Nixpkgs security tracker
4.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): LOW
- Availability impact (A): NONE
WordPress Avatar plugin <= 0.1.4 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Scott Taylor Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Avatar: from n/a through 0.1.4.
References
Affected products
- =<0.1.4
Matching in nixpkgs
pkgs.yunfaavatar
Utility for automatic centralized changing of avatar in Github, Discord, Steam, Shikimori, and many more
pkgs.libsForQt5.libgravatar
None
pkgs.kdePackages.libgravatar
Library that provides Gravatar support
pkgs.gnomeExtensions.gravatar
Synchronize GNOME Shell user icon with Gravatar.
pkgs.haskellPackages.gravatar
Generate Gravatar image URLs
pkgs.haskellPackages.libravatar
Use Libravatar, the decentralized avatar delivery service
pkgs.rubyPackages.jekyll-avatar
None
pkgs.plasma5Packages.libgravatar
None
pkgs.python311Packages.libgravatar
Library that provides a Python 3 interface for the Gravatar API
pkgs.python312Packages.libgravatar
Library that provides a Python 3 interface for the Gravatar API
pkgs.rubyPackages_3_1.jekyll-avatar
None
pkgs.rubyPackages_3_2.jekyll-avatar
None
pkgs.rubyPackages_3_3.jekyll-avatar
None
pkgs.rubyPackages_3_4.jekyll-avatar
None
pkgs.python311Packages.flask-gravatar
Small and simple integration of gravatar into flask
pkgs.python312Packages.flask-gravatar
Small and simple integration of gravatar into flask
pkgs.python311Packages.django-gravatar2
Essential Gravatar support for Django
-
nixos-unstable gravatar2-1.4.5
- nixpkgs-unstable gravatar2-1.4.5
- nixos-unstable-small gravatar2-1.4.5
pkgs.python312Packages.django-gravatar2
Essential Gravatar support for Django
-
nixos-unstable gravatar2-1.4.5
- nixpkgs-unstable gravatar2-1.4.5
- nixos-unstable-small gravatar2-1.4.5
pkgs.perl538Packages.MojoliciousPluginGravatar
Globally Recognized Avatars for Mojolicious
pkgs.perl540Packages.MojoliciousPluginGravatar
Globally Recognized Avatars for Mojolicious
pkgs.gnomeExtensions.user-avatar-in-quick-settings
Display the user avatar in the Quick Settings menu, part of the "System" settings
Package maintainers
-
@honnip Jung seungwoo <me@honnip.page>
-
@mjm Matt Moriarity <matt@mattmoriarity.com>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
-
@K900 Ilya K. <me@0upti.me>
-
@NickCao Nick Cao <nickcao@nichi.co>
-
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
-
@nyanloutre Paul Trehiou <paul@nyanlout.re>
-
@vandenoever Jos van den Oever <jos@vandenoever.info>
-
@stigtsp Stig Palmquist <stig@stig.io>
-
@gador Florian Brandes <florian.brandes@posteo.de>
-
@yunfachi Yunfachi <yunfachi@gmail.com>