Search criteria
4 vulnerabilities found for nixpkgs by NixOS
CVE-2025-64766 (GCVE-0-2025-64766)
Vulnerability from cvelistv5 – Published: 2025-11-17 21:38 – Updated: 2025-11-17 21:49
VLAI?
Title
NixOS has hardcoded credentials in Onlyoffice module
Summary
NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protect its file cache. An attacker with knowledge of an existing revision ID could use this secret to obtain a document. In practice, an arbitrary revision ID should be hard to obtain. The primary impact is likely the access to known documents from users with expired access. This issue was resolved in NixOS unstable version 25.11 and version 25.05.
Severity ?
5.3 (Medium)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-17T21:49:18.344553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T21:49:28.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nixpkgs",
"vendor": "NixOS",
"versions": [
{
"status": "affected",
"version": "\u003e= 22.11, \u003c 25.05"
},
{
"status": "affected",
"version": "\u003c Unstable 25.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NixOS\u0027s Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protect its file cache. An attacker with knowledge of an existing revision ID could use this secret to obtain a document. In practice, an arbitrary revision ID should be hard to obtain. The primary impact is likely the access to known documents from users with expired access. This issue was resolved in NixOS unstable version 25.11 and version 25.05."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798: Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T21:38:10.023Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/NixOS/nixpkgs/security/advisories/GHSA-58m4-5wg3-5g5v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/NixOS/nixpkgs/security/advisories/GHSA-58m4-5wg3-5g5v"
},
{
"name": "https://github.com/NixOS/nixpkgs/pull/462100",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/pull/462100"
},
{
"name": "https://github.com/NixOS/nixpkgs/pull/462204",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/pull/462204"
},
{
"name": "https://github.com/NixOS/nixpkgs/commit/8e74d05e3de4ee5ad320cd585a7e0f12a4730869",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/commit/8e74d05e3de4ee5ad320cd585a7e0f12a4730869"
},
{
"name": "https://github.com/NixOS/nixpkgs/commit/cec38dec00df26a901eb8b424d53bbb3bcc72eec",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/commit/cec38dec00df26a901eb8b424d53bbb3bcc72eec"
}
],
"source": {
"advisory": "GHSA-58m4-5wg3-5g5v",
"discovery": "UNKNOWN"
},
"title": "NixOS has hardcoded credentials in Onlyoffice module"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-64766",
"datePublished": "2025-11-17T21:38:10.023Z",
"dateReserved": "2025-11-10T22:29:34.877Z",
"dateUpdated": "2025-11-17T21:49:28.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32438 (GCVE-0-2025-32438)
Vulnerability from cvelistv5 – Published: 2025-04-15 19:57 – Updated: 2025-04-15 20:08
VLAI?
Title
Local privilege escalation in make-initrd-ng
Summary
make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled (the default) a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 and 25.05 / unstable. As a workaround, set systemd.shutdownRamfs.enable = false;.
Severity ?
8.8 (High)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T20:08:46.640080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T20:08:58.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nixpkgs",
"vendor": "NixOS",
"versions": [
{
"status": "affected",
"version": "\u003c b17590193d8e5697000c23c66afcf11e1753734d"
},
{
"status": "affected",
"version": "\u003c fbf76bf72b161b9f4ab97704a8258776d5f3ffba"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled (the default) a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 and 25.05 / unstable. As a workaround, set systemd.shutdownRamfs.enable = false;."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-378",
"description": "CWE-378: Creation of Temporary File With Insecure Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-379",
"description": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T19:57:04.668Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/NixOS/nixpkgs/security/advisories/GHSA-m7pq-h9p4-8rr4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/NixOS/nixpkgs/security/advisories/GHSA-m7pq-h9p4-8rr4"
},
{
"name": "https://github.com/NixOS/nixpkgs/commit/b17590193d8e5697000c23c66afcf11e1753734d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/commit/b17590193d8e5697000c23c66afcf11e1753734d"
},
{
"name": "https://github.com/NixOS/nixpkgs/commit/fbf76bf72b161b9f4ab97704a8258776d5f3ffba",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/commit/fbf76bf72b161b9f4ab97704a8258776d5f3ffba"
}
],
"source": {
"advisory": "GHSA-m7pq-h9p4-8rr4",
"discovery": "UNKNOWN"
},
"title": "Local privilege escalation in make-initrd-ng"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32438",
"datePublished": "2025-04-15T19:57:04.668Z",
"dateReserved": "2025-04-08T10:54:58.368Z",
"dateUpdated": "2025-04-15T20:08:58.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-64766 (GCVE-0-2025-64766)
Vulnerability from nvd – Published: 2025-11-17 21:38 – Updated: 2025-11-17 21:49
VLAI?
