Nixpkgs security tracker
Untriaged
Permalink
CVE-2026-29081
6.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): NONE
- Availability impact (A): NONE
Frappe: Possibility of SQL Injection due to improper fieldname sanitization
Frappe is a full-stack web application framework. Prior to versions 14.100.1 and 15.100.0, an endpoint was vulnerable to SQL injection through specially crafted requests, which would allow a malicious actor to extract sensitive information. This issue has been patched in versions 14.100.1 and 15.100.0.
References
-
https://github.com/frappe/frappe/security/advisories/GHSA-w3g7-m7xr-2w38 x_refsource_CONFIRM
Affected products
frappe
- ==< 14.100.1
- ==< 15.100.0
Matching in nixpkgs
pkgs.nixos-artwork.wallpapers.catppuccin-frappe
Catppuccin Frappé colorscheme wallpaper for NixOS
-
nixos-unstable 2024-02-15
- nixpkgs-unstable 2024-02-15
- nixos-unstable-small 2024-02-15
-
nixos-25.11 2024-02-15
- nixos-25.11-small 2024-02-15
- nixpkgs-25.11-darwin 2024-02-15
pkgs.nixos-artwork.wallpapers.nineish-catppuccin-frappe
Catppuccin Frappe wallpaper for Nix inspired by simpler times
-
nixos-unstable 2025-01-27
- nixpkgs-unstable 2025-01-27
- nixos-unstable-small 2025-01-27
-
nixos-25.11 2025-01-27
- nixos-25.11-small 2025-01-27
- nixpkgs-25.11-darwin 2025-01-27
pkgs.nixos-artwork.wallpapers.nineish-catppuccin-frappe-alt
Alternative Catppuccin Frappe wallpaper for Nix inspired by simpler times
-
nixos-unstable 2025-01-27
- nixpkgs-unstable 2025-01-27
- nixos-unstable-small 2025-01-27
-
nixos-25.11 2025-01-27
- nixos-25.11-small 2025-01-27
- nixpkgs-25.11-darwin 2025-01-27