Nixpkgs Security Tracker

Untriaged

Permalink CVE-2025-33179

8.0 HIGH

CVSS version: 3.1
Attack vector (AV): ADJACENT_NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 3 weeks, 3 days ago

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in …

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might lead to escalation of privileges.

References

Affected products

NVOS

==All versions prior to 1.3 - 25.02.244
==All versions prior to 25.02.4282
==All versions prior to 25.02.5030

Cumulus Linux GA

==All versions prior to 5.14 (5.13.x, 5.12.x, and older GA versions)

Cumulus Linux LTS

==All versions prior to 5.11.4
==All versions prior to 5.9.4

Matching in nixpkgs

pkgs.convos

Convos is the simplest way to use IRC in your browser

nixos-unstable 8.05
- nixpkgs-unstable 8.05
- nixos-unstable-small 8.05
nixos-25.11 8.05
- nixos-25.11-small 8.05
- nixpkgs-25.11-darwin 8.05

Package maintainers

@stigtsp Stig Palmquist <stig@stig.io>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.convos

Package maintainers