Title
NixOS has hardcoded credentials in Onlyoffice module
Summary
NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protect its file cache. An attacker with knowledge of an existing revision ID could use this secret to obtain a document. In practice, an arbitrary revision ID should be hard to obtain. The primary impact is likely the access to known documents from users with expired access. This issue was resolved in NixOS unstable version 25.11 and version 25.05.
Severity ?
5.3 (Medium)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-64766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-17T21:49:18.344553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T21:49:28.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nixpkgs",
"vendor": "NixOS",
"versions": [
{
"status": "affected",
"version": "\u003e= 22.11, \u003c 25.05"
},
{
"status": "affected",
"version": "\u003c Unstable 25.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NixOS\u0027s Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protect its file cache. An attacker with knowledge of an existing revision ID could use this secret to obtain a document. In practice, an arbitrary revision ID should be hard to obtain. The primary impact is likely the access to known documents from users with expired access. This issue was resolved in NixOS unstable version 25.11 and version 25.05."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798: Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T21:38:10.023Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/NixOS/nixpkgs/security/advisories/GHSA-58m4-5wg3-5g5v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/NixOS/nixpkgs/security/advisories/GHSA-58m4-5wg3-5g5v"
},
{
"name": "https://github.com/NixOS/nixpkgs/pull/462100",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/pull/462100"
},
{
"name": "https://github.com/NixOS/nixpkgs/pull/462204",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/pull/462204"
},
{
"name": "https://github.com/NixOS/nixpkgs/commit/8e74d05e3de4ee5ad320cd585a7e0f12a4730869",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/commit/8e74d05e3de4ee5ad320cd585a7e0f12a4730869"
},
{
"name": "https://github.com/NixOS/nixpkgs/commit/cec38dec00df26a901eb8b424d53bbb3bcc72eec",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/commit/cec38dec00df26a901eb8b424d53bbb3bcc72eec"
}
],
"source": {
"advisory": "GHSA-58m4-5wg3-5g5v",
"discovery": "UNKNOWN"
},
"title": "NixOS has hardcoded credentials in Onlyoffice module"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-64766",
"datePublished": "2025-11-17T21:38:10.023Z",
"dateReserved": "2025-11-10T22:29:34.877Z",
"dateUpdated": "2025-11-17T21:49:28.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32438 (GCVE-0-2025-32438)
Vulnerability from nvd – Published: 2025-04-15 19:57 – Updated: 2025-04-15 20:08
VLAI?
Title
Local privilege escalation in make-initrd-ng
Summary
make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled (the default) a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 and 25.05 / unstable. As a workaround, set systemd.shutdownRamfs.enable = false;.
Severity ?
8.8 (High)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32438",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T20:08:46.640080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T20:08:58.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "nixpkgs",
"vendor": "NixOS",
"versions": [
{
"status": "affected",
"version": "\u003c b17590193d8e5697000c23c66afcf11e1753734d"
},
{
"status": "affected",
"version": "\u003c fbf76bf72b161b9f4ab97704a8258776d5f3ffba"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled (the default) a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 and 25.05 / unstable. As a workaround, set systemd.shutdownRamfs.enable = false;."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-378",
"description": "CWE-378: Creation of Temporary File With Insecure Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-379",
"description": "CWE-379: Creation of Temporary File in Directory with Insecure Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T19:57:04.668Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/NixOS/nixpkgs/security/advisories/GHSA-m7pq-h9p4-8rr4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/NixOS/nixpkgs/security/advisories/GHSA-m7pq-h9p4-8rr4"
},
{
"name": "https://github.com/NixOS/nixpkgs/commit/b17590193d8e5697000c23c66afcf11e1753734d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/commit/b17590193d8e5697000c23c66afcf11e1753734d"
},
{
"name": "https://github.com/NixOS/nixpkgs/commit/fbf76bf72b161b9f4ab97704a8258776d5f3ffba",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NixOS/nixpkgs/commit/fbf76bf72b161b9f4ab97704a8258776d5f3ffba"
}
],
"source": {
"advisory": "GHSA-m7pq-h9p4-8rr4",
"discovery": "UNKNOWN"
},
"title": "Local privilege escalation in make-initrd-ng"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32438",
"datePublished": "2025-04-15T19:57:04.668Z",
"dateReserved": "2025-04-08T10:54:58.368Z",
"dateUpdated": "2025-04-15T20:08:58.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}