CVE-2020-15694

EUVD-2020-7681
In Nim 1.2.4, the standard library httpClient fails to properly validate the server response. For example, httpClient.get().contentLength() does not raise any error if a malicious server provides a negative Content-Length.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
Affected Products (NVD)
VendorProductVersion
nim-langnim
𝑥
≤ 1.2.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nim
bookworm
1.6.10-2
fixed
bullseye
1.4.6+really1.4.2-2
fixed
buster
no-dsa
sid
1.6.14-3
fixed
stretch
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nim
bionic
needs-triage
focal
needs-triage
groovy
Fixed 1.2.6-1
released
hirsute
Fixed 1.2.6-1
released
impish
Fixed 1.2.6-1
released
lunar
Fixed 1.2.6-1
released
mantic
Fixed 1.2.6-1
released
noble
Fixed 1.2.6-1
released
trusty
dne
xenial
needs-triage
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2021/02/04/2
https://consensys.net/diligence/vulnerabilities/nim-httpclient-header-crlf-injection/
https://github.com/nim-lang/Nim/blob/dc5a40f3f39c6ea672e6dc6aca7f8118a69dda99/lib/pure/httpclient.nim#L241
https://nim-lang.org/blog/2020/07/30/versions-126-and-108-released.html
http://www.openwall.com/lists/oss-security/2021/02/04/2
https://consensys.net/diligence/vulnerabilities/nim-httpclient-header-crlf-injection/
https://github.com/nim-lang/Nim/blob/dc5a40f3f39c6ea672e6dc6aca7f8118a69dda99/lib/pure/httpclient.nim#L241
https://nim-lang.org/blog/2020/07/30/versions-126-and-108-released.html