VDB
GCVE-110-MAGEIA-2020-82
GCVE-110-MAGEIA-2020-82
Advisory Published
Updated vim and neovim package fixes security vulnerability:
It was discovered that Vim before 8.1.1365 and Neovim before 0.3.6 did
not restrict the `:source!` command when executed in a sandbox. This
allows remote attackers to take advantage of the modeline feature to
inject arbitrary commands when a specially crafted file is opened
(CVE-2019-12735).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | neovim | 0.3.7-1.mga7 (unaffected), 0 (affected), 0 (affected), 0.3.7-1.mga7 (unaffected) | — |
| Mageia | vim | 8.1.1048-1.1.mga7 (unaffected), 0 (affected), 0 (affected), 8.1.1048-1.1.mga7 (unaffected) | — |
| Mageia | flash-player-plugin | 0 (affected), 32.0.0.344-1.mga7.nonfree (unaffected) | — |
References
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.