Explore top 10 tips to secure your open-source projects now. Read More
×
Neovim could be made to run programs as your login if it
opened a specially crafted file.
Software Description:
- neovim: heavily refactored vim fork
Details:
It was discovered that Neovim incorrectly handled certain files. An attacker
could possibly use this issue to execute arbitrary code. (CVE-2019-12735)
The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: neovim 0.3.4-1ubuntu0.19.04.1 neovim-runtime 0.3.4-1ubuntu0.19.04.1 Ubuntu 18.10: neovim 0.3.1-1ubuntu0.1 neovim-runtime 0.3.1-1ubuntu0.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4016-2
https://ubuntu.com/security/notices/USN-4016-1
CVE-2019-12735
Get the latest Linux and open source security news straight to your inbox.