Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set "verifyMode = CVerifyPeer" as documented. Reference: https://github.com/nim-lang/security/security/advisories/GHSA-9vqv-2jj9-7mqr
Created nim tracking bugs for this issue: Affects: fedora-all [bug 1958395]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.