Описание
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
vim before patch 8.0.0056 does not properly validate values for the 'f ...
EPSS
7.8 High
CVSS3
6.8 Medium
CVSS2