CNNVD-202507-1923 Information

CNNVD ID

CNNVD-202507-1923

Related CVE

CVE-2025-53819

• CNNVD Published: 2025-07-14

Description (Chinese)

Nix是Nix开源的一个强大的包管理器。用于制作包。 Nix 2.30.0版本存在安全漏洞，该漏洞源于macOS上构建时使用提升权限。

Description (English)

Nix is a powerful package manager for the Nix open source. For making bags. Nix 2.30.0 has a security loophole, which stems from the use of upgrades when built on the MacOS.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

NLB

Published

2025-07-14

Last Modified

2026-02-24

References

https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg https://github.com/NixOS/nix/pull/13455 https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3 https://github.com/NixOS/nix/pull/13281 https://access.redhat.com/security/cve/cve-2025-53819

Patch

https://nixos.org/download/