Nixpkgs security tracker
Permalink
CVE-2025-64363
7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): Low (L)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): Low (L)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
by @pyrox0 Activity log
- Created suggestion
- @pyrox0 dismissed
WordPress Kleo theme < 5.5.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SeventhQueen Kleo kleo allows PHP Local File Inclusion.This issue affects Kleo: from n/a through < 5.5.0.
References
Affected products
kleo
- =<< 5.5.0
Matching in nixpkgs
pkgs.libsForQt5.libkleo
None
pkgs.kdePackages.libkleo
Library that provides cryptography support for mails
pkgs.libsForQt5.kleopatra
Certificate manager and unified crypto GUI
pkgs.kdePackages.kleopatra
Certificate manager and GUI for OpenPGP and CMS cryptography
pkgs.plasma5Packages.libkleo
None
pkgs.plasma5Packages.kleopatra
Certificate manager and unified crypto GUI
Package maintainers
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
-
@NickCao Nick Cao <nickcao@nichi.co>
-
@K900 Ilya K. <me@0upti.me>
-
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@mjm Matt Moriarity <matt@mattmoriarity.com>
-
@vandenoever Jos van den Oever <jos@vandenoever.info>
-
@nyanloutre Paul Trehiou <paul@nyanlout.re>