CVE-2025-32435

Published
View on NVD ↗
CVSS v3
2.6
LOW
CVSS v2
N/A
Affected
3
PROJECTS

Description

Hydra is a Continuous Integration service for Nix based projects. Evaluation of untrusted non-flake nix code could potentially access secrets that are accessible by the hydra user/group. This should not affect the signing keys, that are owned by the hydra-queue-runner and hydra-www users respectively.

NixOS/nixpkgs
NixOS/nixpkgs
Nix Packages collection & NixOS
GitHubGitHub
25K
NixOS/hydra
NixOS/hydra
Hydra, the Nix-based continuous build system [maintainers=@dasj,@Ericson2314]
GitHubGitHub
1.49K
NixOS/nix-eval-jobs
NixOS/nix-eval-jobs
Parallel nix evaluator with a streamable json output [maintainers @Mic92, @adisbladis]
GitHubGitHub
251