Nixpkgs security tracker
Untriaged
Permalink
CVE-2026-29077
7.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): HIGH
- Availability impact (A): NONE
Frappe: Broken Access Control in DocShare
Frappe is a full-stack web application framework. Prior to versions 15.98.0 and 14.100.0, due to a lack of validation when sharing documents, a user could share a document with a permission that they themselves didn't have. This issue has been patched in versions 15.98.0 and 14.100.0.
References
-
https://github.com/frappe/frappe/security/advisories/GHSA-5h4c-9p23-4c3m x_refsource_CONFIRM
Affected products
frappe
- ==< 15.98.0
- ==< 14.100.0
Matching in nixpkgs
pkgs.nixos-artwork.wallpapers.catppuccin-frappe
Catppuccin Frappé colorscheme wallpaper for NixOS
-
nixos-unstable 2024-02-15
- nixpkgs-unstable 2024-02-15
- nixos-unstable-small 2024-02-15
-
nixos-25.11 2024-02-15
- nixos-25.11-small 2024-02-15
- nixpkgs-25.11-darwin 2024-02-15
pkgs.nixos-artwork.wallpapers.nineish-catppuccin-frappe
Catppuccin Frappe wallpaper for Nix inspired by simpler times
-
nixos-unstable 2025-01-27
- nixpkgs-unstable 2025-01-27
- nixos-unstable-small 2025-01-27
-
nixos-25.11 2025-01-27
- nixos-25.11-small 2025-01-27
- nixpkgs-25.11-darwin 2025-01-27
pkgs.nixos-artwork.wallpapers.nineish-catppuccin-frappe-alt
Alternative Catppuccin Frappe wallpaper for Nix inspired by simpler times
-
nixos-unstable 2025-01-27
- nixpkgs-unstable 2025-01-27
- nixos-unstable-small 2025-01-27
-
nixos-25.11 2025-01-27
- nixos-25.11-small 2025-01-27
- nixpkgs-25.11-darwin 2025-01-27