neovim

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Fork of Vim aiming to improve user experience, plugins, and GUIs
Version 0.10.2-2 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-979 0.3.5-1 0.3.6-1 High Fixed
AVG-82 0.1.6-1 0.1.7-1 High Fixed FS#51927
Issue Group Severity Remote Type Description
CVE-2019-12735 AVG-979 High Yes Arbitrary code execution
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as...
CVE-2016-1248 AVG-82 High No Arbitrary command execution
A vulnerability has been discovered in vim which would allow arbitrary shell commands to be run if a user opened a file with a malicious modeline. This is...

Advisories

Date Advisory Group Severity Type
29 Nov 2016 ASA-201611-29 AVG-82 High arbitrary command execution