Nixpkgs security tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: kdePackages.kbackup

Found 1 matching suggestions

View:
Compact
Detailed
Dismissed
(not in Nixpkgs)
Permalink CVE-2020-37246
6.9 MEDIUM
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): High (H)
  • Vulnerable System Impact Integrity (VI): None (N)
  • Vulnerable System Impact Availability (VA): None (N)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): High (H)
  • Modified Vulnerable System Impact Integrity (MVI): None (N)
  • Modified Vulnerable System Impact Availability (MVA): None (N)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 1 week, 2 days ago by @LeSuisse Activity log
  • Created suggestion 1 week, 2 days ago
  • @LeSuisse dismissed (not in Nixpkgs) 1 week, 2 days ago
WordPress Plugin Supsystic Backup 2.3.9 Local File Inclusion

Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers can modify the download parameter in admin.php requests with directory traversal sequences to access sensitive files like /etc/passwd or delete files via the removeAction parameter.

Affected products

Backup
  • ==2.3.9

Matching in nixpkgs

pkgs.ghbackup

Backup your GitHub repositories with a simple command-line application written in Go

pkgs.dvdbackup

Tool to rip video DVDs from the command line

pkgs.qr-backup

Utility to generate paper backup of files using QR codes

pkgs.borgbackup

Deduplicating archiver with compression and encryption

pkgs.luckybackup

Powerful, fast and reliable backup & sync tool

pkgs.mylvmbackup

Tool for quickly creating full physical backups of a MySQL server's data files

  • nixos-unstable 0.16
    • nixpkgs-unstable 0.16
    • nixos-unstable-small 0.16
  • nixos-25.11 0.16
    • nixos-25.11-small 0.16
    • nixpkgs-25.11-darwin 0.16

pkgs.rdiff-backup

Backup system trying to combine best a mirror and an incremental backup system

pkgs.virtnbdbackup

Backup utility for Libvirt/qemu/kvm

  • nixos-unstable 2.46
    • nixpkgs-unstable 2.46
    • nixos-unstable-small 2.46
  • nixos-25.11 2.39
    • nixos-25.11-small 2.39
    • nixpkgs-25.11-darwin 2.39

pkgs.zfs-autobackup

ZFS backup, replicationand snapshot tool

  • nixos-unstable 3.3
    • nixpkgs-unstable 3.3
    • nixos-unstable-small 3.3
  • nixos-25.11 3.3
    • nixos-25.11-small 3.3
    • nixpkgs-25.11-darwin 3.3

pkgs.automysqlbackup

Script to run daily, weekly and monthly backups for your MySQL database

Package maintainers