VYPR

Hex (Elixir) package

alchemist.vim

pkg:hex/alchemist.vim

Vulnerabilities (1)

  • CVE-2017-1000212CriNov 17, 2017
    affected < 1.3.2fixed 1.3.2

    Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests against an ephemeral port on localhost that are then evaluated as elixir code.