diff options
| author | zeertzjq <zeertzjq@outlook.com> | 2026-04-16 11:11:29 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2026-04-16 11:11:29 +0800 |
| commit | 0e07b2a1e271f01f3458185876f8712d97f6cf38 (patch) | |
| tree | 5cf6b9052dc529d14220d5c2f046cea43570a22c /test/functional/vimscript/executable_spec.lua | |
| parent | 8af2ba74a46ecb2120c47cd1ae7676c06c428423 (diff) | |
vim-patch:9.2.0357: [security]: command injection via backticks in tag files (#39102)
Problem: [security]: command injection via backticks in tag files
(Srinivas Piskala Ganesh Babu, Andy Ngo)
Solution: Disallow backticks before attempting to expand filenames.
Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-cwgx-gcj7-6qh8
Supported by AI
https://github.com/vim/vim/commit/c78194e41d5a0b05b0ddf383b6679b1503f977fb
Co-authored-by: Christian Brabandt <cb@256bit.org>
Diffstat (limited to 'test/functional/vimscript/executable_spec.lua')
0 files changed, 0 insertions, 0 deletions
