Lucene search
GoogleOSV:CVE-2021-21372HistoryMar 26, 2021 - 10:15 p.m.
CVE-2021-21372
2021-03-2622:15:12
Google
osv.dev
1
Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger code execution.
References
Related
cve
cve
CVE-2021-21372
2021-03-26 22:15:12
prion
prion
Design/Logic Flaw
2021-03-26 22:15:00
debiancve
debiancve
CVE-2021-21372
2021-03-26 22:15:12
nvd
nvd
CVE-2021-21372
2021-03-26 22:15:12
veracode
veracode
Remote Code Execution
2021-04-21 18:12:50
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2021-21372
2021-03-26 00:00:00
nessus
nessus
openSUSE Security Update : nim (openSUSE-2021-618)
2021-05-18 00:00:00
openSUSE 15 Security Update : nim (openSUSE-SU-2022:10101-1)
2022-08-28 00:00:00
archlinux
archlinux
[ASA-202104-6] nimble: multiple issues
2021-04-29 00:00:00
suse
suse
Security update for nim (moderate)
2021-04-26 00:00:00
Security update for nim (moderate)
2021-04-29 00:00:00
Security update for nim (important)
2022-08-27 00:00:00
openvas
openvas
openSUSE: Security Advisory for nim (openSUSE-SU-2021:0618-1)
2021-04-27 00:00:00
openSUSE: Security Advisory for nim (openSUSE-SU-2022:10101-1)
2024-03-04 00:00:00