Nixpkgs security tracker

Untriaged

Permalink CVE-2026-39985

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

created 5 days, 15 hours ago

LORIS has an open redirect field on login

LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, the redirect parameter upon login to LORIS was not validating the value of the redirect as being within LORIS, which could be used to trick users into visiting arbitrary URLs if they are given a link with a third party redirect parameter. This vulnerability is fixed in 27.0.3 and 28.0.1.

References

https://github.com/aces/Loris/security/advisories/GHSA-rch2-f5fw-cg95 x_refsource_CONFIRM
https://github.com/aces/Loris/commit/f57f54b42a076bf53ba86e20d4dbf37f63538f58 x_refsource_MISC
https://github.com/aces/Loris/releases/tag/v27.0.3 x_refsource_MISC
https://github.com/aces/Loris/releases/tag/v28.0.1 x_refsource_MISC

Affected products

Loris

==< 27.0.3
==>= 28.0.0, < 28.0.1

Matching in nixpkgs

pkgs.florist

Posix Ada Bindings

nixos-unstable 24.2
- nixpkgs-unstable 24.2
- nixos-unstable-small 24.2
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

Package maintainers

@lutzberger Lutz Berger <lutz.berger@airbus.com>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.florist

Package maintainers