CVE-2025-53819

high

Description

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available.

References

https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg

https://github.com/NixOS/nix/pull/13455

https://github.com/NixOS/nix/pull/13281

https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3

Details

Source: Mitre, NVD

Published: 2025-07-14

Updated: 2025-07-15

Risk Information

CVSS v2

Base Score: 5.7

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:C/A:P

Severity: Medium

CVSS v3

Base Score: 7.9

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L

Severity: High

EPSS

EPSS: 0.00012

Detections

Analytics