Nixpkgs security tracker

Untriaged

Permalink CVE-2025-62962

8.8 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 2 months, 4 weeks ago

WordPress CloudSearch plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Andrea Landonio CloudSearch cloud-search allows Stored XSS.This issue affects CloudSearch: from n/a through <= 3.0.0.

References

Affected products

cloud-search

=<<= 3.0.0

Matching in nixpkgs

pkgs.haskellPackages.gogol-cloudsearch

Google Cloud Search SDK

nixos-unstable 1.0.0
- nixpkgs-unstable 1.0.0
- nixos-unstable-small 1.0.0
nixos-25.11 1.0.0
- nixpkgs-25.11-darwin 1.0.0

pkgs.haskellPackages.amazonka-cloudsearch

Amazon CloudSearch SDK

nixos-unstable 2.0
- nixpkgs-unstable 2.0
- nixos-unstable-small 2.0
nixos-25.11 2.0-unstable-2025-04-16
- nixpkgs-25.11-darwin 2.0-unstable-2025-04-16

pkgs.python312Packages.mypy-boto3-cloudsearch

Type annotations for boto3 cloudsearch

nixos-unstable boto3-cloudsearch-1.40.0
- nixpkgs-unstable boto3-cloudsearch-1.40.0
- nixos-unstable-small boto3-cloudsearch-1.40.0
nixos-25.11 boto3-cloudsearch-1.41.0
- nixpkgs-25.11-darwin boto3-cloudsearch-1.41.0

pkgs.python313Packages.mypy-boto3-cloudsearch

Type annotations for boto3 cloudsearch

nixos-unstable boto3-cloudsearch-1.40.0
- nixpkgs-unstable boto3-cloudsearch-1.40.0
- nixos-unstable-small boto3-cloudsearch-1.40.0
nixos-25.11 boto3-cloudsearch-1.41.0
- nixpkgs-25.11-darwin boto3-cloudsearch-1.41.0

pkgs.haskellPackages.amazonka-cloudsearch-domains

Amazon CloudSearch Domain SDK

nixos-unstable 2.0
- nixpkgs-unstable 2.0
- nixos-unstable-small 2.0
nixos-25.11 2.0-unstable-2025-04-16
- nixpkgs-25.11-darwin 2.0-unstable-2025-04-16