94 matches found
[SECURITY] Fedora 42 Update: nix-2.31.5-1.fc42
Nix is a purely functional package manager. It allows multiple versions of a package to be installed side-by-side, ensures that dependency specifications are complete, supports atomic upgrades and rollbacks, allows non-root users to install software, and has many other features. It is the basis o...
[SECURITY] Fedora 43 Update: nix-2.31.5-1.fc43
Nix is a purely functional package manager. It allows multiple versions of a package to be installed side-by-side, ensures that dependency specifications are complete, supports atomic upgrades and rollbacks, allows non-root users to install software, and has many other features. It is the basis o...
[SECURITY] Fedora 42 Update: nix-2.31.4-1.fc42
Nix is a purely functional package manager. It allows multiple versions of a package to be installed side-by-side, ensures that dependency specifications are complete, supports atomic upgrades and rollbacks, allows non-root users to install software, and has many other features. It is the basis o...
[SECURITY] Fedora 43 Update: nix-2.31.4-1.fc43
Nix is a purely functional package manager. It allows multiple versions of a package to be installed side-by-side, ensures that dependency specifications are complete, supports atomic upgrades and rollbacks, allows non-root users to install software, and has many other features. It is the basis o...
DEBIAN-CVE-2026-39860
Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds typically the Nix daemon running as root in multi-user installations by following symlinks during...
Nix 安全漏洞
Nix is a package manager developed by Nix itself. There were security vulnerabilities in versions of Nix prior to 2.34.5, as well as versions before 2.33.4, 2.32.7, 2.31.4, 2.30.4, 2.29.3, and 2.28.6. These vulnerabilities stemmed from improper handling of symbolic links, which could lead to...
EUVD-2024-42296
Malicious code in bioql PyPI...
EUVD-2024-37395
Malicious code in bioql PyPI...
EUVD-2024-24524
Malicious code in bioql PyPI...
EUVD-2024-41529
Malicious code in bioql PyPI...
EUVD-2025-19378
Malicious code in bioql PyPI...
EUVD-2025-19426
Malicious code in bioql PyPI...
EUVD-2024-45355
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-45593
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6 allows a substituter or malicious user to craft a NAR that, when...
Linux Distros Unpatched Vulnerability : CVE-2025-52992
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build fails. This may allow arbitrary processes to modify the content...
Linux Distros Unpatched Vulnerability : CVE-2025-46416
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nix, Lix, and Guix package managers allow a bypass of build isolation in which a user can elevate their privileges to the build user account e.g., nixbld or...
Linux Distros Unpatched Vulnerability : CVE-2025-52991
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users...
CVE-2025-53819
Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges root, instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available...
CVE-2025-53819
Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges root, instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available...
CVE-2025-53819 Nix's privilege dropping to build user broke for macOS
Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges root, instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available...