Comment by bitbasher

3 days ago

> Who would have thought that having access to the whole system can be used to bypass some artificial check.

You know, years ago there was a vulnerability through vim's mode lines where you could execute pretty random code. Basically, if someone opened the file you could own them.

We never really learn do we?

CVE-2002-1377

CVE-2005-2368

CVE-2007-2438

CVE-2016-1248

CVE-2019-12735

Do we get a CVE for Antigravity too?

1 comment

bitbasher

Reply
zahlman  3 days ago

> a vulnerability through vim's mode lines where you could execute pretty random code. Basically, if someone opened the file you could own them.

... Why would Vim be treating the file contents as if they were user input?