Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: rubyPackages.charlock_holmes

Found 2 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-22400
5.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 2 months ago
WordPress Holmes theme <= 1.7 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Holmes holmes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Holmes: from n/a through <= 1.7.

References

Affected products

holmes
  • =<<= 1.7

Matching in nixpkgs

Untriaged
Permalink CVE-2025-39475
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
WordPress Arlo <= 6.0.3 - Local File Inclusion Vulnerability

Path Traversal vulnerability in Frenify Arlo allows PHP Local File Inclusion. This issue affects Arlo: from n/a through 6.0.3.

References

Affected products

arlo
  • =<6.0.3

Matching in nixpkgs

pkgs.barlow

Grotesk variable font superfamily

  • nixos-unstable -

Package maintainers