Nixpkgs security tracker
Permalink
CVE-2025-64363
7.5 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
WordPress Kleo theme < 5.5.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SeventhQueen Kleo kleo allows PHP Local File Inclusion.This issue affects Kleo: from n/a through < 5.5.0.
References
Affected products
kleo
- =<< 5.5.0
Matching in nixpkgs
pkgs.libsForQt5.libkleo
None
pkgs.kdePackages.libkleo
Library that provides cryptography support for mails
pkgs.libsForQt5.kleopatra
Certificate manager and unified crypto GUI
pkgs.kdePackages.kleopatra
Certificate manager and GUI for OpenPGP and CMS cryptography
pkgs.plasma5Packages.libkleo
None
pkgs.plasma5Packages.kleopatra
Certificate manager and unified crypto GUI
Package maintainers
-
@mjm Matt Moriarity <matt@mattmoriarity.com>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@K900 Ilya K. <me@0upti.me>
-
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
-
@NickCao Nick Cao <nickcao@nichi.co>
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
-
@vandenoever Jos van den Oever <jos@vandenoever.info>
-
@nyanloutre Paul Trehiou <paul@nyanlout.re>