Suggestions search

All statuses

Filter by:

With package: haskellPackages.prelate

Found 2 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2026-41588

9.0 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 2 weeks, 2 days ago Activity log

Created suggestion 2 weeks, 2 days ago

RELATE: Timing Attack Vulnerability in course/auth.py — check_sign_in_key()

RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — check_sign_in_key(). This issue has been patched via commit 2f68e16.

References

https://github.com/inducer/relate/security/advisories/GHSA-78j7-9xr9-2728 x_refsource_CONFIRM
https://github.com/inducer/relate/commit/2f68e16cd3b96d25c188c1aa3f7e13cdb15cdaeb x_refsource_MISC

Affected products

relate

==< 2f68e16cd3b96d25c188c1aa3f7e13cdb15cdaeb

Matching in nixpkgs

pkgs.gpscorrelate

GPS photo correlation tool, to add EXIF geotags

nixos-unstable 2.3
- nixpkgs-unstable 2.3
- nixos-unstable-small 2.3
nixos-25.11 2.3
- nixos-25.11-small 2.3
- nixpkgs-25.11-darwin 2.3

pkgs.haskellPackages.prelate

A Prelude

nixos-unstable 0.8.0.0
- nixpkgs-unstable 0.8.0.0
- nixos-unstable-small 0.8.0.0
nixos-25.11 0.8.0.0
- nixos-25.11-small 0.8.0.0
- nixpkgs-25.11-darwin 0.8.0.0

pkgs.perlPackages.MooseXRelatedClassRoles

Apply roles to a class related to yours

nixos-unstable 0.004
- nixpkgs-unstable 0.004
- nixos-unstable-small 0.004
nixos-25.11 0.004
- nixos-25.11-small 0.004
- nixpkgs-25.11-darwin 0.004

pkgs.perl5Packages.MooseXRelatedClassRoles

Apply roles to a class related to yours

nixos-unstable 0.004
- nixpkgs-unstable 0.004
- nixos-unstable-small 0.004

pkgs.perl538Packages.MooseXRelatedClassRoles

Apply roles to a class related to yours

nixos-25.11 0.004
- nixos-25.11-small 0.004
- nixpkgs-25.11-darwin 0.004

pkgs.perl540Packages.MooseXRelatedClassRoles

Apply roles to a class related to yours

nixos-25.11 0.004
- nixos-25.11-small 0.004
- nixpkgs-25.11-darwin 0.004

Package maintainers

@sikmir Nikolay Korotkiy <sikmir@disroot.org>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>

Untriaged

Permalink CVE-2026-41505

8.7 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Changed (C)
Confidentiality (C): None (N)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 2 weeks, 4 days ago Activity log

Created suggestion 2 weeks, 4 days ago

RELATE: Predictable Token Generation in auth.py and exam.py

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() function and exam.py's gen_ticket_code() function. This issue has been patched via commit 2f68e16.

References

https://github.com/inducer/relate/security/advisories/GHSA-rvx5-95mm-p77v x_refsource_CONFIRM
https://github.com/inducer/relate/commit/2f68e16cd3b96d25c188c1aa3f7e13cdb15cdaeb x_refsource_MISC

Affected products

relate

==< 2f68e16cd3b96d25c188c1aa3f7e13cdb15cdaeb

Matching in nixpkgs

pkgs.gpscorrelate

GPS photo correlation tool, to add EXIF geotags

nixos-unstable 2.3
- nixpkgs-unstable 2.3
- nixos-unstable-small 2.3
nixos-25.11 2.3
- nixos-25.11-small 2.3
- nixpkgs-25.11-darwin 2.3

pkgs.haskellPackages.prelate

A Prelude

nixos-unstable 0.8.0.0
- nixpkgs-unstable 0.8.0.0
- nixos-unstable-small 0.8.0.0
nixos-25.11 0.8.0.0
- nixos-25.11-small 0.8.0.0
- nixpkgs-25.11-darwin 0.8.0.0

pkgs.perlPackages.MooseXRelatedClassRoles

Apply roles to a class related to yours

nixos-unstable 0.004
- nixpkgs-unstable 0.004
- nixos-unstable-small 0.004
nixos-25.11 0.004
- nixos-25.11-small 0.004
- nixpkgs-25.11-darwin 0.004

pkgs.perl5Packages.MooseXRelatedClassRoles

Apply roles to a class related to yours

nixos-unstable 0.004
- nixpkgs-unstable 0.004
- nixos-unstable-small 0.004

pkgs.perl538Packages.MooseXRelatedClassRoles

Apply roles to a class related to yours

nixos-25.11 0.004
- nixos-25.11-small 0.004
- nixpkgs-25.11-darwin 0.004

pkgs.perl540Packages.MooseXRelatedClassRoles

Apply roles to a class related to yours

nixos-25.11 0.004
- nixos-25.11-small 0.004
- nixpkgs-25.11-darwin 0.004

Package maintainers

@sikmir Nikolay Korotkiy <sikmir@disroot.org>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.gpscorrelate

pkgs.haskellPackages.prelate

pkgs.python312Packages.related

pkgs.python313Packages.related

pkgs.python314Packages.related

pkgs.perlPackages.MooseXRelatedClassRoles

pkgs.perl5Packages.MooseXRelatedClassRoles

pkgs.perl538Packages.MooseXRelatedClassRoles

pkgs.perl540Packages.MooseXRelatedClassRoles

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.gpscorrelate

pkgs.haskellPackages.prelate

pkgs.python312Packages.related

pkgs.python313Packages.related

pkgs.python314Packages.related

pkgs.perlPackages.MooseXRelatedClassRoles

pkgs.perl5Packages.MooseXRelatedClassRoles

pkgs.perl538Packages.MooseXRelatedClassRoles

pkgs.perl540Packages.MooseXRelatedClassRoles

Package maintainers