PT-2026-3477 · Sqlite+5 · Sqlite+5
Nixos-Discourse
·
Published
2026-01-19
·
Updated
2026-01-19
·
CVE-2026-23838
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Tandoor Recipes versions 23.05 through 26.05
Description
Tandoor Recipes is a recipe manager that, when installed with the Nix package manager and using the default configuration with SQLite and the default
MEDIA ROOT, may allow external access to the full database file, potentially on the Internet. This occurs because the NixOS module configures the working directory and the MEDIA ROOT value to /var/lib/tandoor-recipes, leading to the creation of the db.sqlite3 database file in a publicly accessible directory through HTTP, especially when GUNICORN MEDIA=1 is enabled or when using a web server like nginx to serve media files.Recommendations
Versions prior to 26.05 should move
MEDIA ROOT into a subdirectory.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unicorn
Nix
Nixos
Sqlite
Tandoor Recipes
Nginx