chickenEggs.henrietta-cache-git
- chickenPackages_5.chickenEggs.henrietta-cache
- chickenPackages_5.chickenEggs.henrietta
- python313Packages.django-rosetta
- python312Packages.django-rosetta
- python313Packages.palettable
- python312Packages.palettable
- typstPackages.quetta_0_2_0
- typstPackages.quetta_0_1_0
- ocamlPackages.rosetta
4 months ago
@LeSuisse dismissed 4 months ago

WordPress Etta theme <= 1.14.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Etta etta allows PHP Local File Inclusion.This issue affects Etta: from n/a through <= 1.14.0.

References

Affected products

etta

=<<= 1.14.0

Ignored packages (10)

pkgs.ocamlPackages.rosetta

Universal decoder of an encoded flow (UTF-7, ISO-8859 and KOI8) to Unicode

nixos-unstable 0.3.0
- nixpkgs-unstable 0.3.0
- nixos-unstable-small 0.3.0

pkgs.typstPackages.quetta_0_1_0

Write Tengwar easily with Typst

nixos-unstable 0.1.0
- nixpkgs-unstable 0.1.0
- nixos-unstable-small 0.1.0

pkgs.typstPackages.quetta_0_2_0

Write Tengwar easily with Typst

nixos-unstable 0.2.0
- nixpkgs-unstable 0.2.0
- nixos-unstable-small 0.2.0

pkgs.python312Packages.palettable

Library of color palettes

nixos-unstable 3.3.3
- nixpkgs-unstable 3.3.3
- nixos-unstable-small 3.3.3

pkgs.python313Packages.palettable

Library of color palettes

nixos-unstable 3.3.3
- nixpkgs-unstable 3.3.3
- nixos-unstable-small 3.3.3

pkgs.python312Packages.django-rosetta

Rosetta is a Django application that facilitates the translation process of your Django projects

nixos-unstable 0.10.2
- nixpkgs-unstable 0.10.2
- nixos-unstable-small 0.10.2

pkgs.python313Packages.django-rosetta

Rosetta is a Django application that facilitates the translation process of your Django projects

nixos-unstable 0.10.2
- nixpkgs-unstable 0.10.2
- nixos-unstable-small 0.10.2

pkgs.chickenPackages_5.chickenEggs.henrietta

Serve extensions over HTTP

nixos-unstable 1.5
- nixpkgs-unstable 1.5
- nixos-unstable-small 1.5

pkgs.chickenPackages_5.chickenEggs.henrietta-cache

Fetch and cache extensions from various sources for Henrietta to consume

nixos-unstable 1.7
- nixpkgs-unstable 1.7
- nixos-unstable-small 1.7

pkgs.chickenPackages_5.chickenEggs.henrietta-cache-git

A tool to convert and keep henrietta's cache in a git repository

nixos-unstable 0.0.1
- nixpkgs-unstable 0.0.1
- nixos-unstable-small 0.0.1

WP theme not present in nixpkgs