Описание
alchemist.vim vulnerable to remote code execution
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.
Пакеты
Наименование
alchemist.vim
Затронутые версииВерсия исправления
<= 1.3.1
1.3.2
Связанные уязвимости
CVSS3: 9.8
nvd
около 8 лет назад
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.