Nixpkgs security tracker
Dismissed
Permalink
CVE-2025-53448
8.1 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
8 packages
- perl540Packages.SortNaturally
- dwarf-fortress-packages.themes.rally-ho
- perl538Packages.SortNaturally
- perlPackages.SortNaturally
- haskellPackages.literally
- cro-mag-rally
- stuntrally
- trigger
- @LeSuisse dismissed
WordPress Rally theme <= 1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through <= 1.1.
References
Affected products
rally
- =<<= 1.1
Ignored packages (8)
pkgs.trigger
Fast-paced single-player racing game
pkgs.stuntrally
Stunt Rally game with Track Editor, based on VDrift and OGRE
pkgs.cro-mag-rally
Port of Cro-Mag Rally, a 2000 Macintosh game by Pangea Software, for modern operating systems
pkgs.haskellPackages.literally
Type-safe conversion of type literals into runtime values
pkgs.perlPackages.SortNaturally
Sort lexically, but sort numeral parts numerically
pkgs.perl538Packages.SortNaturally
Sort lexically, but sort numeral parts numerically
pkgs.perl540Packages.SortNaturally
Sort lexically, but sort numeral parts numerically
pkgs.dwarf-fortress-packages.themes.rally-ho
None