Nixpkgs security tracker
Permalink
CVE-2025-53603
7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): High (H)
Activity log
- Created suggestion
In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a …
In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the query string is a duplicate of a parameter in the POST body.
References
Affected products
SOPE
- =<5.12.2
Matching in nixpkgs
pkgs.sope
Extensive set of frameworks which form a complete Web application server environment
pkgs.mediastreamer-openh264
H.264 encoder/decoder plugin for mediastreamer2. Part of the Linphone project
pkgs.python312Packages.sopel
Simple and extensible IRC bot
pkgs.python313Packages.sopel
Simple and extensible IRC bot
pkgs.haskellPackages.HsOpenSSL
Partial OpenSSL binding for Haskell
pkgs.linphonePackages.msopenh264
H.264 encoder/decoder plugin for mediastreamer2. Part of the Linphone project
pkgs.haskellPackages.HsOpenSSL-x509-system
Use the system's native CA certificate store with HsOpenSSL
-
nixos-unstable x509-system-0.1.0.4
- nixpkgs-unstable x509-system-0.1.0.4
- nixos-unstable-small x509-system-0.1.0.4
Package maintainers
-
@jluttine Jaakko Luttinen <jaakko.luttinen@iki.fi>
-
@mogorman Matthew O'Gorman <mog-lists@rldn.net>
-
@jceb Jan Christoph Ebersbach <jceb@e-jc.de>
-
@Naxdy Naxdy <naxdy@naxdy.org>