The vulnerability of the “nimble refresh” function in the Nimble programming language’s package manager allows attackers to execute a “man-in-the-middle” attack or execute arbitrary code.
The vulnerability of the “nimble refresh” function in the Nimble programming language package manager is related to the lack of checks on the loaded packages due to an error in the authentication process. Exploiting this vulnerability allows a malicious actor to execute a “man-in-the-middle” atta...