Bundled alchemist-server is vulnerable to remote code execution

tonini / alchemist.el

Elixir Tooling Integration Into Emacs

http://www.alchemist-elixir.org

906 stars 103 forks source link

Bundled alchemist-server is vulnerable to remote code execution #292

Open ivan opened 7 years ago

ivan commented 7 years ago

alchemist.el includes an alchemist-server vulnerable to unauthenticated remote code execution (https://github.com/tonini/alchemist-server/issues/14). I'm opening this tracking issue as a (possibly useful) reminder to update alchemist-server later.

tonini commented 7 years ago

Thanks @ivan to have a look at this issue and reported it.