Описание
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-20807
- https://github.com/vim/vim/commit/8c62a08faf89663e5633dc5036cd8695c80f1075
- https://github.com/vim/vim/releases/tag/v8.1.0881
- https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html
- https://support.apple.com/kb/HT211289
- https://usn.ubuntu.com/4582-1
- https://www.starwindsoftware.com/security/sw-20220812-0003
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00018.html
- http://seclists.org/fulldisclosure/2020/Jul/24
Связанные уязвимости
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
In Vim before 8.1.0881, users can circumvent the rvim restricted mode ...