Количество 5
Количество 5
CVE-2025-52991
The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data manipulation. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b.
CVE-2025-52991
The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data manipulation. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b.
CVE-2025-52991
The Nix, Lix, and Guix package managers default to using temporary bui ...
GHSA-8vh4-gppm-m3jm
The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data manipulation. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b.
BDU:2025-07756
Уязвимость пакетных менеджеров Nix, Lix и Guix, связанная с недостатками разграничения доступа, позволяющая нарушителю получить доступ на чтение и изменение данных
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-52991 The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data manipulation. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b. | CVSS3: 3.2 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-52991 The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data manipulation. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b. | CVSS3: 3.2 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-52991 The Nix, Lix, and Guix package managers default to using temporary bui ... | CVSS3: 3.2 | 0% Низкий | около 2 месяцев назад |
| GHSA-8vh4-gppm-m3jm The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data manipulation. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b. | CVSS3: 3.2 | 0% Низкий | около 2 месяцев назад |
 | BDU:2025-07756 Уязвимость пакетных менеджеров Nix, Lix и Guix, связанная с недостатками разграничения доступа, позволяющая нарушителю получить доступ на чтение и изменение данных | CVSS3: 3.2 | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу