Nixpkgs Security Tracker

Accepted

Permalink CVE-2025-0502

updated 1 year ago by @Erethon Activity log

Created automatic suggestion 1 year ago
@Erethon accepted 1 year ago

Transmission of Private Resources into a New Sphere in Crafter Engine

Transmission of Private Resources into a New Sphere ('Resource Leak') vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.

Affected products

Engine

<4.1.6
<4.0.8

Matching in nixpkgs

pkgs.haskellPackages.Control-Engine

A parallel producer/consumer engine (thread pool)

nixos-unstable 1.1.0.1
- nixpkgs-unstable 1.1.0.1
- nixos-unstable-small 1.1.0.1

pkgs.perl538Packages.XMLXPathEngine

Re-usable XPath engine for DOM-like trees

nixos-unstable 0.14
- nixpkgs-unstable 0.14
- nixos-unstable-small 0.14

pkgs.perl540Packages.XMLXPathEngine

Re-usable XPath engine for DOM-like trees

nixos-unstable 0.14
- nixpkgs-unstable 0.14
- nixos-unstable-small 0.14

pkgs.perl538Packages.ZonemasterEngine

Tool to check the quality of a DNS zone

nixos-unstable 4.6.1
- nixpkgs-unstable 4.6.1
- nixos-unstable-small 4.6.1

pkgs.perl540Packages.ZonemasterEngine