Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 3 |
CVE-ID | CVE-2020-15694 CVE-2020-15692 CVE-2020-15693 |
CWE-ID | CWE-20 CWE-78 CWE-93 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
nim Universal components / Libraries / Programming Languages & Components |
Vendor | nim-lang.org |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU45739
Risk: Medium
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-15694
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of server responses in the standard library httpClient. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack or force the application to perform unexpected actions as demonstrated by the httpClient.get().contentLength() that does not raise any error if a malicious server provides a negative Content-Length.
MitigationInstall updates from vendor's website.
Vulnerable software versionsnim: 1.2.4
External linkshttp://github.com/nim-lang/Nim/blob/dc5a40f3f39c6ea672e6dc6aca7f8118a69dda99/lib/pure/httpclient.nim#L241
http://nim-lang.org/blog/2020/07/30/versions-126-and-108-released.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU45741
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-15692
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation passed as argument to browsers.openDefaultBrowser method. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsnim: 1.2.4
External linkshttp://github.com/nim-lang/Nim/blob/dc5a40f3f39c6ea672e6dc6aca7f8118a69dda99/lib/pure/browsers.nim#L48
http://nim-lang.org/blog/2020/07/30/versions-126-and-108-released.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU45740
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-15693
CWE-ID:
CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to inject arbitrary data in server response.
The vulnerability exists due to insufficient validation of attacker-supplied data when processing URL in the standard library httpClient. A remote attacker can pass a specially crafted URL to the application and changes values of headers via CR-LF characters when processed with httpClient.get or httpClient.post methods.
Install updates from vendor's website.
Vulnerable software versionsnim: 1.2.4
External linkshttp://github.com/nim-lang/Nim/blob/dc5a40f3f39c6ea672e6dc6aca7f8118a69dda99/lib/pure/httpclient.nim#L1023
http://nim-lang.org/blog/2020/07/30/versions-126-and-108-released.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.