Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses
Filter by:
With package: etlegacy-assets

Found 3 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-2435
6.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV):
  • Attack complexity (AC):
  • Privileges required (PR):
  • User interaction (UI):
  • Scope (S):
  • Confidentiality impact (C):
  • Integrity impact (I):
  • Availability impact (A):
created 1 month, 4 weeks ago
ASSET-7706

Tanium addressed a SQL injection vulnerability in Asset.

References

Affected products

Asset
  • <1.33.269
  • <1.32.179
  • <1.36.108

Matching in nixpkgs

pkgs.assetfinder

Find domains and subdomains related to a given domain

pkgs.assetripper

Tool for extracting assets from Unity serialized files and asset bundles

pkgs.python313Packages.webassets

Media asset management for Python, with glue code for various web frameworks

  • nixos-unstable 2.0
    • nixpkgs-unstable 2.0
    • nixos-unstable-small 2.0
  • nixos-25.11 2.0
    • nixos-25.11-small 2.0
    • nixpkgs-25.11-darwin 2.0

Package maintainers

Untriaged
Permalink CVE-2025-15344
6.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV):
  • Attack complexity (AC):
  • Privileges required (PR):
  • User interaction (UI):
  • Scope (S):
  • Confidentiality impact (C):
  • Integrity impact (I):
  • Availability impact (A):
created 2 months, 3 weeks ago
Tanium addressed a SQL injection vulnerability in Asset.

Tanium addressed a SQL injection vulnerability in Asset.

References

Affected products

Asset
  • <1.32.161
  • <1.28.254
  • <1.33.250

Matching in nixpkgs

pkgs.taro

Daemon for the Taproot Assets protocol specification

pkgs.cassette

GTK4/Adwaita application that allows you to use Yandex Music service on Linux operating systems

pkgs.assetfinder

Find domains and subdomains related to a given domain

pkgs.assetripper

Tool for extracting assets from Unity serialized files and asset bundles

pkgs.python312Packages.webassets

Media asset management for Python, with glue code for various web frameworks

  • nixos-unstable 2.0
    • nixpkgs-unstable 2.0
    • nixos-unstable-small 2.0
  • nixos-25.11 2.0
    • nixpkgs-25.11-darwin 2.0

pkgs.python313Packages.webassets

Media asset management for Python, with glue code for various web frameworks

  • nixos-unstable 2.0
    • nixpkgs-unstable 2.0
    • nixos-unstable-small 2.0
  • nixos-25.11 2.0
    • nixpkgs-25.11-darwin 2.0

Package maintainers

Untriaged
Permalink CVE-2025-58709
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 2 months, 4 weeks ago
WordPress Legacy theme <= 1.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Legacy legacy allows PHP Local File Inclusion.This issue affects Legacy: from n/a through <= 1.9.

Affected products

legacy
  • =<<= 1.9

Matching in nixpkgs

pkgs.etlegacy

ET: Legacy is an open source project based on the code of Wolfenstein: Enemy Territory which was released in 2010 under the terms of the GPLv3 license

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixpkgs-25.11-darwin

pkgs.ifstat-legacy

Report network interfaces bandwith just like vmstat/iostat do for other system counters - legacy version

  • nixos-unstable 1.1
    • nixpkgs-unstable 1.1
    • nixos-unstable-small 1.1
  • nixos-25.11 1.1
    • nixpkgs-25.11-darwin 1.1

pkgs.etlegacy-unwrapped

ET: Legacy is an open source project based on the code of Wolfenstein: Enemy Territory which was released in 2010 under the terms of the GPLv3 license

Package maintainers