Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2025-64487

7.6 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): LOW
Availability impact (A): NONE

created 2 months, 1 week ago

Outline is vulnerable to privilege escalation vulnerability in document sharing

Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in 1.1.0.

References

https://github.com/outline/outline/security/advisories/GHSA-c8xf-3j86-7686 x_refsource_CONFIRM
https://github.com/outline/outline/releases/tag/v1.1.0 x_refsource_MISC

Affected products

outline

==<= 1.0.1

Matching in nixpkgs

pkgs.outline

Fastest wiki and knowledge base for growing teams. Beautiful, feature rich, and markdown compatible

nixos-unstable 0.85.1
- nixpkgs-unstable 1.1.0
- nixos-unstable-small 1.1.0
nixos-25.11 1.1.0
- nixpkgs-25.11-darwin 1.1.0

pkgs.go-outline

Utility to extract JSON representation of declarations from a Go source file

nixos-unstable 2021-06-08
- nixpkgs-unstable 2021-06-08
- nixos-unstable-small 2021-06-08
nixos-25.11 2021-06-08
- nixpkgs-25.11-darwin 2021-06-08

pkgs.mdbook-pdf-outline

None

nixos-unstable 0.1.6
- nixpkgs-unstable 0.1.6
- nixos-unstable-small 0.1.6
nixos-25.11 0.1.6
- nixpkgs-25.11-darwin 0.1.6

pkgs.python312Packages.outlines

Structured text generation

nixos-unstable 0.1.13
nixos-25.11 1.2.3
- nixpkgs-25.11-darwin 1.2.3

pkgs.python313Packages.outlines

Structured text generation

nixos-unstable 0.1.13
- nixpkgs-unstable 1.2.9
- nixos-unstable-small 1.2.9
nixos-25.11 1.2.3
- nixpkgs-25.11-darwin 1.2.3

pkgs.typstPackages.suboutline_0_1_0

An outline function just for one section and nothing else

nixos-unstable 0.1.0
- nixpkgs-unstable 0.1.0
- nixos-unstable-small 0.1.0
nixos-25.11 0.1.0
- nixpkgs-25.11-darwin 0.1.0

pkgs.typstPackages.suboutline_0_2_0

An outline function just for one section and nothing else

nixos-unstable 0.2.0
- nixpkgs-unstable 0.2.0
- nixos-unstable-small 0.2.0
nixos-25.11 0.2.0
- nixpkgs-25.11-darwin 0.2.0

pkgs.typstPackages.suboutline_0_3_0

An outline function just for one section and nothing else

nixos-unstable 0.3.0
- nixpkgs-unstable 0.3.0
- nixos-unstable-small 0.3.0
nixos-25.11 0.3.0
- nixpkgs-25.11-darwin 0.3.0

pkgs.mplus-outline-fonts.osdnRelease

M+ Outline Fonts (legacy OSDN release)

nixos-unstable 063a
- nixpkgs-unstable 063a
- nixos-unstable-small 063a
nixos-25.11 063a
- nixpkgs-25.11-darwin 063a

pkgs.python312Packages.outlines-core

Structured text generation (core)

nixos-unstable 0.1.26
nixos-25.11 0.2.11
- nixpkgs-25.11-darwin 0.2.11

pkgs.python313Packages.outlines-core

Structured text generation (core)

nixos-unstable 0.1.26
- nixpkgs-unstable 0.2.13
- nixos-unstable-small 0.2.13
nixos-25.11 0.2.11
- nixpkgs-25.11-darwin 0.2.11

pkgs.python314Packages.outlines-core

Structured text generation (core)

nixos-unstable -
- nixpkgs-unstable 0.2.13
- nixos-unstable-small 0.2.13

pkgs.mplus-outline-fonts.githubRelease

M+ Outline Fonts (GitHub release)

nixos-unstable 2022-05-19
- nixpkgs-unstable 2022-05-19
- nixos-unstable-small 2022-05-19
nixos-25.11 2022-05-19
- nixpkgs-25.11-darwin 2022-05-19

pkgs.pkgsRocm.python3Packages.outlines

Structured text generation

nixos-unstable -
- nixpkgs-unstable 1.2.9
- nixos-unstable-small 1.2.9
nixos-25.11 1.2.3
- nixpkgs-25.11-darwin 1.2.3

pkgs.typstPackages.outline-summaryst_0_1_0

A basic template for including a summary for each entry in the table of contents. Useful for writing books

nixos-unstable 0.1.0
- nixpkgs-unstable 0.1.0
- nixos-unstable-small 0.1.0
nixos-25.11 0.1.0
- nixpkgs-25.11-darwin 0.1.0

pkgs.pkgsRocm.python3Packages.outlines-core

Structured text generation (core)

nixos-unstable -
- nixpkgs-unstable 0.2.13
- nixos-unstable-small 0.2.13
nixos-25.11 0.2.11
- nixpkgs-25.11-darwin 0.2.11

Package maintainers

@vdemeester Vincent Demeester <vincent@sbr.pm>
@HollowMan6 Songlin Jiang <hollowman@hollowman.ml>
@uakci uakci <git@uakci.space>
@cab404 Vladimir Serov <cab404@mailbox.org>
@blitz Julian Stecklina <js@alien8.de>
@yrd Yannik Rödel <nix@yannik.info>
@xanderio Alexander Sieg <alex@xanderio.de>
@snue Stefan Nuernberger <kabelfrickler@gmail.com>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@danieldk Daniël de Kok <me@danieldk.eu>
@cherrypiejam Gongqi Huang