alchemist.vim vulnerable to remote code execution

Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code...

alchemist.vim bundled alchemist-server remote code execution vulnerability

alchemist.vim is a text editor plugin used in Elixir. bundled alchemist-server is one of the servers. A remote code execution vulnerability exists in bundled alchemist-server in alchemist.vim. A remote attacker can exploit this vulnerability to execute arbitrary code with the help of a malicious...