Nixpkgs security tracker
8.7 HIGH
- CVSS version (CVSS): 4.0
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Attack Requirement (AT): None (N)
- Privileges Required (PR): Low (L)
- User Interaction (UI): None (N)
- Vulnerable System Impact Confidentiality (VC): High (H)
- Vulnerable System Impact Integrity (VI): High (H)
- Vulnerable System Impact Availability (VA): High (H)
- Subsequent System Impact Confidentiality (SC): None (N)
- Subsequent System Impact Integrity (SI): None (N)
- Subsequent System Impact Availability (SA): None (N)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Attack Requirement (MAT): None (N)
- Modified Privileges Required (MPR): Low (L)
- Modified User Interaction (MUI): None (N)
- Modified Vulnerable System Impact Confidentiality (MVC): High (H)
- Modified Vulnerable System Impact Integrity (MVI): High (H)
- Modified Vulnerable System Impact Availability (MVA): High (H)
- Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
- Modified Subsequent System Impact Integrity (MSI): Negligible (N)
- Modified Subsequent System Impact Availability (MSA): Negligible (N)
- Safety (S): Not Defined (X)
- Automatable (AU): Not Defined (X)
- Recovery (R): Not Defined (X)
- Value Density (V): Not Defined (X)
- Vulnerability Response Effort (RE): Not Defined (X)
- Provider Urgency (U): Not Defined (X)
- Confidentiality Req. (CR): Not Defined (X)
- Integrity Req. (IR): Not Defined (X)
- Availability Req. (AR): Not Defined (X)
- Exploit Maturity (E): Not Defined (X)
Activity log
- Created suggestion
Ghidra < 12.1 - Authentication Bypass via Null Signature in PKIAuthenticationModule
Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate() that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify repository access controls, exfiltrate shared reverse engineering databases, and permanently compromise server integrity.
References
-
GitHub Security Advisory (GHSA-5wxq-7qpv-65p2) vendor-advisory
-
Patch Commit (1) patch
-
Patch Commit (2) patch
-
https://www.vulncheck.com/advisories/ghidra-authentication-bypass-via-null-sign… third-party-advisory
Affected products
- <12.1
- ==12.1
Matching in nixpkgs
pkgs.ghidra
Software reverse engineering (SRE) suite of tools
pkgs.ghidra-bin
Software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission
pkgs.rizinPlugins.rz-ghidra
Deep ghidra decompiler and sleigh disassembler integration for rizin
pkgs.cutterPlugins.rz-ghidra
Deep ghidra decompiler and sleigh disassembler integration for rizin
pkgs.ghidra-extensions.ret-sync
Reverse-Engineering Tools SYNChronization. Allows syncing between a debugging session and Ghidra
-
nixos-unstable 0-unstable-2024-05-29
- nixpkgs-unstable 0-unstable-2024-05-29
- nixos-unstable-small 0-unstable-2024-05-29
-
nixos-26.05 0-unstable-2024-05-29
- nixos-26.05-small 0-unstable-2024-05-29
- nixpkgs-26.05-darwin 0-unstable-2024-05-29
pkgs.python313Packages.pyghidra
Native CPython for Ghidra
pkgs.python314Packages.pyghidra
Native CPython for Ghidra
pkgs.python313Packages.ghidra-bridge
Python bridge to Ghidra's Python scripting
pkgs.python314Packages.ghidra-bridge
Python bridge to Ghidra's Python scripting
pkgs.ghidra-extensions.ghidra-firmware-utils
Ghidra utilities for analyzing PC firmware
-
nixos-unstable 2026.01.14
- nixpkgs-unstable 2026.01.14
- nixos-unstable-small 2026.01.14
-
nixos-26.05 2026.01.14
- nixos-26.05-small 2026.01.14
- nixpkgs-26.05-darwin 2026.01.14
pkgs.ghidra-extensions.ghidra-delinker-extension
Ghidra extension for delinking executables back to object files
pkgs.ghidra-extensions.ghidraninja-ghidra-scripts
Scripts for the Ghidra software reverse engineering suite
-
nixos-unstable 2020-10-07
- nixpkgs-unstable 2020-10-07
- nixos-unstable-small 2020-10-07
-
nixos-26.05 2020-10-07
- nixos-26.05-small 2020-10-07
- nixpkgs-26.05-darwin 2020-10-07
Package maintainers
-
@chayleaf Anna Pavlyuk <chayleaf-nix@pavluk.org>
-
@roblabla Robin Lambertz <robinlambertz+dev@gmail.com>
-
@vringar Stefan Zabka <git@zabka.it>
-
@ck3d Christian Kögler <ck3d@gmx.de>
-
@GovanifY Gauvain 'GovanifY' Roussel-Tarbouriech <gauvain@govanify.com>
-
@Mic92 Jörg Thalheim <joerg@thalheim.io>
-
@hexadecimalDinosaur Ivy Fan-Chiang <dev@ivyfanchiang.ca>
-
@jchv John Chadwick <johnwchadwick@gmail.com>
-
@timschumi Tim Schumacher <timschumi@gmx.de>
-
@spencerpogo Spencer Pogorzelski
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>