5 matches found
CVE-2025-64766
NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...
CVE-2025-64766 NixOS has hardcoded credentials in Onlyoffice module
NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...
CVE-2025-64766
The CVE describes a hard-coded secret in the NixOS module for OnlyOffice document server affecting OnlyOffice 22.11–25.05 (and pre-Unstable 25.11). A knowledge of an existing revision ID could allow an attacker to access documents protected by this secret, exposing known documents of users with e...
CVE-2025-64766 NixOS has hardcoded credentials in Onlyoffice module
NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...
CVE-2025-64766 NixOS has hardcoded credentials in Onlyoffice module
NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...