Security Advisory

CVE-2020-15692

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-14 18:45:35

Last updated 2024-08-04 13:22:30

Assigner mitre

State PUBLISHED

Description

In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. This argument can be a local file path that will be opened in the default explorer. An attacker can pass one argument to the underlying open command to execute arbitrary registered system commands.

← Browse all CVEs View on cve.org ↗