Suggestions search

Dismissed

Filter by:

With package: boost189

Found 2 matching suggestions

View:

Compact

Detailed

Dismissed

(not in Nixpkgs)

Permalink CVE-2026-9010

7.5 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

updated 1 month ago by @LeSuisse Activity log

Created suggestion 1 month ago
@LeSuisse dismissed (not in Nixpkgs) 1 month ago

Boost <= 2.0.3 - Unauthenticated Blind SQL Injection via Multiple Parameters

The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current_url' and 'user_name' parameters in versions up to, and including, 2.0.3 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL queries. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

References

Affected products

Boost

=<2.0.3

Matching in nixpkgs

pkgs.boost

Collection of C++ libraries

nixos-unstable 1.89.0
- nixpkgs-unstable 1.89.0
- nixos-unstable-small 1.89.0

pkgs.booster

Fast and secure initramfs generator

nixos-unstable 0.12
- nixpkgs-unstable 0.12
- nixos-unstable-small 0.12

pkgs.xgboost

Scalable, Portable and Distributed Gradient Boosting (GBDT, GBRT or GBM) Library

nixos-unstable 3.0.5
- nixpkgs-unstable 3.0.5
- nixos-unstable-small 3.0.5

pkgs.boost177

None

pkgs.boost178

Collection of C++ libraries

nixos-unstable 1.78.0
- nixpkgs-unstable 1.78.0
- nixos-unstable-small 1.78.0

pkgs.boost179

Collection of C++ libraries

nixos-unstable 1.79.0
- nixpkgs-unstable 1.79.0
- nixos-unstable-small 1.79.0

pkgs.boost180

Collection of C++ libraries

nixos-unstable 1.80.0
- nixpkgs-unstable 1.80.0
- nixos-unstable-small 1.80.0

pkgs.boost181

Collection of C++ libraries

nixos-unstable 1.81.0
- nixpkgs-unstable 1.81.0
- nixos-unstable-small 1.81.0

pkgs.boost182

Collection of C++ libraries

nixos-unstable 1.82.0
- nixpkgs-unstable 1.82.0
- nixos-unstable-small 1.82.0

pkgs.boost183

Collection of C++ libraries

nixos-unstable 1.83.0
- nixpkgs-unstable 1.83.0
- nixos-unstable-small 1.83.0

pkgs.boost186

Collection of C++ libraries

nixos-unstable 1.86.0
- nixpkgs-unstable 1.86.0
- nixos-unstable-small 1.86.0

pkgs.boost187

Collection of C++ libraries

nixos-unstable 1.87.0
- nixpkgs-unstable 1.87.0
- nixos-unstable-small 1.87.0

pkgs.boost188

Collection of C++ libraries

nixos-unstable 1.88.0
- nixpkgs-unstable 1.88.0
- nixos-unstable-small 1.88.0

pkgs.boost189

Collection of C++ libraries

nixos-unstable 1.89.0
- nixpkgs-unstable 1.89.0
- nixos-unstable-small 1.89.0

pkgs.boost190

Collection of C++ libraries

nixos-unstable 1.90.0
- nixpkgs-unstable 1.90.0
- nixos-unstable-small 1.90.0

pkgs.catboost

High-performance library for gradient boosting on decision trees

nixos-unstable 1.2.10
- nixpkgs-unstable 1.2.10
- nixos-unstable-small 1.2.10

pkgs.boost-sml

Header only state machine library with no dependencies

nixos-unstable 1.1.13
- nixpkgs-unstable 1.1.13
- nixos-unstable-small 1.1.13

pkgs.mev-boost

Ethereum block-building middleware

nixos-unstable 1.12
- nixpkgs-unstable 1.12
- nixos-unstable-small 1.12

pkgs.boost-build

None

nixos-unstable 4.4.1
- nixpkgs-unstable 4.4.1
- nixos-unstable-small 4.4.1

pkgs.pianobooster

MIDI file player that teaches you how to play the piano

nixos-unstable 1.0.0-unstable-2023-01-22
- nixpkgs-unstable 1.0.0-unstable-2023-01-22
- nixos-unstable-small 1.0.0-unstable-2023-01-22

