Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2019-12735 — OS Command Injection in Neovim
Severity
8.6HIGHNVD
OSV9.8
EPSS
64.6%
top 1.54%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJun 5
Latest updateJul 31
Description
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 1.8 | Impact: 6.0
Affected Packages11 packages
Patches
🔴Vulnerability Details
3💥Exploits & PoCs
1📋Vendor Advisories
7Microsoft▶
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline as demonstrated by execute in Vim and assert_fa↗2019-06-11
📄Research Papers
1💬Community
5Bugzilla▶
CVE-2019-12735 vim/neovim: ':source!' command allows arbitrary command execution via modelines↗2019-06-07
Bugzilla▶
CVE-2019-12735 neovim: vim/neovim: the :source! command allows arbitrary command execution via the modeline [fedora-all]↗2019-06-07
Bugzilla▶
CVE-2019-12735 neovim: vim/neovim: the :source! command allows arbitrary command execution via the modeline [epel-7]↗2019-06-07
Bugzilla
▶
Bugzilla
▶