Browse all 3 CVE security advisories affecting editorconfig. AI-powered Chinese analysis, POCs, and references for each vulnerability.
EditorConfig is a tool for maintaining consistent coding styles across different editors and IDEs. Historically, it has been affected by remote code execution vulnerabilities due to unsafe parsing of configuration files, as well as cross-site scripting issues through improper input sanitization. Privilege escalation risks have also been identified in certain implementations. While no major security incidents have been widely reported, the three CVEs on record highlight potential risks in file handling and input processing. The tool's security posture is generally considered moderate, with risks primarily stemming from its file parsing functionality and integration with various development environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-0341 | Stack Buffer Overflow in editorconfig-core-c — EditorConfig C CoreCWE-121 | 7.8 | High | 2023-01-31 |
This page lists every published CVE security advisory associated with editorconfig. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.