Vulnerability CVE-2024-36050


Published: 2024-05-18   Modified: 2024-05-19

Description:
Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request.

 References:
https://github.com/NixOS/nix/issues/969
https://github.com/NixOS/ofborg/issues/68#issuecomment-2082789441

Copyright 2026, cxsecurity.com

 

Back to Top