CVE-2020-15692

EUVD-2020-7679
In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. This argument can be a local file path that will be opened in the default explorer. An attacker can pass one argument to the underlying open command to execute arbitrary registered system commands.
Argument Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
nim-langnim
𝑥
≤ 1.2.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nim
bookworm
1.6.10-2
fixed
bullseye
1.4.6+really1.4.2-2
fixed
buster
no-dsa
sid
1.6.14-3
fixed
stretch
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nim
bionic
needed
focal
needed
groovy
Fixed 1.2.6-1
released
hirsute
Fixed 1.2.6-1
released
impish
Fixed 1.2.6-1
released
lunar
Fixed 1.2.6-1
released
mantic
Fixed 1.2.6-1
released
noble
Fixed 1.2.6-1
released
trusty
dne
xenial
needed
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2021/02/04/1
https://consensys.net/diligence/vulnerabilities/nim-browsers-argument-injection/
https://github.com/nim-lang/Nim/blob/dc5a40f3f39c6ea672e6dc6aca7f8118a69dda99/lib/pure/browsers.nim#L48
https://nim-lang.org/blog/2020/07/30/versions-126-and-108-released.html
http://www.openwall.com/lists/oss-security/2021/02/04/1
https://consensys.net/diligence/vulnerabilities/nim-browsers-argument-injection/
https://github.com/nim-lang/Nim/blob/dc5a40f3f39c6ea672e6dc6aca7f8118a69dda99/lib/pure/browsers.nim#L48
https://nim-lang.org/blog/2020/07/30/versions-126-and-108-released.html