CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-1000212

Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.019

EPSS Ranking 82.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/tonini/alchemist-server/issues/14
https://github.com/tonini/alchemist-server/issues/14

Products affected by CVE-2017-1000212

Alchemist-Elixir » Alchemist-Server » Version: N/A

cpe:2.3:a:alchemist-elixir:alchemist-server:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-1000212

Products

Pricing

Contact Us