Syntastic
1 CVEs
product
Monthly
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
RCE
Path Traversal
Syntastic
Debian Linux
NVD
GitHub
CVSS 3.0
7.5
EPSS
2.7%
EPSS 3%
CVSS 7.5
HIGH
POC
PATCH
This Week
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
RCE
Path Traversal
Syntastic
+1
NVD
GitHub