CVE-2025-53819

{"id": "CVE-2025-53819", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.9, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 5.3, "exploitabilityScore": 2.0}]}, "published": "2025-07-14T21:15:28.120", "references": [{"url": "https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3", "source": "security-advisories@github.com"}, {"url": "https://github.com/NixOS/nix/pull/13281", "source": "security-advisories@github.com"}, {"url": "https://github.com/NixOS/nix/pull/13455", "source": "security-advisories@github.com"}, {"url": "https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-271"}]}], "descriptions": [{"lang": "en", "value": "Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available."}, {"lang": "es", "value": "Nix es un gestor de paquetes para Linux y otros sistemas Unix. Las compilaciones con Nix 2.30.0 en macOS se ejecutaban con privilegios elevados (root), en lugar de los usuarios de la compilaci\u00f3n. La correcci\u00f3n se aplic\u00f3 a Nix 2.30.1. No se conocen soluciones alternativas."}], "lastModified": "2025-07-15T13:14:24.053", "sourceIdentifier": "security-advisories@github.com"}