Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged
Filter by:
With package: haskellPackages.cabal-rpm

Found 1 matching suggestions

View:
Compact
Detailed
Permalink CVE-2026-44604
7.0 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
created 3 days, 9 hours ago Activity log
  • Created suggestion 3 days, 9 hours ago
Rpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell command

A command injection vulnerability was discovered in the `rpmuncompress` utility of RPM. When extracting certain archive formats (ZIP, 7z, GEM) to a specified destination directory, the tool inserts the archive's top-level folder name into a shell command without properly sanitizing it. A specially crafted archive containing shell metacharacters in its folder name can execute arbitrary commands as the user running the extraction.

References

Affected products

rpm
rhcos
rust-bootupd
satellite/iop-puptoo-rhel9
satellite/iop-yuptoo-rhel9
pen-drive/pen-drive-scanner-rhel9
satellite/iop-insights-engine-rhel9

Matching in nixpkgs

pkgs.makerpm

Clean, simple RPM packager reimplemented completely from scratch

  • nixos-unstable 1.0
    • nixpkgs-unstable 1.0
    • nixos-unstable-small 1.0
  • nixos-25.11 1.0
    • nixos-25.11-small 1.0
    • nixpkgs-25.11-darwin 1.0

pkgs.rpm-ostree

Hybrid image/package system. It uses OSTree as an image format, and uses RPM as a component model

pkgs.rpmextract

Script to extract RPM archives

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin

Package maintainers