NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Line is a popular communication app originating from Japan that offers free texting, voice and video calls, as well as chat communities, social networking features, and a wide range of stickers and emoticons. It provides a platform for secure and convenient communication in both personal and professional contexts. Additional features include a timeline to share moments, ability to follow official accounts for special coupons and updates, and the availability of games, shopping, and more within the app.

Line

LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of network traffic, which could allow a network-adjacent attacker to intercept or modify encrypted communications.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-14022	MEDIUM	6.8	NixOS	line	No	Yes	Dec 15, 2025
CVE-2025-67734	MEDIUM	5.1	NixOS	learning	No	Yes	Dec 12, 2025
CVE-2025-14023	MEDIUM	4.3	NixOS	line	No	Yes	Dec 15, 2025
CVE-2025-14021	MEDIUM	4.3	NixOS	cpe:2.3:a:linecorp:line	No	Yes	Dec 15, 2025
CVE-2025-14020	MEDIUM	4.3	NixOS	line	No	Yes	Dec 15, 2025

CVE-2025-14022:
NixOS vulnerability analysis and mitigation

6.8

Related NixOS vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-14022: NixOS vulnerability analysis and mitigation