Nixpkgs security tracker

Dismissed

(not in Nixpkgs)

Permalink CVE-2026-24989

updated 2 months ago by @LeSuisse Activity log

Created suggestion 2 months ago
@LeSuisse dismissed (not in Nixpkgs) 2 months ago

WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Object Injection.This issue affects SUMO Affiliates Pro: from n/a through < 11.4.0.

References

https://patchstack.com/database/Wordpress/Plugin/affs/vulnerability/wordpress-s… vdb-entry

Affected products

affs

=<< 11.4.0

Matching in nixpkgs

pkgs.unyaffs

Tool to extract files from a YAFFS2 file system image

nixos-unstable 0.9
- nixpkgs-unstable 0.9
- nixos-unstable-small 0.9
nixos-25.11 0.9
- nixos-25.11-small 0.9
- nixpkgs-25.11-darwin 0.9

pkgs.yaffshiv

Simple YAFFS file system parser and extractor

nixos-unstable 0-unstable-2024-08-30
- nixpkgs-unstable 0-unstable-2024-08-30
- nixos-unstable-small 0-unstable-2024-08-30
nixos-25.11 0-unstable-2024-08-30
- nixos-25.11-small 0-unstable-2024-08-30
- nixpkgs-25.11-darwin 0-unstable-2024-08-30

Package maintainers

@KSJ2000 KSJ2000 <katsho123@outlook.com>
@stigtsp Stig Palmquist <stig@stig.io>

Dismissed

Permalink CVE-2025-64228

4.3 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

updated 5 months, 3 weeks ago by @LeSuisse Activity log

Created suggestion 6 months ago
@LeSuisse dismissed 5 months, 3 weeks ago

WordPress SUMO Affiliates Pro plugin <= 11.0.0 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Retrieve Embedded Sensitive Data.This issue affects SUMO Affiliates Pro: from n/a through <= 11.0.0.

References

Affected products

affs

=<<= 11.0.0

Matching in nixpkgs

pkgs.unyaffs

Tool to extract files from a YAFFS2 file system image

nixos-unstable 0.9
- nixpkgs-unstable 0.9
- nixos-unstable-small 0.9

pkgs.yaffshiv

Simple YAFFS file system parser and extractor

nixos-unstable 0-unstable-2024-08-30
- nixpkgs-unstable 0-unstable-2024-08-30
- nixos-unstable-small 0-unstable-2024-08-30

Package maintainers

@KSJ2000 KSJ2000 <katsho123@outlook.com>
@stigtsp Stig Palmquist <stig@stig.io>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.unyaffs

pkgs.yaffshiv

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.unyaffs

pkgs.yaffshiv

Package maintainers