doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger code execution.
The official Nimble packages list at https://github.com/nim-lang/packages is manually reviewed.
https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/
Impact
doCmd is used in different places and can be leveraged to execute arbitrary commands.
An attacker can craft a malicious entry in the packages.json package list to trigger code execution.
Workarounds
The official Nimble packages list at https://github.com/nim-lang/packages is manually reviewed.
References
https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/