Lucene search
+L

235 matches found

susecve
susecve
•added 2023/02/15 3:46 a.m.•2 views

SUSE CVE-2021-21374

Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, "nimble refresh" fetches a list of Nimble packages over HTTPS without full verification of the SSL/TLS certificate due to the default setting of httpClient. An attacker able to...

8.1CVSS8.3AI score0.01044EPSS
Exploits1References7
susecve
susecve
•added 2023/02/15 3:43 a.m.•4 views

SUSE CVE-2021-29495

Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set "verifyMode = CVerifyPeer" as documented...

7.5CVSS7.5AI score0.00491EPSS
Exploits0References5
susecve
susecve
•added 2023/02/15 3:35 a.m.•8 views

SUSE CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS5.8AI score0.00537EPSS
Exploits0References3
nvd
nvd
•added 2023/01/13 6:15 a.m.•26 views

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS6AI score0.00537EPSS
Exploits0References5
osv
osv
•added 2023/01/13 6:15 a.m.•5 views

DEBIAN-CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS6AI score0.00537EPSS
Exploits0References1
osv
osv
•added 2023/01/13 6:15 a.m.•24 views

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS6AI score
Exploits0References5
prion
prion
•added 2023/01/13 6:15 a.m.•15 views

Design/Logic Flaw

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

5.8CVSS5.9AI score0.00537EPSS
Exploits0References5Affected Software2
osv
osv
•added 2023/01/13 6:15 a.m.•42 views

UBUNTU-CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS5.7AI score0.00537EPSS
Exploits0References7
cnnvd
cnnvd
•added 2023/01/13 12:0 a.m.•4 views

Nim 跨站脚本漏洞

Nim is a statically typed programming language from the Nim community. A security vulnerability exists in versions of Nim prior to 1.6.2. An attacker exploited the vulnerability to perform a cross-site scripting attack...

6.1CVSS5.9AI score0.00537EPSS
Exploits0References6
cve
cve
•added 2023/01/13 12:0 a.m.•49 views

CVE-2021-46872

The CVE describes an issue in Nim before 1.6.2 where the RST module of the Nim stdlib (used by NimForum and other products) permits the javascript: URI scheme, enabling potential XSS in affected applications. The fixed version is Nim 1.6.2 and later; NimForum 2.2.0 is explicitly fixed. Some backp...

6.1CVSS5.9AI score0.00537EPSS
Exploits0References5Affected Software2
cvelist
cvelist
•added 2023/01/13 12:0 a.m.•28 views

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1AI score0.00537EPSS
Exploits0References5
ptsecurity
ptsecurity
•added 2023/01/13 12:0 a.m.•6 views

PT-2023-12595 ¡ Nim +2 ¡ Nim +2

Name of the Vulnerable Software and Affected Versions: Nim versions prior to 1.6.2 NimForum versions prior to 2.2.0 Description: An issue in the RST module of the Nim language stdlib allows the javascript: URI scheme, potentially leading to XSS in some applications. Recommendations: For Nim...

6.1CVSS6AI score0.00537EPSS
Exploits0References15
ubuntucve
ubuntucve
•added 2023/01/13 12:0 a.m.•22 views

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS6.3AI score0.00537EPSS
Exploits0References6
vulnrichment
vulnrichment
•added 2023/01/13 12:0 a.m.•8 views

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6AI score0.00537EPSS
Exploits0References5
debiancve
debiancve
•added 2023/01/13 12:0 a.m.•40 views

CVE-2021-46872

An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...

6.1CVSS6AI score0.00537EPSS
Exploits0
kitploit
kitploit
•added 2022/09/11 11:30 a.m.•37 views

Nim-RunPE - A Nim Implementation Of Reflective PE-Loading From Memory

A Nim implementation of reflective PE-Loading from memory. The base for this code was taken from RunPE-In-Memory - which I ported to Nim. You'll need to install the following dependencies: nimble install ptrmath winim I did test this with Nim Version 1.6.2 only, so use that version for testing or...

7.4AI score
Exploits0References3
nessus
nessus
•added 2022/08/28 12:0 a.m.•35 views

openSUSE 15 Security Update : nim (openSUSE-SU-2022:10101-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10101-1 advisory. Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692...

10CVSS7.2AI score0.04205EPSS
Exploits7References26
osv
osv
•added 2022/08/27 12:33 p.m.•7 views

OPENSUSE-SU-2022:10101-1 Security update for nim

This update for nim fixes the following issues: Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692 mishandle of argument to browsers.openDefaultBrowser boo1175332, CVE-2020-15694 httpClient.get.contentLength...

10CVSS7.4AI score0.04205EPSS
Exploits7References19
opensuse
opensuse
•added 2022/08/27 12:0 a.m.•42 views

Security update for nim (important)

openSUSE Security Update: Security update for nim Announcement ID: openSUSE-SU-2022:10101-1 Rating: important References: 1175332 1175333 1175334 1181705 1185083 1185084 1185085 1185948 1192712 Cross-References: CVE-2020-15690 CVE-2020-15692 CVE-2020-15693 CVE-2020-15694 CVE-2021-21372...

10CVSS6.8AI score0.04205EPSS
Exploits7References9
osv
osv
•added 2022/08/24 2:33 a.m.•3 views

OPENSUSE-SU-2022:10095-1 Security update for nim

This update for nim fixes the following issues: Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692 mishandle of argument to browsers.openDefaultBrowser boo1175332, CVE-2020-15694 httpClient.get.contentLength...

10CVSS8.1AI score0.04205EPSS
Exploits7References19
Rows per page
Query Builder