Nixpkgs security tracker

Untriaged

Permalink CVE-2026-33549

6.7 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): LOW

created 4 weeks ago

SPIP 4.4.10 through 4.4.12 before 4.4.13 allows unintended privilege assignment …

SPIP 4.4.10 through 4.4.12 before 4.4.13 allows unintended privilege assignment (of administrator privileges) during the editing of an author data structure because of STATUT mishandling.

References

Affected products

SPIP

<4.4.13

Matching in nixpkgs

pkgs.spip

A random forest model for splice prediction in genomics

nixos-unstable 0-unstable-2023-04-19
- nixpkgs-unstable 0-unstable-2023-04-19
- nixos-unstable-small 0-unstable-2023-04-19
nixos-25.11 0-unstable-2023-04-19
- nixos-25.11-small 0-unstable-2023-04-19
- nixpkgs-25.11-darwin 0-unstable-2023-04-19

pkgs.spiped

Utility for secure encrypted channels between sockets

nixos-unstable 1.6.4
- nixpkgs-unstable 1.6.4
- nixos-unstable-small 1.6.4
nixos-25.11 1.6.4
- nixos-25.11-small 1.6.4
- nixpkgs-25.11-darwin 1.6.4

pkgs.aespipe

AES encrypting or decrypting pipe

nixos-unstable 2.4j
- nixpkgs-unstable 2.4j
- nixos-unstable-small 2.4j
nixos-25.11 2.4j
- nixos-25.11-small 2.4j
- nixpkgs-25.11-darwin 2.4j

pkgs.lesspipe

Preprocessor for less

nixos-unstable 2.20
- nixpkgs-unstable 2.20
- nixos-unstable-small 2.20
nixos-25.11 2.20
- nixos-25.11-small 2.20
- nixpkgs-25.11-darwin 2.20

pkgs.crosspipe

PipeWire graph GTK4/Libadwaita GUI

nixos-unstable 0.1.1
- nixpkgs-unstable 0.1.1
- nixos-unstable-small 0.1.1

Package maintainers

@martijnvermaat Martijn Vermaat <martijn@vermaat.name>
@apraga Alexis Praga <alexis.praga@proton.me>
@thoughtpolice Austin Seipp <aseipp@pobox.com>
@qweered Aliaksandr Samatyia <grubian2@gmail.com>

Suggestions search