Nixpkgs Security Tracker

Permalink CVE-2022-50931

updated 1 week ago by @Scrumplex Activity log

Created automatic suggestion 1 week, 2 days ago
@Scrumplex dismissed 1 week ago

TeamSpeak 3.5.6 - Insecure File Permissions

TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries. Attackers can replace system executables like ts3client_win32.exe with custom files to potentially gain SYSTEM or Administrator-level access.

Affected products

TeamSpeak

==3.5.6

Matching in nixpkgs

pkgs.teamspeak3

TeamSpeak voice communication tool

nixos-unstable 3.6.2
- nixpkgs-unstable 3.6.2
- nixos-unstable-small 3.6.2
nixos-25.11 -
- nixos-25.11-small 3.6.2
- nixpkgs-25.11-darwin 3.6.2
nixos-25.05 3.6.2
- nixos-25.05-small 3.6.2
- nixpkgs-25.05-darwin 3.6.2

pkgs.teamspeak_server

TeamSpeak voice communication server

nixos-unstable 3.13.7
- nixpkgs-unstable 3.13.7
- nixos-unstable-small 3.13.7
nixos-25.11 -
- nixos-25.11-small 3.13.7
- nixpkgs-25.11-darwin 3.13.7
nixos-25.05 3.13.7
- nixos-25.05-small 3.13.7
- nixpkgs-25.05-darwin 3.13.7

pkgs.teamspeak6-client

TeamSpeak voice communication tool (beta version)

nixos-unstable 6.0.0-beta3.2
- nixpkgs-unstable 6.0.0-beta3.4
- nixos-unstable-small 6.0.0-beta3.4
nixos-25.11 -
- nixos-25.11-small 6.0.0-beta3.2
- nixpkgs-25.11-darwin 6.0.0-beta3.2
nixos-25.05 6.0.0-beta2
- nixos-25.05-small 6.0.0-beta2
- nixpkgs-25.05-darwin 6.0.0-beta2

Package maintainers

@lukegb Luke Granger-Brown <nix@lukegb.com>
@Atemu Atemu <nixpkgs@mail.atemu.net>
@nathanielbaxter Nathaniel Baxter <nathaniel.baxter@gmail.com>
@jojosch Johannes Schleifenbaum <johannes@js-webcoding.de>
@gepbird Gutyina Gergő <gutyina.gergo.2@gmail.com>
@Shados Alexei Robyn <shados@shados.net>
@Gerschtli Tobias Happ <tobias.happ@gmx.de>

All channels are patched.