nim

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Imperative, multi-paradigm, compiled programming language
Version 1.6.6-1 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-2275 1.4.8-1 High Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-41259 AVG-2275 Low Yes Insufficient validation
In Nim, the uri.parseUri function which may be used to validate URIs accepts null bytes in the input URI. This behavior could be used to bypass URI...
CVE-2020-23171 AVG-2275 High Yes Directory traversal
A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash...