Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2025-22509
9.8 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 months ago by @LeSuisse Activity log
  • Created automatic suggestion 2 months ago
  • @LeSuisse removed
    17 packages
    • atlas
    • nim-atlas
    • atlassian-cli
    • ripe-atlas-tools
    • mongodb-atlas-cli
    • atlassian-plugin-sdk
    • haskellPackages.atlas
    • prometheus-atlas-exporter
    • python312Packages.chatlas
    • python313Packages.chatlas
    • terraform-providers.mongodbatlas
    • python312Packages.ripe-atlas-sagan
    • python313Packages.ripe-atlas-sagan
    • python312Packages.ripe-atlas-cousteau
    • python313Packages.ripe-atlas-cousteau
    • python312Packages.atlassian-python-api
    • python313Packages.atlassian-python-api
    2 months ago
  • @LeSuisse dismissed 2 months ago
WordPress Atlas theme <= 2.1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TMRW-studio Atlas atlas allows PHP Local File Inclusion.This issue affects Atlas: from n/a through <= 2.1.0.

References

Affected products

atlas
  • =<<= 2.1.0 
WP theme not present in nixpkgs