CVE-2021-21372

CVE-2021-21372

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger code execution.

Source: CVE-2021-21372

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다