Nixpkgs security tracker

Permalink CVE-2025-33244

9.0 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Adjacent (A)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Adjacent (A)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 2 months ago Activity log

Created suggestion 2 months ago

NVIDIA APEX for Linux contains a vulnerability where an unauthorized …

NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, data tampering, and information disclosure.

References

Affected products

Apex

==All versions that do not include commit db8e053

Matching in nixpkgs

pkgs.vimPlugins.nvim-treesitter-parsers.apex

None

nixos-unstable 0.0.0+rev=3597575
- nixpkgs-unstable 0.0.0+rev=3597575
- nixos-unstable-small 0.0.0+rev=3597575
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.home-assistant-custom-lovelace-modules.apexcharts-card

A Lovelace card to display advanced graphs and charts based on ApexChartsJS for Home Assistant

nixos-unstable 2.2.3
- nixpkgs-unstable 2.2.3
- nixos-unstable-small 2.2.3
nixos-25.11 2.2.3
- nixos-25.11-small 2.2.3
- nixpkgs-25.11-darwin 2.2.3

Package maintainers

@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>