Nixpkgs Security Tracker

Untriaged

Permalink CVE-2025-69299

created 1 month ago

WordPress Oxygen theme <= 6.0.8 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery (SSRF) vulnerability in Laborator Oxygen oxygen allows Server Side Request Forgery.This issue affects Oxygen: from n/a through <= 6.0.8.

References

https://patchstack.com/database/Wordpress/Theme/oxygen/vulnerability/wordpress-… vdb-entry

Affected products

oxygen

=<<= 6.0.8

Matching in nixpkgs

pkgs.doxygen

Source code documentation generator tool

nixos-unstable 1.15.0
- nixpkgs-unstable 1.15.0
- nixos-unstable-small 1.15.0
nixos-25.11 1.15.0
- nixos-25.11-small 1.15.0
- nixpkgs-25.11-darwin 1.15.0

pkgs.doxygen_gui

Source code documentation generator tool

nixos-unstable 1.15.0
- nixpkgs-unstable 1.15.0
- nixos-unstable-small 1.15.0
nixos-25.11 1.15.0
- nixos-25.11-small 1.15.0
- nixpkgs-25.11-darwin 1.15.0

pkgs.oxygenfonts

Desktop/gui font for integrated use with the KDE desktop

nixos-unstable 20160824
- nixpkgs-unstable 20160824
- nixos-unstable-small 20160824
nixos-25.11 20160824
- nixos-25.11-small 20160824
- nixpkgs-25.11-darwin 20160824

pkgs.libsForQt5.oxygen

None

pkgs.kdePackages.oxygen

The Oxygen Style for Qt/KDE Applications

nixos-unstable 6.6.0
- nixpkgs-unstable 6.5.5
- nixos-unstable-small 6.6.0
nixos-25.11 6.5.5
- nixos-25.11-small 6.5.5
- nixpkgs-25.11-darwin 6.5.5

pkgs.doxygen-awesome-css

CSS theme for doxygen html-documentation with lots of customization parameters

nixos-unstable 2.4.1
- nixpkgs-unstable 2.4.1
- nixos-unstable-small 2.4.1
nixos-25.11 2.4.1
- nixos-25.11-small 2.4.1
- nixpkgs-25.11-darwin 2.4.1

pkgs.plasma5Packages.oxygen

None

pkgs.kdePackages.oxygen-icons

Oxygen icon theme

nixos-unstable 6.1.0
- nixpkgs-unstable 6.1.0
- nixos-unstable-small 6.1.0
nixos-25.11 6.1.0
- nixos-25.11-small 6.1.0
- nixpkgs-25.11-darwin 6.1.0

pkgs.libsForQt5.oxygen-icons5

None

pkgs.libsForQt5.oxygen-sounds

None

pkgs.kdePackages.oxygen-sounds

The Oxygen Sound Theme

nixos-unstable 6.6.0
- nixpkgs-unstable 6.5.5
- nixos-unstable-small 6.6.0
nixos-25.11 6.5.5
- nixos-25.11-small 6.5.5
- nixpkgs-25.11-darwin 6.5.5

pkgs.plasma5Packages.oxygen-icons5

None

pkgs.plasma5Packages.oxygen-sounds

None

pkgs.vimPlugins.nvim-treesitter-parsers.doxygen

None

nixos-unstable 0.0.0+rev=ccd998f
- nixpkgs-unstable 0.0.0+rev=ccd998f
- nixos-unstable-small 0.0.0+rev=ccd998f
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

Package maintainers

@nim65s Guilhem Saurel <guilhem.saurel@laas.fr>
@peterhoeg Peter Hoeg <peter@hoeg.com>
@bkchr Bastian Köcher <nixos@kchr.de>
@FRidh Frederik Rietdijk <fridh@fridh.nl>
@NickCao Nick Cao <nickcao@nichi.co>
@SCOTT-HAMILTON Scott Hamilton <sgn.hamilton@protonmail.com>
@K900 Ilya K. <me@0upti.me>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@nyanloutre Paul Trehiou <paul@nyanlout.re>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>

Untriaged

Permalink CVE-2022-46841

5.4 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

WordPress Oxygen Builder Plugin < 4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Oxygen Builder plugin <= 4.4 versions.

References

https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-builder-p… vdb-entry
https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-builder-p… x_transferred vdb-entry
https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-builder-p… vdb-entry
https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-builder-p… x_transferred vdb-entry

Affected products

oxygen

<4.4

Matching in nixpkgs

pkgs.doxygen

Source code documentation generator tool

nixos-unstable -
- nixpkgs-unstable 1.14.0

pkgs.doxygen_gui

Source code documentation generator tool

nixos-unstable -
- nixpkgs-unstable 1.14.0

pkgs.oxygenfonts

Desktop/gui font for integrated use with the KDE desktop

nixos-unstable -
- nixpkgs-unstable 20160824

pkgs.kdePackages.oxygen

The Oxygen Style for Qt/KDE Applications

nixos-unstable -
- nixpkgs-unstable 6.4.5

pkgs.doxygen-awesome-css

CSS theme for doxygen html-documentation with lots of customization parameters

nixos-unstable -
- nixpkgs-unstable 2.3.4

pkgs.kdePackages.oxygen-icons

Oxygen icon theme

nixos-unstable -
- nixpkgs-unstable 6.1.0

pkgs.kdePackages.oxygen-sounds

The Oxygen Sound Theme

nixos-unstable -
- nixpkgs-unstable 6.4.5

pkgs.vimPlugins.nvim-treesitter-parsers.doxygen

None

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@nim65s Guilhem Saurel <guilhem.saurel@laas.fr>
@NickCao Nick Cao <nickcao@nichi.co>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@K900 Ilya K. <me@0upti.me>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.doxygen

pkgs.doxygen_gui

pkgs.oxygenfonts

pkgs.libsForQt5.oxygen

pkgs.kdePackages.oxygen

pkgs.doxygen-awesome-css

pkgs.plasma5Packages.oxygen

pkgs.kdePackages.oxygen-icons

pkgs.libsForQt5.oxygen-icons5

pkgs.libsForQt5.oxygen-sounds

pkgs.kdePackages.oxygen-sounds

pkgs.plasma5Packages.oxygen-icons5

pkgs.plasma5Packages.oxygen-sounds

pkgs.vimPlugins.nvim-treesitter-parsers.doxygen

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.doxygen

pkgs.doxygen_gui

pkgs.oxygenfonts

pkgs.kdePackages.oxygen

pkgs.doxygen-awesome-css

pkgs.kdePackages.oxygen-icons

pkgs.kdePackages.oxygen-sounds

pkgs.vimPlugins.nvim-treesitter-parsers.doxygen

Package maintainers