Nixpkgs security tracker
Untriaged
Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution). This issue affects CrafterCMS: from 4.0.0 through 4.2.2.
Affected products
Studio
- <4.3.0
Matching in nixpkgs
pkgs.rstudio
Set of integrated tools for the R language
-
nixos-unstable 2025.05.0+496
- nixpkgs-unstable 2025.05.0+496
- nixos-unstable-small 2025.05.0+496
pkgs.rstudio-server
Set of integrated tools for the R language
-
nixos-unstable 2025.05.0+496
- nixpkgs-unstable 2025.05.0+496
- nixos-unstable-small 2025.05.0+496
pkgs.rstudioWrapper
None
-
nixos-unstable 2025.05.0+496-wrapper
- nixpkgs-unstable 2025.05.0+496-wrapper
- nixos-unstable-small 2025.05.0+496-wrapper
pkgs.rstudioServerWrapper
None
-
nixos-unstable 2025.05.0+496-wrapper
- nixpkgs-unstable 2025.05.0+496-wrapper
- nixos-unstable-small 2025.05.0+496-wrapper
pkgs.vscode-extensions.visualstudiotoolsforunity.vstuc
Integrates Visual Studio Code for Unity
pkgs.vscode-extensions.visualstudioexptteam.vscodeintellicode
AI-assisted development
pkgs.vscode-extensions.visualstudioexptteam.intellicode-api-usage-examples
See relevant code examples from GitHub for over 100K different APIs right in your editor
Package maintainers
-
@cfhammill Chris Hammill <cfhammill@gmail.com>
-
@ciil Simon Lackerbauer <simon@lackerbauer.com>
-
@TheMaxMur Maxim Muravev <muravjev.mak@yandex.ru>
-
@mibmo mib <mib@kanp.ai>