Nixpkgs security tracker
6.3 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): Low (L)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): Low (L)
- Integrity (I): Low (L)
- Availability (A): Low (L)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): Low (L)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): Low (L)
- Modified Availability (MA): Low (L)
Activity log
- Created suggestion
Tanium addressed a SQL injection vulnerability in Asset.
Tanium addressed a SQL injection vulnerability in Asset.
References
Affected products
- <1.28.254
- <1.32.161
- <1.33.250
Matching in nixpkgs
pkgs.cassette
GTK4/Adwaita application that allows you to use Yandex Music service on Linux operating systems
pkgs.assetfinder
Find domains and subdomains related to a given domain
pkgs.assetripper
Tool for extracting assets from Unity serialized files and asset bundles
pkgs.taproot-assets
Daemon for the Taro protocol specification
pkgs.etlegacy-assets
ET: Legacy assets only
pkgs.retroarch-assets
Assets needed for RetroArch
-
nixos-unstable 1.22.0-unstable-2025-11-10
- nixpkgs-unstable 1.22.0-unstable-2025-11-10
- nixos-unstable-small 1.22.0-unstable-2025-11-10
pkgs.go-bindata-assetfs
Serve embedded files from jteeuwen/go-bindata
-
nixos-unstable 2022-04-12
- nixpkgs-unstable 2022-04-12
- nixos-unstable-small 2022-04-12
pkgs.haskellPackages.cassette
Combinators to simultaneously define parsers and pretty printers
pkgs.python312Packages.webassets
Media asset management for Python, with glue code for various web frameworks
pkgs.python313Packages.webassets
Media asset management for Python, with glue code for various web frameworks
pkgs.haskellPackages.asset-bundle
A build-time Cabal library that bundles executables with assets
pkgs.python312Packages.flask-assets
Asset management for Flask, to compress and merge CSS and Javascript files
pkgs.python313Packages.flask-assets
Asset management for Flask, to compress and merge CSS and Javascript files
pkgs.haskellPackages.wai-make-assets
Compiling and serving assets
pkgs.haskellPackages.gogol-cloudasset
Google Cloud Asset SDK
pkgs.python312Packages.django-js-asset
Script tag with additional attributes for django.forms.Media
pkgs.python313Packages.django-js-asset
Script tag with additional attributes for django.forms.Media
pkgs.python312Packages.google-cloud-asset
Python Client for Google Cloud Asset API
pkgs.python313Packages.google-cloud-asset
Python Client for Google Cloud Asset API
pkgs.haskellPackages.gogol-digitalassetlinks
Google Digital Asset Links SDK
pkgs.perlPackages.MojoliciousPluginAssetPack
Compress and convert css, less, sass, javascript and coffeescript files
pkgs.perl538Packages.MojoliciousPluginAssetPack
Compress and convert css, less, sass, javascript and coffeescript files
pkgs.perl540Packages.MojoliciousPluginAssetPack
Compress and convert css, less, sass, javascript and coffeescript files
Package maintainers
-
@shard77 Léon Gessner <sh7user@gmail.com>
-
@YoshiRulz YoshiRulz <OSSYoshiRulz+Nixpkgs@gmail.com>
-
@averyanalex Alexander Averyanov <alex@averyan.ru>
-
@drupol Pol Dellaiera <pol.dellaiera@protonmail.com>
-
@avnik Alexander V. Nikolaev <avn@avnik.info>
-
@stigtsp Stig Palmquist <stig@stig.io>
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
-
@abbradar Nikolay Amiantov <ab@fmap.me>
-
@thiagokokada Thiago K. Okada <thiagokokada@gmail.com>
-
@aanderse Aaron Andersen <aaron@fosslib.net>
-
@edwtjo Edward Tjörnhammar <ed@cflags.cc>
-
@hrdinka Christoph Hrdinka <c.nix@hrdinka.at>
-
@prusnak Pavol Rusnak <pavol@rusnak.io>