CVE-2019-20807

Published: May 28, 2020

Modified: Aug 5, 2024

PUBLISHED

Description

In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/vim/vim/releases/tag/v8.1.0881

x_refsource_MISC

https://github.com/vim/vim/commit/8c62a08faf89663e5633dc5036cd8695c80f1075

x_refsource_MISC

openSUSE-SU-2020:0794

vendor-advisory

x_refsource_SUSE

https://support.apple.com/kb/HT211289

x_refsource_CONFIRM

20200717 APPLE-SA-2020-07-15-2 macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra

mailing-list

x_refsource_FULLDISC

USN-4582-1

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update

mailing-list

x_refsource_MLIST

https://www.starwindsoftware.com/security/sw-20220812-0003/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-20807

Description

Affected Products

References