NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Homebrew is a free and open-source software package management system that simplifies the installation of software on Apple's macOS operating system and Linux. The name is intended to suggest the idea of building software on the Mac depending on the user's taste. Originally written by Max Howell, the package manager has gained popularity in the Ruby on Rails community and earned praise for its extensibility.

Homebrew

Alpine Linux is a Linux distribution based on musl and BusyBox, designed for security, simplicity, and resource efficiency.

Linux Alpine

Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-12819	HIGH	8.1	NixOS	pgbouncer	No	Yes	Dec 03, 2025
CVE-2025-20777	MEDIUM	6.7	NixOS	android	No	No	Dec 02, 2025
CVE-2025-65105	MEDIUM	5.3	NixOS	apptainer	No	Yes	Dec 02, 2025
CVE-2025-20789	MEDIUM	4.4	NixOS	android	No	No	Dec 02, 2025
CVE-2025-20788	MEDIUM	4.4	NixOS	android	No	No	Dec 02, 2025

CVE-2021-36493:
NixOS vulnerability analysis and mitigation

Overview

Technical details

Impact

Mitigation and workarounds

Additional resources

7.5

Related NixOS vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2021-36493: NixOS vulnerability analysis and mitigation