Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged

Filter by:

With package: haskellPackages.cardano-coin-selection

Found 1 matching suggestions

View:

Compact

Detailed

Permalink CVE-2020-37154

7.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): LOW
Availability impact (A): NONE

created 2 months, 1 week ago Activity log

Created suggestion 2 months, 1 week ago

eLection 2.0 - 'id' SQL Injection

eLection 2.0 contains an authenticated SQL injection vulnerability in the candidate management endpoint that allows attackers to manipulate database queries through the 'id' parameter. Attackers can leverage SQLMap to exploit the vulnerability, potentially gaining remote code execution by uploading backdoor files to the web application directory.

References

ExploitDB-48122 exploit
eLection Project Vendor Homepage product
Researcher Exploit Disclosure exploittechnical-description
VulnCheck Advisory: eLection 2.0 - 'id' SQL Injection third-party-advisory

Affected products

eLection

==2.0

Matching in nixpkgs

pkgs.haskellPackages.selections

Combinators for operating with selections over an underlying functor

nixos-unstable 0.3.0.0
- nixpkgs-unstable 0.3.0.0
- nixos-unstable-small 0.3.0.0
nixos-25.11 0.3.0.0
- nixpkgs-25.11-darwin 0.3.0.0

pkgs.haskellPackages.cardano-coin-selection

Algorithms for coin selection and fee balancing

nixos-unstable 1.0.1
- nixpkgs-unstable 1.0.1
- nixos-unstable-small 1.0.1
nixos-25.11 1.0.1
- nixpkgs-25.11-darwin 1.0.1

pkgs.kakounePlugins.kakoune-vertical-selection

None

nixos-unstable 2023-04-20
- nixpkgs-unstable 2023-04-20
- nixos-unstable-small 2023-04-20
nixos-25.11 2023-04-20
- nixpkgs-25.11-darwin 2023-04-20

pkgs.python313Packages.colcon-package-selection

Extension for colcon to select the packages to process

nixos-unstable -
- nixpkgs-unstable 0.2.10
- nixos-unstable-small 0.2.10

pkgs.python314Packages.colcon-package-selection

Extension for colcon to select the packages to process

nixos-unstable -
- nixpkgs-unstable 0.2.10
- nixos-unstable-small 0.2.10

pkgs.vscode-extensions.albymor.increment-selection

Increment, decrement or reverse selection with multiple cursors

nixos-unstable 0.2.0
- nixpkgs-unstable 0.2.0
- nixos-unstable-small 0.2.0
nixos-25.11 0.2.0
- nixpkgs-25.11-darwin 0.2.0

Package maintainers

@Guelakais GueLaKais <koroyeldiores@gmail.com>

1