Nixpkgs security tracker

Untriaged

Permalink CVE-2025-58708

8.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 2 months, 3 weeks ago

WordPress 777 theme <= 1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes 777 triple-seven allows PHP Local File Inclusion.This issue affects 777: from n/a through <= 1.3.

References

Affected products

triple-seven

=<<= 1.3

Matching in nixpkgs

pkgs.tests.haskell.upstreamStackHpackVersion

Test that the stack in Nixpkgs uses the same version of Hpack as the upstream stack release

nixos-unstable 3.5.1-hpack-0.38.0-3c7ec163b41accac6cb7904ba3906e269b503777a3171d9b8694f0f0fb592a57
- nixpkgs-unstable 3.5.1-hpack-0.38.0-3c7ec163b41accac6cb7904ba3906e269b503777a3171d9b8694f0f0fb592a57
- nixos-unstable-small 3.5.1-hpack-0.38.0-3c7ec163b41accac6cb7904ba3906e269b503777a3171d9b8694f0f0fb592a57

Package maintainers

@cdepillabout Dennis Gosnell <cdep.illabout@gmail.com>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.tests.haskell.upstreamStackHpackVersion

Package maintainers