Vulnerability: Arbitrary OS Command Execution in Vim Restricted Mode

Vulnerability: Arbitrary OS Command Execution in Vim Restricted Mode

CVE-2019-20807 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).

Learn more about our User Device Pen Test.