neovim
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Fork of Vim aiming to improve user experience, plugins, and GUIs |
| Version | 0.10.2-2 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-979 | 0.3.5-1 | 0.3.6-1 | High | Fixed | |
| AVG-82 | 0.1.6-1 | 0.1.7-1 | High | Fixed | FS#51927 |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2019-12735 | AVG-979 | High | Yes | Arbitrary code execution | getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as... |
| CVE-2016-1248 | AVG-82 | High | No | Arbitrary command execution | A vulnerability has been discovered in vim which would allow arbitrary shell commands to be run if a user opened a file with a malicious modeline. This is... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 29 Nov 2016 | ASA-201611-29 | AVG-82 | High | arbitrary command execution |