Nixpkgs security tracker

Untriaged

Permalink CVE-2025-67528

5.1 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): LOW

created 2 months, 3 weeks ago

WordPress Urna theme <= 2.5.12 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through <= 2.5.12.

References

Affected products

urna

=<<= 2.5.12

Matching in nixpkgs

pkgs.furnace

Multi-system chiptune tracker compatible with DefleMask modules

nixos-unstable 0.6.8.3
- nixpkgs-unstable 0.6.8.3
- nixos-unstable-small 0.6.8.3
nixos-25.11 0.6.8.3
- nixpkgs-25.11-darwin 0.6.8.3

pkgs.xournalpp

Xournal++ is a handwriting Notetaking software with PDF annotation support

nixos-unstable 1.2.7
- nixpkgs-unstable 1.2.7
- nixos-unstable-small 1.2.7
nixos-25.11 1.3.1
- nixpkgs-25.11-darwin 1.2.10

pkgs.journalist

RSS aggregator

nixos-unstable 1.0.1
- nixpkgs-unstable 1.0.1
- nixos-unstable-small 1.0.1
nixos-25.11 1.0.1
- nixpkgs-25.11-darwin 1.0.1

pkgs.lazyjournal

TUI for journalctl, file system logs, as well as Docker and Podman containers

nixos-unstable 0.7.9
- nixpkgs-unstable 0.7.9
- nixos-unstable-small 0.7.9
nixos-25.11 0.8.1
- nixpkgs-25.11-darwin 0.8.1

pkgs.qjournalctl

Qt-based graphical user interface for systemd's journalctl command

nixos-unstable 0.6.4
- nixpkgs-unstable 0.6.4
- nixos-unstable-small 0.6.4
nixos-25.11 0.6.4
- nixpkgs-25.11-darwin 0.6.4

pkgs.tui-journal

Your journal app if you live in a terminal

nixos-unstable 0.16.1
- nixpkgs-unstable 0.16.1
- nixos-unstable-small 0.16.1
nixos-25.11 0.16.1
- nixpkgs-25.11-darwin 0.16.1

pkgs.journalwatch

Tool to find error messages in the systemd journal

nixos-unstable 1.1.0
- nixpkgs-unstable 1.1.0
- nixos-unstable-small 1.1.0
nixos-25.11 1.1.0
- nixpkgs-25.11-darwin 1.1.0

pkgs.annapurna-sil

Unicode-based font family with broad support for writing systems that use the Devanagari script

nixos-unstable 2.100
- nixpkgs-unstable 2.100
- nixos-unstable-small 2.100
nixos-25.11 2.100
- nixpkgs-25.11-darwin 2.100

pkgs.journaldriver

Log forwarder from journald to Stackdriver Logging

nixos-unstable 5656.0.0
- nixpkgs-unstable 5656.0.0
- nixos-unstable-small 5656.0.0
nixos-25.11 5656.0.0
- nixpkgs-25.11-darwin 5656.0.0

pkgs.systemd-journal2gelf

Export entries from systemd's journal and send them to a graylog server using gelf

nixos-unstable 0-unstable-2023-03-10
- nixpkgs-unstable 0-unstable-2023-03-10
- nixos-unstable-small 0-unstable-2023-03-10
nixos-25.11 0-unstable-2023-03-10
- nixpkgs-25.11-darwin 0-unstable-2023-03-10

pkgs.kdePackages.kjournald

Framework for interacting with systemd-journald

nixos-unstable 25.04.3
- nixpkgs-unstable 25.04.3
- nixos-unstable-small 25.04.3
nixos-25.11 25.08.3
- nixpkgs-25.11-darwin 25.08.3

pkgs.perlPackages.LogJournald

Send messages to a systemd journal

nixos-unstable 0.30
- nixpkgs-unstable 0.30
- nixos-unstable-small 0.30
nixos-25.11 0.30
- nixpkgs-25.11-darwin 0.30

pkgs.perl538Packages.LogJournald

Send messages to a systemd journal

nixos-unstable 0.30
- nixpkgs-unstable 0.30
- nixos-unstable-small 0.30
nixos-25.11 0.30
- nixpkgs-25.11-darwin 0.30

pkgs.perl540Packages.LogJournald

Send messages to a systemd journal

nixos-unstable 0.30
- nixpkgs-unstable 0.30
- nixos-unstable-small 0.30

pkgs.python312Packages.swh-journal

Persistent logger of changes to the archive, with publish-subscribe support

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0
nixos-25.11 2.0.0
- nixpkgs-25.11-darwin 2.0.0

pkgs.python313Packages.swh-journal

Persistent logger of changes to the archive, with publish-subscribe support

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0
nixos-25.11 2.0.0
- nixpkgs-25.11-darwin 2.0.0

pkgs.python312Packages.waterfurnace

Python interface to waterfurnace geothermal systems

nixos-unstable 1.1.0
- nixpkgs-unstable 1.1.0
- nixos-unstable-small 1.1.0
nixos-25.11 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.python313Packages.waterfurnace

Python interface to waterfurnace geothermal systems

nixos-unstable 1.1.0
- nixpkgs-unstable 1.1.0
- nixos-unstable-small 1.1.0
nixos-25.11 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.haskellPackages.journalctl-stream

Stream logs using journalctl

nixos-unstable 0.6.0.8
- nixpkgs-unstable 0.6.0.8
- nixos-unstable-small 0.6.0.8
nixos-25.11 0.6.0.8
- nixpkgs-25.11-darwin 0.6.0.8

pkgs.haskellPackages.libsystemd-journal

Haskell bindings to libsystemd-journal

nixos-unstable 1.4.6.0
- nixpkgs-unstable 1.4.6.0
- nixos-unstable-small 1.4.6.0
nixos-25.11 1.4.6.0
- nixpkgs-25.11-darwin 1.4.6.0

pkgs.python312Packages.logging-journald

Logging handler for writing logs to the journald

nixos-unstable 0.6.7
- nixpkgs-unstable 0.6.7
- nixos-unstable-small 0.6.7
nixos-25.11 0.6.7
- nixpkgs-25.11-darwin 0.6.7

pkgs.python313Packages.logging-journald

Logging handler for writing logs to the journald

nixos-unstable 0.6.7
- nixpkgs-unstable 0.6.7
- nixos-unstable-small 0.6.7
nixos-25.11 0.6.7
- nixpkgs-25.11-darwin 0.6.7