The vulnerability of the Nix packet manager in Unix operating systems arises from improper restrictions on the path name of the restricted access directory. This allows a malicious user to re-record any files in the system.

The vulnerability of the Nix packet manager in Unix operating systems is related to an improper limitation on the path name of the restricted access directory. Exploiting this vulnerability allows a remote attacker to re-record any files in the system...

[SECURITY] Fedora 41 Update: libsndfile-1.2.2-5.fc41

libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on...

CVE-2024-52432

Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows Object Injection.This issue affects NIX Anti-Spam Light: from n/a through 0.0.4...

CVE-2024-52432

Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light nix-anti-spam-light allows Object Injection.This issue affects NIX Anti-Spam Light: from n/a through = 0.0.4...

CVE-2024-52432 WordPress NIX Anti-Spam Light plugin <= 0.0.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light nix-anti-spam-light allows Object Injection.This issue affects NIX Anti-Spam Light: from n/a through = 0.0.4...

CVE-2024-52432

CVE-2024-52432 concerns the WordPress NIX Anti-Spam Light plugin (versions

CVE-2024-52432 WordPress NIX Anti-Spam Light plugin <= 0.0.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light nix-anti-spam-light allows Object Injection.This issue affects NIX Anti-Spam Light: from n/a through = 0.0.4...

WordPress plugin NIX Anti-Spam Light 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

WordPress NIX Anti-Spam Light plugin <= 0.0.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin NIX Anti-Spam Light versions = 0.0.4...

WordPress NIX Anti-Spam Light Plugin <= 0.0.4 is vulnerable to PHP Object Injection

Software NIX Anti-Spam Light Type Plugin Vulnerable versions = 0.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52432 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID ce1317202bf3 Credits LVT-tholv2k Required privilege...

CVE-2024-51481

Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders such as builtin:fetchurl, exposed to users with import were not executed in the macOS sandbox. Thus, these builders which are running under the nixbld users had read access to world-readable paths and write...

CVE-2024-51481

Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders such as builtin:fetchurl, exposed to users with import were not executed in the macOS sandbox. Thus, these builders which are running under the nixbld users had read access to world-readable paths and write...

CVE-2024-51481 Nix allows macOS sandbox escape via built-in builders

Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders such as builtin:fetchurl, exposed to users with import were not executed in the macOS sandbox. Thus, these builders which are running under the nixbld users had read access to world-readable paths and write...

CVE-2024-51481 Nix allows macOS sandbox escape via built-in builders

Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders such as builtin:fetchurl, exposed to users with import were not executed in the macOS sandbox. Thus, these builders which are running under the nixbld users had read access to world-readable paths and write...

CVE-2024-51481

CVE-2024-51481 affects the Nix package manager. On macOS, built-in builders (e.g., builtin:fetchurl via import ) were not executed inside the macOS sandbox, allowing those builders (running as nixbld*) read access to world-readable paths and write access to world-writable paths outside the sandbo...

CVE-2024-51481

Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders such as builtin:fetchurl, exposed to users with import were not executed in the macOS sandbox. Thus, these builders which are running under the nixbld users had read access to world-readable paths and write...

CVE-2024-51481 Nix allows macOS sandbox escape via built-in builders

Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders such as builtin:fetchurl, exposed to users with import were not executed in the macOS sandbox. Thus, these builders which are running under the nixbld users had read access to world-readable paths and write...

PT-2024-34646 · Nix · Nix

Name of the Vulnerable Software and Affected Versions: Nix versions prior to 2.18.9 Nix versions prior to 2.19.7 Nix versions prior to 2.20.9 Nix versions prior to 2.21.5 Nix versions prior to 2.22.4 Nix versions prior to 2.23.4 Nix versions prior to 2.24.10 Description: The issue concerns the Ni...

Nix 安全漏洞

Nix is a powerful package manager from the Nix open source. It is used for making packages. Nix has a security vulnerability that stems from built-in builders on macOS that are not executed in the macOS sandbox, resulting in these builders being able to access globally readable paths and globally...

CVE-2024-47174

Nix is a package manager for Linux and other Unix systems. Starting in version 1.11 and prior to versions 2.18.8 and 2.24.8, did not verify TLS certificates on HTTPS connections. This could lead to connection details such as full URLs or credentials leaking in case of a man-in-the-middle MITM...