Security Advisory

CVE-2025-32435

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-15 22:19:46

Last updated 2025-04-16 13:32:55

Assigner GitHub_M

State PUBLISHED

Description

Hydra is a Continuous Integration service for Nix based projects. Evaluation of untrusted non-flake nix code could potentially access secrets that are accessible by the hydra user/group. This should not affect the signing keys, that are owned by the hydra-queue-runner and hydra-www users respectively.

← Browse all CVEs View on cve.org ↗