Oval Definition:	oval:org.opensuse.security:def:202121372
Revision Date: 2022-06-30 Version: 1 Title: CVE-2021-21372 Description: Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger code execution. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2021-21372 SUSE CVE-2021-21372 openSUSE-SU-2021:0618-1 openSUSE-SU-2021:0628-1 Platform(s): openSUSE Leap 15.2 openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 SUSE Package Hub for SUSE Linux Enterprise 15 SP2 Product(s): Definition Synopsis openSUSE Tumbleweed is installed AND nim-1.2.12-1.7 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed AND nim-1.2.12-bp152.4.3.1 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information nim-1.2.12-lp152.2.3.1 is installed AND nim is signed with openSUSE key
BACK