{"id":"CVE-2021-45707","details":"An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups.","aliases":["GHSA-76w9-p8mg-j927","GHSA-wgrg-5h56-jg27","RUSTSEC-2021-0119"],"modified":"2026-05-13T03:44:30.422052625Z","published":"2021-12-27T00:15:09.940Z","related":["CGA-9j3m-m6mx-xfp9","GHSA-wgrg-5h56-jg27"],"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-wgrg-5h56-jg27"},{"type":"ADVISORY","url":"https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/nix/RUSTSEC-2021-0119.md"},{"type":"REPORT","url":"https://rustsec.org/advisories/RUSTSEC-2021-0119.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nix-rust/nix","events":[{"introduced":"aaa4595b2b71745da8e2e7d2958687fae93fad13"},{"fixed":"72d805a3eb307dbd4982d35a00c8e971977da25d"},{"introduced":"db2af196c9c279f8bb4856c5eff1e2b658fcf2ff"},{"fixed":"fee8904546f1422add14824394efa7f389c51693"},{"introduced":"5dd14c39b88fb6eb25ad670435d1a79ba294b21e"},{"fixed":"124ed60877c52cb38ad5533815720a278e50876f"}],"database_specific":{"versions":[{"introduced":"0.16.0"},{"fixed":"0.20.2"},{"introduced":"0.21.0"},{"fixed":"0.21.2"},{"introduced":"0.22.0"},{"fixed":"0.22.2"}]}}],"versions":["v0.16.0","v0.16.1","v0.17.0","v0.18.0","v0.19.0","v0.20.0","v0.20.1","v0.21.0","v0.21.1","v0.22.0","v0.22.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45707.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}