Remote Code Execution Vulnerability in Elixir's alchemist.vim Plugin

Remote Code Execution Vulnerability in Elixir's alchemist.vim Plugin

CVE-2017-1000212 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.

Learn more about our Web App Pen Testing.