Nixpkgs security tracker

Dismissed

(not in Nixpkgs)

Permalink CVE-2026-24069

5.4 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

updated 1 month, 1 week ago by @LeSuisse Activity log

Created suggestion 1 month, 1 week ago
@LeSuisse dismissed (not in Nixpkgs) 1 month, 1 week ago

Improper Enforcement of Disabled Accounts in WebUI SSO in Kiuwan SAST

Kiuwan SAST improperly authorizes SSO logins for locally disabled mapped user accounts, allowing disabled users to continue accessing the application. Kiuwan Cloud was affected, and Kiuwan SAST on-premise (KOP) was affected before 2.8.2509.4.

References

https://r.sec-consult.com/kiuwanlock third-party-advisory
http://seclists.org/fulldisclosure/2026/Apr/5

Affected products

SAST

==<2.8.2509.4

Matching in nixpkgs

pkgs.dvdisaster

Data loss/scratch/aging protection for CD/DVD media (unofficial version)

nixos-unstable 0.79.10-pl5
- nixpkgs-unstable 0.79.10-pl5
- nixos-unstable-small 0.79.10-pl5
nixos-25.11 0.79.10-pl5
- nixos-25.11-small 0.79.10-pl5
- nixpkgs-25.11-darwin 0.79.10-pl5

Package maintainers

@matteo-pacini Matteo Pacini <m@matteopacini.me>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.dvdisaster

Package maintainers