Nixpkgs security tracker
Activity log
- Created suggestion
Craft has a Stored XSS in Entry Types Name
Craft is a platform for creating digital experiences. From 5.0.0-RC1 to 5.8.21, Craft has a stored XSS via Entry Type names. The name is not sanitized when displayed in the Entry Types list. This vulnerability is fixed in 5.8.22.
References
-
https://github.com/craftcms/cms/security/advisories/GHSA-7pr4-wx9w-mqwr x_refsource_CONFIRM
-
https://github.com/craftcms/cms/releases/tag/5.8.22 x_refsource_MISC
Affected products
- ==>= 5.0.0-RC1, < 5.8.22
Matching in nixpkgs
pkgs.cmst
QT GUI for Connman with system tray icon
-
nixos-unstable 2023.03.14
- nixpkgs-unstable 2023.03.14
- nixos-unstable-small 2023.03.14
-
nixos-25.11 2023.03.14
- nixpkgs-25.11-darwin 2023.03.14
pkgs.lcms1
Color management engine
pkgs.lcms2
Color management engine
pkgs.cppcms
High Performance C++ Web Framework
-
nixos-unstable 2.0.0.beta2
- nixpkgs-unstable 2.0.0.beta2
- nixos-unstable-small 2.0.0.beta2
-
nixos-25.11 2.0.0.beta2
- nixpkgs-25.11-darwin 2.0.0.beta2
pkgs.xcmsdb
Device Color Characterization utility for X Color Management System
pkgs.argyllcms
Color management system (compatible with ICC)
pkgs.pcmsolver
API for the Polarizable Continuum Model
pkgs.xorg.xcmsdb
None
pkgs.luaPackages.lua-cmsgpack
MessagePack C implementation and bindings for Lua 5.1/5.2/5.3
pkgs.lua51Packages.lua-cmsgpack
MessagePack C implementation and bindings for Lua 5.1/5.2/5.3
pkgs.lua53Packages.lua-cmsgpack
MessagePack C implementation and bindings for Lua 5.1/5.2/5.3
pkgs.lua54Packages.lua-cmsgpack
MessagePack C implementation and bindings for Lua 5.1/5.2/5.3
pkgs.lua55Packages.lua-cmsgpack
None
pkgs.python312Packages.cmsdials
Python API client interface to CMS DIALS service
-
nixos-unstable 1.5.0
pkgs.python312Packages.dcmstack
DICOM to Nifti conversion preserving metadata
-
nixos-unstable 0.9-unstable-2024-12-05
-
nixos-25.11 0.9-unstable-2024-12-05
- nixpkgs-25.11-darwin 0.9-unstable-2024-12-05
pkgs.python313Packages.cmsdials
Python API client interface to CMS DIALS service
pkgs.python313Packages.dcmstack
DICOM to Nifti conversion preserving metadata
-
nixos-unstable 0.9-unstable-2024-12-05
- nixpkgs-unstable 0.9-unstable-2024-12-05
- nixos-unstable-small 0.9-unstable-2024-12-05
-
nixos-25.11 0.9-unstable-2024-12-05
- nixpkgs-25.11-darwin 0.9-unstable-2024-12-05
pkgs.python314Packages.cmsdials
Python API client interface to CMS DIALS service
pkgs.python314Packages.dcmstack
DICOM to Nifti conversion preserving metadata
-
nixos-unstable -
- nixpkgs-unstable 0.9-unstable-2024-12-05
- nixos-unstable-small 0.9-unstable-2024-12-05
pkgs.luajitPackages.lua-cmsgpack
MessagePack C implementation and bindings for Lua 5.1/5.2/5.3
-
nixos-unstable 0.4.0-0
pkgs.python312Packages.cmsis-svd
CMSIS SVD parser
-
nixos-unstable 0.4-unstable-2024-01-25
pkgs.python312Packages.pyemoncms
Python library for emoncms API
-
nixos-unstable 0.1.2
pkgs.python313Packages.cmsis-svd
CMSIS SVD parser
-
nixos-unstable 0.4-unstable-2024-01-25
pkgs.python313Packages.pyemoncms
Python library for emoncms API
pkgs.python314Packages.cmsis-svd
CMSIS SVD parser
pkgs.python314Packages.pyemoncms
Python library for emoncms API
pkgs.python312Packages.django-cms
Lean enterprise content management powered by Django
-
nixos-unstable 4.1.6
pkgs.python313Packages.django-cms
Lean enterprise content management powered by Django
pkgs.python314Packages.django-cms
Lean enterprise content management powered by Django
pkgs.python312Packages.djangocms-alias
Lean enterprise content management powered by Django
-
nixos-unstable 2.0.4
pkgs.python313Packages.djangocms-alias
Lean enterprise content management powered by Django
pkgs.python314Packages.djangocms-alias
Lean enterprise content management powered by Django
pkgs.vscode-extensions.cmschuetz12.wal
None
-
nixos-unstable cmschuetz12-wal-0.1.0
- nixpkgs-unstable cmschuetz12-wal-0.1.0
- nixos-unstable-small cmschuetz12-wal-0.1.0
-
nixos-25.11 cmschuetz12-wal-0.1.0
- nixpkgs-25.11-darwin cmschuetz12-wal-0.1.0
pkgs.python312Packages.cmsis-pack-manager
Rust and Python module for handling CMSIS Pack files
-
nixos-unstable 0.5.2
pkgs.python313Packages.cmsis-pack-manager
Rust and Python module for handling CMSIS Pack files
pkgs.python314Packages.cmsis-pack-manager
Rust and Python module for handling CMSIS Pack files
pkgs.home-assistant-component-tests.emoncms
Open source home automation that puts local control and privacy first
-
nixos-unstable 2025.8.0
pkgs.python312Packages.djangocms-admin-style
Django Theme tailored to the needs of django CMS
-
nixos-unstable 3.3.1
pkgs.python313Packages.djangocms-admin-style
Django Theme tailored to the needs of django CMS
pkgs.python314Packages.djangocms-admin-style
Django Theme tailored to the needs of django CMS
pkgs.python312Packages.djangocms-text-ckeditor
Text Plugin for django CMS using CKEditor 4
-
nixos-unstable 5.1.7
pkgs.python313Packages.djangocms-text-ckeditor
Text Plugin for django CMS using CKEditor 4
pkgs.python314Packages.djangocms-text-ckeditor
Text Plugin for django CMS using CKEditor 4
pkgs.tests.home-assistant-component-tests.emoncms
Open source home automation that puts local control and privacy first
pkgs.home-assistant-component-tests.emoncms_history
Open source home automation that puts local control and privacy first
pkgs.tests.home-assistant-component-tests.emoncms_history
Open source home automation that puts local control and privacy first
Package maintainers
-
@matejc Matej Cotman <cotman.matej@gmail.com>
-
@romildo José Romildo Malaquias <malaquias@gmail.com>
-
@juliendehos Julien Dehos <dehos@lisic.univ-littoral.fr>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
-
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
-
@sheepforce Phillip Seeber <phillip.seeber@googlemail.com>
-
@ShamrockLee Yueh-Shun Li <shamrocklee@posteo.net>
-
@sbruder Simon Bruder <nixos@sbruder.de>
-
@frogamic Dominic Shelton <frogamic@protonmail.com>
-
@jollheef Mikhail Klementev <root@dumpstack.io>
-
@bcdarwin Ben Darwin <bcdarwin@gmail.com>
-
@onny Jonas Heinrich <onny@project-insanity.org>