Nixpkgs security tracker

Dismissed

(not in Nixpkgs)

Permalink CVE-2026-42642

5.3 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

updated 3 weeks, 5 days ago by @LeSuisse Activity log

Created suggestion 3 weeks, 5 days ago
@LeSuisse dismissed (not in Nixpkgs) 3 weeks, 5 days ago

WordPress GiveWP plugin <= 4.14.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in StellarWP GiveWP give allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GiveWP: from n/a through <= 4.14.5.

References

https://patchstack.com/database/Wordpress/Plugin/give/vulnerability/wordpress-g… vdb-entry

Affected products

give

=<4.14.5

Matching in nixpkgs

pkgs.filegive

Easy p2p file sending program

nixos-unstable 2022-05-29
- nixpkgs-unstable 2022-05-29
- nixos-unstable-small 2022-05-29
nixos-25.11 2022-05-29
- nixos-25.11-small 2022-05-29
- nixpkgs-25.11-darwin 2022-05-29

pkgs.haskellPackages.GiveYouAHead

to auto-do somethings

nixos-unstable 0.2.2.3
- nixpkgs-unstable 0.2.2.3
- nixos-unstable-small 0.2.2.3
nixos-25.11 0.2.2.3
- nixos-25.11-small 0.2.2.3
- nixpkgs-25.11-darwin 0.2.2.3

Dismissed

(not in Nixpkgs)

Permalink CVE-2025-22777

updated 1 month, 3 weeks ago by @LeSuisse Activity log

Created suggestion 1 month, 3 weeks ago
@LeSuisse dismissed (not in Nixpkgs) 1 month, 3 weeks ago

WordPress GiveWP Plugin <= 3.19.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give allows Object Injection.This issue affects GiveWP: from n/a through <= 3.19.3.

References

https://patchstack.com/database/Wordpress/Plugin/give/vulnerability/wordpress-g… vdb-entry
https://securityonline.info/cve-2025-22777-cvss-9-8-critical-security-alert-for… third-party-advisory

Affected products

give

=<3.19.3

Matching in nixpkgs

pkgs.filegive

Easy p2p file sending program

nixos-unstable 2022-05-29
- nixpkgs-unstable 2022-05-29
- nixos-unstable-small 2022-05-29
nixos-25.11 2022-05-29
- nixos-25.11-small 2022-05-29
- nixpkgs-25.11-darwin 2022-05-29

pkgs.haskellPackages.GiveYouAHead

to auto-do somethings

nixos-unstable 0.2.2.3
- nixpkgs-unstable 0.2.2.3
- nixos-unstable-small 0.2.2.3
nixos-25.11 0.2.2.3
- nixos-25.11-small 0.2.2.3
- nixpkgs-25.11-darwin 0.2.2.3

Dismissed

Permalink CVE-2025-67467

4.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): High (H)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): High (H)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): High (H)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): None (N)

updated 4 months, 2 weeks ago by @SigmaSquadron Activity log

Created suggestion 4 months, 2 weeks ago
@SigmaSquadron dismissed 4 months, 2 weeks ago

WordPress GiveWP plugin <= 4.13.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in StellarWP GiveWP give allows Cross Site Request Forgery.This issue affects GiveWP: from n/a through <= 4.13.1.

References

Affected products

give

=<<= 4.13.1

Matching in nixpkgs

pkgs.filegive

Easy p2p file sending program

nixos-unstable 2022-05-29
- nixpkgs-unstable 2022-05-29
- nixos-unstable-small 2022-05-29

We do not package that specific WP plugin.

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.filegive

pkgs.haskellPackages.GiveYouAHead

References

Affected products

Matching in nixpkgs

pkgs.filegive

pkgs.haskellPackages.GiveYouAHead

References

Affected products

Matching in nixpkgs

pkgs.filegive