Описание
Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set "verifyMode = CVerifyPeer" as documented.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
5.9 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set "verifyMode = CVerifyPeer" as documented.
Nim is a statically typed compiled systems programming language. In Ni ...
Уязвимость языка программирования Nim, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
5.9 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2