Nixpkgs Security Tracker

Permalink CVE-2025-39475

8.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months ago

WordPress Arlo <= 6.0.3 - Local File Inclusion Vulnerability

Path Traversal vulnerability in Frenify Arlo allows PHP Local File Inclusion. This issue affects Arlo: from n/a through 6.0.3.

References

Affected products

arlo

=<6.0.3

Matching in nixpkgs

pkgs.barlow

Grotesk variable font superfamily

nixos-unstable -
- nixpkgs-unstable 1.422

pkgs.clearlooks-phenix

GTK3 port of the Clearlooks theme

nixos-unstable -
- nixpkgs-unstable 7.1

pkgs.python312Packages.pyarlo

Python library to work with Netgear Arlo cameras

nixos-unstable -
- nixpkgs-unstable 0.2.4

pkgs.python313Packages.pyarlo

Python library to work with Netgear Arlo cameras

nixos-unstable -
- nixpkgs-unstable 0.2.4

pkgs.python312Packages.warlock

Python object model built on JSON schema and JSON patch

nixos-unstable -
- nixpkgs-unstable 2.0.1

pkgs.python313Packages.warlock

Python object model built on JSON schema and JSON patch

nixos-unstable -
- nixpkgs-unstable 2.0.1

pkgs.haskellPackages.barlow-lens

lens via string literals

nixos-unstable -
- nixpkgs-unstable 0.1.0.2

pkgs.rubyPackages.charlock_holmes

None

nixos-unstable -
- nixpkgs-unstable 0.7.9

pkgs.python312Packages.solarlog-cli

Python library to access the Solar-Log JSON interface

nixos-unstable -
- nixpkgs-unstable 0.5.0

pkgs.python313Packages.solarlog-cli

Python library to access the Solar-Log JSON interface

nixos-unstable -
- nixpkgs-unstable 0.5.0

pkgs.rubyPackages_3_1.charlock_holmes

None

nixos-unstable -
- nixpkgs-unstable 0.7.9

pkgs.rubyPackages_3_2.charlock_holmes

None

nixos-unstable -
- nixpkgs-unstable 0.7.9

pkgs.rubyPackages_3_3.charlock_holmes

None

nixos-unstable -
- nixpkgs-unstable 0.7.9

pkgs.rubyPackages_3_4.charlock_holmes

None

nixos-unstable -
- nixpkgs-unstable 0.7.9

pkgs.python312Packages.zeversolarlocal

Python module to interact with Zeversolar inverters

nixos-unstable -
- nixpkgs-unstable 1.1.0

pkgs.python313Packages.zeversolarlocal

Python module to interact with Zeversolar inverters

nixos-unstable -
- nixpkgs-unstable 1.1.0

pkgs.home-assistant-component-tests.solarlog

Open source home automation that puts local control and privacy first

nixos-unstable -
- nixpkgs-unstable 2025.9.3

Package maintainers

@prikhi Pavan Rikhi <pavan.rikhi@gmail.com>
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.barlow

pkgs.clearlooks-phenix

pkgs.python312Packages.pyarlo

pkgs.python313Packages.pyarlo

pkgs.python312Packages.warlock

pkgs.python313Packages.warlock

pkgs.haskellPackages.barlow-lens

pkgs.rubyPackages.charlock_holmes

pkgs.python312Packages.solarlog-cli

pkgs.python313Packages.solarlog-cli

pkgs.rubyPackages_3_1.charlock_holmes

pkgs.rubyPackages_3_2.charlock_holmes

pkgs.rubyPackages_3_3.charlock_holmes

pkgs.rubyPackages_3_4.charlock_holmes

pkgs.python312Packages.zeversolarlocal

pkgs.python313Packages.zeversolarlocal

pkgs.home-assistant-component-tests.solarlog

Package maintainers