Skip to main content

Nix

3 CVEs product

Monthly

CVE-2024-45593 HIGH PATCH This Week

Nix is a package manager for Linux and other Unix systems. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Nix
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2021-45707 Cargo CRITICAL PATCH Act Now

An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Nix
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2019-17365 HIGH POC This Week

Nix through 2.3 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Nix
NVD
CVSS 3.1
7.8
EPSS
0.4%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Nix is a package manager for Linux and other Unix systems. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Nix
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Nix
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

Nix through 2.3 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Nix
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy