Nixpkgs Security Tracker

Permalink CVE-2024-37478

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): NONE

created 6 months, 1 week ago

WordPress Ashe theme <= 2.233 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Ashe allows Cross Site Request Forgery.This issue affects Ashe: from n/a through 2.233.

References

https://patchstack.com/database/wordpress/theme/ashe/vulnerability/wordpress-as… vdb-entry

Affected products

ashe

=<2.233

Matching in nixpkgs

pkgs.ashell

Ready to go Wayland status bar for Hyprland

nixos-unstable -
- nixpkgs-unstable 0.5.0

pkgs.dasher

Information-efficient text-entry interface, driven by natural continuous pointing gestures

nixos-unstable -
- nixpkgs-unstable 2021-04-25

pkgs.hashes

Simple hash algorithm identification GUI

nixos-unstable -
- nixpkgs-unstable 1.1.2

pkgs.seashells

Pipe command-line programs to seashells.io

nixos-unstable -
- nixpkgs-unstable 0.1.2

pkgs.gcfflasher

CFFlasher is the tool to program the firmware of dresden elektronik's Zigbee products

nixos-unstable -
- nixpkgs-unstable 4.10.0

pkgs.pixelflasher

Pixel™ phone flashing GUI utility with features

nixos-unstable -
- nixpkgs-unstable 8.5.1.0

pkgs.all-cabal-hashes

None

nixos-unstable -
- nixpkgs-unstable e184ded.tar.gz

pkgs.haskellPackages.hashes

Hash functions

nixos-unstable -
- nixpkgs-unstable 0.3.0.1

pkgs.python312Packages.cashews

Cache tools with async power

nixos-unstable -
- nixpkgs-unstable 7.4.1

pkgs.python313Packages.cashews