Lucene search
+L

8 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.5 views

SUSE CVE-2021-21372

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger...

8.8CVSS9.1AI score0.03635EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2022/08/28 12:0 a.m.35 views

openSUSE 15 Security Update : nim (openSUSE-SU-2022:10101-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10101-1 advisory. Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692...

10CVSS7.2AI score0.04205EPSS
Exploits7References26
OSV
OSV
added 2022/08/24 2:33 a.m.3 views

OPENSUSE-SU-2022:10095-1 Security update for nim

This update for nim fixes the following issues: Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692 mishandle of argument to browsers.openDefaultBrowser boo1175332, CVE-2020-15694 httpClient.get.contentLength...

10CVSS8.1AI score0.04205EPSS
Exploits7References19
OpenVAS
OpenVAS
added 2021/04/27 12:0 a.m.26 views

openSUSE: Security Advisory for nim (openSUSE-SU-2021:0618-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.2AI score0.03635EPSS
Exploits3References2
OSV
OSV
added 2021/03/26 10:15 p.m.21 views

CVE-2021-21372

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger...

8.8CVSS7.6AI score
Exploits0References4
Cvelist
Cvelist
added 2021/03/26 9:20 p.m.32 views

CVE-2021-21372 Nimble arbitrary code execution for specially crafted package metadata

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger...

8.3CVSS9.1AI score0.03635EPSS
Exploits1References4
CVE
CVE
added 2021/03/26 9:20 p.m.192 views

CVE-2021-21372

CVE-2021-21372 concerns Nimble, the Nim package manager. In Nimble releases before 1.2.10 and 1.4.4, the doCmd usage is vulnerable: an attacker can craft a malicious entry in the packages.json package list to trigger code execution. The advisory notes this as a vulnerable path via Nimble’s handli...

8.8CVSS8.8AI score0.03635EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2021/03/26 9:20 p.m.32 views

CVE-2021-21372

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger...

8.8CVSS9AI score0.03635EPSS
Exploits1
Rows per page
Query Builder