{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-53819", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-07-09T14:14:52.529Z", "datePublished": "2025-07-14T20:42:12.818Z", "dateUpdated": "2025-07-15T19:50:28.259Z"}, "containers": {"cna": {"title": "Nix's privilege dropping to build user broke for macOS", "problemTypes": [{"descriptions": [{"cweId": "CWE-271", "lang": "en", "description": "CWE-271: Privilege Dropping / Lowering Errors", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.9, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg"}, {"name": "https://github.com/NixOS/nix/pull/13281", "tags": ["x_refsource_MISC"], "url": "https://github.com/NixOS/nix/pull/13281"}, {"name": "https://github.com/NixOS/nix/pull/13455", "tags": ["x_refsource_MISC"], "url": "https://github.com/NixOS/nix/pull/13455"}, {"name": "https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3", "tags": ["x_refsource_MISC"], "url": "https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3"}], "affected": [{"vendor": "NixOS", "product": "nix", "versions": [{"version": "= 2.30.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-07-14T20:42:12.818Z"}, "descriptions": [{"lang": "en", "value": "Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available."}], "source": {"advisory": "GHSA-qc7j-jgf3-qmhg", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-15T13:55:22.262473Z", "id": "CVE-2025-53819", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-15T19:50:28.259Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-53819", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-15T13:55:22.262473Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-15T13:27:06.474Z"}}], "cna": {"title": "Nix's privilege dropping to build user broke for macOS", "source": {"advisory": "GHSA-qc7j-jgf3-qmhg", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.9, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "NixOS", "product": "nix", "versions": [{"status": "affected", "version": "= 2.30.0"}]}], "references": [{"url": "https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg", "name": "https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/NixOS/nix/pull/13281", "name": "https://github.com/NixOS/nix/pull/13281", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/NixOS/nix/pull/13455", "name": "https://github.com/NixOS/nix/pull/13455", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3", "name": "https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-271", "description": "CWE-271: Privilege Dropping / Lowering Errors"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-07-14T20:42:12.818Z"}}}, "cveMetadata": {"cveId": "CVE-2025-53819", "state": "PUBLISHED", "dateUpdated": "2025-07-15T19:50:28.259Z", "dateReserved": "2025-07-09T14:14:52.529Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-07-14T20:42:12.818Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available."}, {"lang": "es", "value": "Nix es un gestor de paquetes para Linux y otros sistemas Unix. Las compilaciones con Nix 2.30.0 en macOS se ejecutaban con privilegios elevados (root), en lugar de los usuarios de la compilaci\u00f3n. La correcci\u00f3n se aplic\u00f3 a Nix 2.30.1. No se conocen soluciones alternativas."}], "id": "CVE-2025-53819", "lastModified": "2025-07-15T13:14:24.053", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.9, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 5.3, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-07-14T21:15:28.120", "references": [{"source": "[email protected]", "url": "https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3"}, {"source": "[email protected]", "url": "https://github.com/NixOS/nix/pull/13281"}, {"source": "[email protected]", "url": "https://github.com/NixOS/nix/pull/13455"}, {"source": "[email protected]", "url": "https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-271"}], "source": "[email protected]", "type": "Primary"}]}

{}