CVE-2026-44029_CVE-2026-44029

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Description

An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 (introduced in 2.24.7);

Basic Information

ID CVE-2026-44029

Source mitre

Published May 5, 2026 at 00:51

Modified May 5, 2026 at 00:58

Affected Product

Vendor NixOS

Product Nix

Version 2.24.7

Affected Versions NixOS Nix 2.24.7
NixOS Nix 2.29.0
NixOS Nix 2.30.0
NixOS Nix 2.31.0
NixOS Nix 2.32.0
NixOS Nix 2.33.0
NixOS Nix 2.34.0

CWE Classification

CWE-36

References

{
    "lastseen": "",
    "description": "An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via \"nix-prefetch-url --unpack\" or \"nix store prefetch-file --unpack\" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 (introduced in 2.24.7);",
    "published": "2026-05-05T00:51:05.533Z",
    "modified": "2026-05-05T00:58:14.984Z",
    "type": "cve",
    "title": "CVE-2026-44029",
    "source": "mitre",
    "references": "https://discourse.nixos.org/t/security-advisory-local-privilege-escalation-in-lix-and-nix/77407\nhttps://www.openwall.com/lists/oss-security/2026/05/04/33\nhttps://github.com/NixOS/nix/security/advisories/GHSA-gr92-w2r5-qw5p",
    "id": "CVE-2026-44029",
    "bulletinFamily": "",
    "cwe": [
        "CWE-36"
    ],
    "cvelist": null,
    "sourceData": "NixOS Nix 2.24.7\nNixOS Nix 2.29.0\nNixOS Nix 2.30.0\nNixOS Nix 2.31.0\nNixOS Nix 2.32.0\nNixOS Nix 2.33.0\nNixOS Nix 2.34.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Nix",
    "version": "2.24.7",
    "vendor": "NixOS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}