Nixpkgs Security Tracker

Untriaged

Permalink CVE-2022-50931

created 7 hours ago

TeamSpeak 3.5.6 - Insecure File Permissions

TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries. Attackers can replace system executables like ts3client_win32.exe with custom files to potentially gain SYSTEM or Administrator-level access.

Affected products

TeamSpeak

==3.5.6

Matching in nixpkgs

pkgs.teamspeak3

TeamSpeak voice communication tool

nixos-unstable -
- nixpkgs-unstable 3.6.2
- nixos-unstable-small 3.6.2
nixos-25.11 3.6.2
- nixpkgs-25.11-darwin 3.6.2
nixos-25.05 -
- nixos-25.05-small 3.6.2

pkgs.teamspeak_client

TeamSpeak voice communication tool

nixos-unstable 3.6.2

pkgs.teamspeak_server

TeamSpeak voice communication server

nixos-unstable 3.13.7
- nixpkgs-unstable 3.13.7
- nixos-unstable-small 3.13.7
nixos-25.11 3.13.7
- nixpkgs-25.11-darwin 3.13.7
nixos-25.05 -
- nixos-25.05-small 3.13.7

pkgs.teamspeak6-client

TeamSpeak voice communication tool (beta version)

nixos-unstable 6.0.0-beta2
- nixpkgs-unstable 6.0.0-beta3.4
- nixos-unstable-small 6.0.0-beta3.4
nixos-25.11 6.0.0-beta3.2
- nixpkgs-25.11-darwin 6.0.0-beta3.2
nixos-25.05 -
- nixos-25.05-small 6.0.0-beta2

Package maintainers

@lukegb Luke Granger-Brown <nix@lukegb.com>
@nathanielbaxter Nathaniel Baxter <nathaniel.baxter@gmail.com>
@Atemu Atemu <nixpkgs@mail.atemu.net>
@jojosch Johannes Schleifenbaum <johannes@js-webcoding.de>
@gepbird Gutyina Gergő <gutyina.gergo.2@gmail.com>
@Gerschtli Tobias Happ <tobias.happ@gmx.de>
@Shados Alexei Robyn <shados@shados.net>