Vim And Neovim Vulnerable To Code Execution Through "Modelines" In Hostile Text Files

A defect in the Vim and Neovim text editors has been found which allows the execution of commands when hostile text files are opened though an opening provided by "modelines" functionality intented to specify custom editor options (archived). One again there is no substitute for hygiene to keep the vermin away.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>