Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2026-24999
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
updated 1 month ago by @LeSuisse Activity log
  • Created automatic suggestion 1 month ago
  • @LeSuisse removed
    12 packages
    • almanah
    • brutalmaze
    • python312Packages.pykalman
    • python313Packages.pykalman
    • python314Packages.pykalman
    • haskellPackages.IntervalMap
    • python312Packages.spatialmath-python
    • python313Packages.spatialmath-python
    • python314Packages.spatialmath-python
    • python312Packages.azure-mgmt-sqlvirtualmachine
    • python314Packages.azure-mgmt-sqlvirtualmachine
    • python313Packages.azure-mgmt-sqlvirtualmachine
    1 month ago
  • @LeSuisse dismissed 1 month ago
WordPress Alma plugin <= 5.16.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Alma Alma alma-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Alma: from n/a through <= 5.16.1.

References

Affected products

alma-gateway-for-woocommerce
  • =<<= 5.16.1
Ignored packages (12) 
WP plugin not present in nixpkgs