AVG-2275 log

Package nim
Status Vulnerable
Severity High
Type multiple issues
Affected 1.4.8-1
Fixed Unknown
Current 1.4.8-1 [community]
Ticket Create
Created Tue Aug 10 16:30:29 2021
Issue Severity Remote Type Description
CVE-2021-41259 Low Yes Insufficient validation
In Nim, the uri.parseUri function which may be used to validate URIs accepts null bytes in the input URI. This behavior could be used to bypass URI...
CVE-2020-23171 High Yes Directory traversal
A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash...