A nsis security update has been released for Debian GNU/Linux 9 Extended LTS to address an access control issue.
ELA-891-1 nsis security update
Package : nsis
Version : 2.51-1+deb9u1
Related CVEs :
CVE-2023-37378
It was discovered that the Nullsoft Scriptable Install System (NSIS)
before version 3.09 mishandles access control for the uninstaller
directory.