From 39f2cce8ca14af5767715a7a8807498d232fe761 Mon Sep 17 00:00:00 2001
From: Francesco Gazzetta <fgaz@fgaz.me>
Date: Sat, 21 May 2022 17:18:38 +0200
Subject: [PATCH] zeronet: mark as vulnerable

---
 pkgs/applications/networking/p2p/zeronet/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkgs/applications/networking/p2p/zeronet/default.nix b/pkgs/applications/networking/p2p/zeronet/default.nix
index 19da740938c..02b0c91e2da 100644
--- a/pkgs/applications/networking/p2p/zeronet/default.nix
+++ b/pkgs/applications/networking/p2p/zeronet/default.nix
@@ -37,5 +37,9 @@ python3Packages.buildPythonApplication rec {
     homepage = "https://zeronet.io/";
     license = licenses.gpl2;
     maintainers = with maintainers; [ fgaz ];
+    knownVulnerabilities = [ ''
+      Unmaintained. Probable XSS/code injection vulnerability.
+      Switching to the maintained zeronet-conservancy package is recommended
+    '' ];
   };
 }