Nixpkgs security tracker

Permalink CVE-2011-4938

created 2 months ago Activity log

Created suggestion 2 months ago

Multiple cross-site scripting (XSS) vulnerabilities in Ariadne 2.7.6 allow remote …

Multiple cross-site scripting (XSS) vulnerabilities in Ariadne 2.7.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO parameter to (1) index.php and (2) loader.php.

References

http://www.rul3z.de/advisories/SSCHADV2011-038.txt x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/03/09/4 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/03/10/6 x_transferredx_refsource_MISC
http://bugs.ariadne-cms.org/view.php?id=277 x_transferredx_refsource_MISC
https://seclists.org/bugtraq/2011/Dec/7 x_transferredx_refsource_MISC

Affected products

Ariadne

==2.7.6

Matching in nixpkgs

pkgs.python312Packages.ariadne

Python library for implementing GraphQL servers using schema-first approach

nixos-25.11 0.27.0
- nixos-25.11-small 0.27.0
- nixpkgs-25.11-darwin 0.27.0

pkgs.python313Packages.ariadne

Python library for implementing GraphQL servers using schema-first approach

nixos-unstable 0.28.0
- nixpkgs-unstable 0.28.0
- nixos-unstable-small 0.28.0
nixos-25.11 0.27.0
- nixos-25.11-small 0.27.0
- nixpkgs-25.11-darwin 0.27.0

pkgs.python314Packages.ariadne

Python library for implementing GraphQL servers using schema-first approach

nixos-unstable 0.28.0
- nixpkgs-unstable 0.28.0
- nixos-unstable-small 0.28.0

Package maintainers

@samuela Samuel Ainsworth <skainsworth@gmail.com>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.python312Packages.ariadne

pkgs.python313Packages.ariadne

pkgs.python314Packages.ariadne

Package maintainers