4 matches found
openSUSE 15 Security Update : nim (openSUSE-SU-2022:10101-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10101-1 advisory. Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692...
OPENSUSE-SU-2022:10095-1 Security update for nim
This update for nim fixes the following issues: Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692 mishandle of argument to browsers.openDefaultBrowser boo1175332, CVE-2020-15694 httpClient.get.contentLength...
CVE-2020-15692
In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. This argument can be a local file path that will be opened in the default explorer. An attacker can pass one argument to the underlying open command to execute arbitrary registered system...
CVE-2020-15692
CVE-2020-15692 refers to Nim 1.2.4, where the standard library’s browsers.openDefaultBrowser mishandles the URL argument, allowing an attacker to pass a single argument to the open command that can execute arbitrary commands. Connected advisories and OSV entries document this as a Nim security is...