Lucene search
K

7 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in packages.json (npm)

The package packages.json was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-28647 Malicious code in packages.json (npm)

The package packages.json was found to contain malicious code...

7.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.5 views

SUSE CVE-2021-21372

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger...

8.8CVSS9.1AI score0.03635EPSS
Exploits1References7
Veracode
Veracode
added 2021/04/21 6:12 p.m.21 views

Remote Code Execution

Nimble is vulnerable to remote code execution. An attacker can craft a malicious entry in the packages.json package list to trigger code execution...

8.8CVSS4AI score0.03635EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2021/03/26 10:15 p.m.11 views

Design/Logic Flaw

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger...

6.8CVSS8.9AI score0.03635EPSS
Exploits1References4Affected Software1
UbuntuCve
UbuntuCve
added 2021/03/26 10:15 p.m.24 views

CVE-2021-21372

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger...

8.8CVSS7.5AI score0.03635EPSS
Exploits1References2
OSV
OSV
added 2021/03/26 10:15 p.m.6 views

UBUNTU-CVE-2021-21372

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger...

8.8CVSS7.6AI score0.03635EPSS
Exploits1References3
Rows per page
Query Builder