pkgs.nosql-booster

GUI tool for MongoDB Server

nixos-unstable 8.1.9
- nixpkgs-unstable 8.1.9
- nixos-unstable-small 8.1.9

pkgs.xgboostWithCuda

Scalable, Portable and Distributed Gradient Boosting (GBDT, GBRT or GBM) Library

nixos-unstable 3.0.5
- nixpkgs-unstable 3.0.5
- nixos-unstable-small 3.0.5

pkgs.emacs-lsp-booster

Emacs LSP performance booster

nixos-unstable 0.2.1
- nixpkgs-unstable 0.2.1
- nixos-unstable-small 0.2.1

pkgs.python312Packages.boost

None

pkgs.python313Packages.boost

Collection of C++ libraries

nixos-unstable 1.89.0
- nixpkgs-unstable 1.89.0
- nixos-unstable-small 1.89.0

pkgs.python314Packages.boost

Collection of C++ libraries

nixos-unstable 1.89.0
- nixpkgs-unstable 1.89.0
- nixos-unstable-small 1.89.0

pkgs.python312Packages.xgboost

None

pkgs.python313Packages.xgboost

Scalable, Portable and Distributed Gradient Boosting (GBDT, GBRT or GBM) Library

nixos-unstable 3.0.5
- nixpkgs-unstable 3.0.5
- nixos-unstable-small 3.0.5

pkgs.python314Packages.xgboost

Scalable, Portable and Distributed Gradient Boosting (GBDT, GBRT or GBM) Library

nixos-unstable 3.0.5
- nixpkgs-unstable 3.0.5
- nixos-unstable-small 3.0.5

pkgs.python313Packages.catboost

High-performance library for gradient boosting on decision trees

nixos-unstable 1.2.10
- nixpkgs-unstable 1.2.10
- nixos-unstable-small 1.2.10

pkgs.python314Packages.catboost

High-performance library for gradient boosting on decision trees

nixos-unstable 1.2.10
- nixpkgs-unstable 1.2.10
- nixos-unstable-small 1.2.10

pkgs.ibus-engines.typing-booster

Completion input method for faster typing

nixos-unstable 2.30.6-with-hunspell
- nixpkgs-unstable 2.30.6-with-hunspell
- nixos-unstable-small 2.30.6-with-hunspell

pkgs.gnomeExtensions.boost-volume

Boosts volume above limits

nixos-unstable 12
- nixpkgs-unstable 12
- nixos-unstable-small 12

pkgs.gnomeExtensions.volume-boost

A toggle to Boosts volume above limits | Fork of https://github.com/shaquibimdad/gnome_ext_volume_boost

nixos-unstable 8
- nixpkgs-unstable 8
- nixos-unstable-small 8

pkgs.haskellPackages.xgboost-haskell

XGBoost library for Haskell

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0

pkgs.perlPackages.BoostGeometryUtils

Bindings for the Boost Geometry library

nixos-unstable 0.15
- nixpkgs-unstable 0.15
- nixos-unstable-small 0.15

pkgs.perl5Packages.BoostGeometryUtils

Bindings for the Boost Geometry library

nixos-unstable 0.15
- nixpkgs-unstable 0.15
- nixos-unstable-small 0.15

pkgs.python312Packages.boost-histogram

None

pkgs.python313Packages.boost-histogram

Python bindings for the C++14 Boost::Histogram library

nixos-unstable 1.7.2
- nixpkgs-unstable 1.7.2
- nixos-unstable-small 1.7.2

pkgs.python314Packages.boost-histogram

Python bindings for the C++14 Boost::Histogram library

nixos-unstable 1.7.2
- nixpkgs-unstable 1.7.2
- nixos-unstable-small 1.7.2

pkgs.perl538Packages.BoostGeometryUtils

None

pkgs.perl540Packages.BoostGeometryUtils

None

pkgs.ibus-engines.typing-booster-unwrapped

Completion input method for faster typing

nixos-unstable 2.30.6
- nixpkgs-unstable 2.30.6
- nixos-unstable-small 2.30.6

pkgs.gnomeExtensions.frequency-boost-switch

Add a toggle to enable/disable CPU frequency boost in Gnome Quick Settings menu.

nixos-unstable 25
- nixpkgs-unstable 25
- nixos-unstable-small 25

pkgs.pkgsRocm.tests.testers.hasCmakeConfigModules.boost-has-boost_mpi

Test whether boost-1.89.0 exposes cmake-config modules boost_mpi

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.pkgsRocm.tests.testers.hasCmakeConfigModules.boost_mpi-does-not-have-mpi

Test whether boost-1.89.0 exposes cmake-config modules boost_mpi

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

Package maintainers

@ivan-tkatchev Ivan Tkatchev <tkatchev@gmail.com>
@prtzl Matej Blagsic <matej.blagsic@protonmail.com>
@PlushBeaver Dmitry Kozlyuk <dmitry.kozliuk+nixpkgs@gmail.com>
@natsukium Tomoya Otabi <nixpkgs@natsukium.com>
@Icy-Thought Icy-Thought <gilganyx@pm.me>
@honnip Jung seungwoo <me@honnip.page>
@ekimber Edward Kimber <ekimber@protonmail.com>
@guillaumematheron Guillaume Matheron <guillaume_nix@matheron.eu>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@veprbl Dmitry Kalinkin <veprbl@gmail.com>
@nviets Nathan Viets <nathan.g.viets@gmail.com>

Dismissed

(not in Nixpkgs)

Permalink CVE-2026-7637

9.8 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 1 month ago by @LeSuisse Activity log

Created suggestion 1 month ago
@LeSuisse dismissed (not in Nixpkgs) 1 month ago

Boost <= 2.0.3 - Unauthenticated PHP Object Injection via STYXKEY-BOOST_USER_LOCATION Cookie

The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOST_USER_LOCATION cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.