36 matches found
CVE-2019-18192
GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable, a similar issue to CVE-2019-17365...
EUVD-2017-1582
Malware in sbrugna...
EUVD-2019-7995
Malware in sbrugna...
EUVD-2024-45958
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-59378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the...
UBUNTU-CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
GNU Guix 安全漏洞
GNU Guix is an open source, cross-platform package manager from the GNU community in the United States. A security vulnerability exists in versions of GNU Guix prior to 1618ca7, which stems from the fact that the content-addressed-mirrors file can be written to create the setuid program,...
CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
Nix、lix和GNU Guix 安全漏洞
GNU Guix is a product of the United States et all is a product of the United States GNU community. gnu guix is an open source, cross-platform program package manager. lix et all is a product of the lix open source. lix is a package manager. nix et all is a product of the nix open source. nix is a...
Nix、lix和GNU Guix 竞争条件问题漏洞
GNU Guix is a product of the U.S. et all is a product of the U.S. GNU community.GNU Guix is an open source, cross-platform program package manager. lix et all is a product of the lix open source.lix is a package manager.Nix et all is a product of the Nix open source.Nix is a powerful package...
CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...
Gnu Guix Elevation of Privilege Vulnerability
Gnu Guix is an open source, cross-platform package manager for the GNU community. Gnu Guix suffers from an elevation of privilege vulnerability that stems from allowing privilege escalation, where a local user can access the build output. No details of the vulnerability are provided at this time...
[SECURITY] [DLA 3959-1] guix security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3959-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 19, 2024 https://wiki.debian.org/LTS -...
CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...
CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...
CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...
CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...
CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...