Nixpkgs security tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2026-28889
6.2 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
updated 2 months ago by @LeSuisse Activity log
  • Created suggestion 2 months ago
  • @LeSuisse ignored
    13 packages
    • xcodes
    • xcodegen
    • xcode-install
    • rubyPackages.xcodeproj
    • rubyPackages_3_1.xcodeproj
    • rubyPackages_3_2.xcodeproj
    • rubyPackages_3_3.xcodeproj
    • rubyPackages_3_4.xcodeproj
    • rubyPackages_4_0.xcodeproj
    • darwin.xcodeProjectCheckHook
    • python312Packages.latexcodec
    • python313Packages.latexcodec
    • python314Packages.latexcodec
    2 months ago
  • @LeSuisse dismissed 2 months ago
A permissions issue was addressed with additional restrictions. This issue …

A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root.

Affected products

Xcode
  • <26.4
Ignored packages (13)

pkgs.xcodes

Command-line tool to install and switch between multiple versions of Xcode

pkgs.darwin.xcodeProjectCheckHook

None

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin 
Not for us, not directly managed by nixpkgs