Vulnerability Details : CVE-2020-15694
Potential exploit
In Nim 1.2.4, the standard library httpClient fails to properly validate the server response. For example, httpClient.get().contentLength() does not raise any error if a malicious server provides a negative Content-Length.
Vulnerability category: Input validation
Products affected by CVE-2020-15694
- cpe:2.3:a:nim-lang:nim:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-15694
0.66%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 70 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-15694
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2020-15694
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-15694
-
https://nim-lang.org/blog/2020/07/30/versions-126-and-108-released.html
Versions 1.2.6 and 1.0.8 released - Nim BlogRelease Notes;Third Party Advisory
-
https://github.com/nim-lang/Nim/blob/dc5a40f3f39c6ea672e6dc6aca7f8118a69dda99/lib/pure/httpclient.nim#L241
Nim/httpclient.nim at dc5a40f3f39c6ea672e6dc6aca7f8118a69dda99 · nim-lang/Nim · GitHubPatch;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/02/04/2
oss-security - [CVE-2020-15693, CVE-2020-15694] Nim - stdlib Httpclient - Header Crlf Injection & Server Response ValidationExploit;Mailing List;Third Party Advisory
-
https://consensys.net/diligence/vulnerabilities/nim-httpclient-header-crlf-injection/
Nim - stdlib Httpclient - Header Crlf Injection & Server Response Validation | ConsenSys DiligenceExploit;Third Party Advisory
Jump to