3 matches found
openSUSE 15 Security Update : nim (openSUSE-SU-2022:10101-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10101-1 advisory. Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692...
OPENSUSE-SU-2022:10095-1 Security update for nim
This update for nim fixes the following issues: Includes upstream security fixes for: boo1175333, CVE-2020-15693 httpClient is vulnerable to a CR-LF injection boo1175334, CVE-2020-15692 mishandle of argument to browsers.openDefaultBrowser boo1175332, CVE-2020-15694 httpClient.get.contentLength...
CVE-2021-29495
CVE-2021-29495 affects Nim; in Nim’s standard library, prior to 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Upgrading to Nim 1.4.2 provides a patch, or as a workaround, set verifyMode = CVerifyPeer as documented. The linked sources corroborate the vulnerability and...