NIXPKGS-2026-0917

GitHub issue published on

Permalink CVE-2026-32725

8.3 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): LOW

updated 1 week ago by @LeSuisse Activity log

Created automatic suggestion 1 week ago
@LeSuisse accepted 1 week ago
@LeSuisse published on GitHub 1 week ago

SciTokens C++: Relative Path Traversal Vulnerability

SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass when processing path-based scopes in tokens. The library normalizes the scope path from the token before authorization and collapses ".." path components instead of rejecting them. As a result, an attacker can use parent-directory traversal in the scope claim to broaden the effective authorization beyond the intended directory. This issue has been patched in version 1.4.1.

References

https://github.com/scitokens/scitokens-cpp/security/advisories/GHSA-rqcx-mc9w-pjxp x_refsource_CONFIRM
https://github.com/scitokens/scitokens-cpp/commit/7951ed809967d88c00c20de414b1ff74df8c3e08 x_refsource_MISC

Affected products

scitokens-cpp

==< 1.4.1

Matching in nixpkgs

pkgs.scitokens-cpp

A C++ implementation of the SciTokens library with a C library interface

nixos-unstable 1.3.0
- nixpkgs-unstable 1.3.0
- nixos-unstable-small 1.3.0
nixos-25.11 1.1.3
- nixos-25.11-small 1.1.3
- nixpkgs-25.11-darwin 1.1.3

Package maintainers

@lub-dub evey <nix@lubdub.nl>

Advisory: https://github.com/scitokens/scitokens-cpp/security/advisories/GHSA-rqcx-mc9w-pjxp
Patch: https://github.com/scitokens/scitokens-cpp/commit/7951ed809967d88c00c20de414b1ff74df8c3e08

Nixpkgs security tracker

Details of issue NIXPKGS-2026-0917

References

Affected products

Matching in nixpkgs

pkgs.scitokens-cpp

Package maintainers