Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2025-15343

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 2 months, 1 week ago Activity log

Created suggestion 2 months, 1 week ago

Tanium addressed an incorrect default permissions vulnerability in Enforce.

Tanium addressed an incorrect default permissions vulnerability in Enforce.

References

TAN-2025-032

Affected products

Enforce

<2.9.574
<2.8.601
<2.7.367

Matching in nixpkgs

pkgs.haskellPackages.wai-enforce-https

Enforce HTTPS in Wai server app safely

nixos-unstable 1.0.0.0
- nixpkgs-unstable 1.0.0.0
- nixos-unstable-small 1.0.0.0
nixos-25.11 1.0.0.0
- nixpkgs-25.11-darwin 1.0.0.0

pkgs.python312Packages.lm-format-enforcer

Enforce the output format (JSON Schema, Regex etc) of a language model

nixos-unstable 0.10.11
nixos-25.11 0.11.3
- nixpkgs-25.11-darwin 0.11.3

pkgs.python313Packages.lm-format-enforcer

Enforce the output format (JSON Schema, Regex etc) of a language model

nixos-unstable 0.10.11
- nixpkgs-unstable 0.11.3
- nixos-unstable-small 0.11.3
nixos-25.11 0.11.3
- nixpkgs-25.11-darwin 0.11.3

pkgs.python314Packages.lm-format-enforcer

Enforce the output format (JSON Schema, Regex etc) of a language model

nixos-unstable -
- nixpkgs-unstable 0.11.3
- nixos-unstable-small 0.11.3

pkgs.vimPlugins.nvim-treesitter-parsers.enforce

None

nixos-unstable -
- nixpkgs-unstable 0.0.0+rev=eb27968
- nixos-unstable-small 0.0.0+rev=eb27968
nixos-25.11 -
- nixpkgs-25.11-darwin

Package maintainers

@cfhammill Chris Hammill <cfhammill@gmail.com>