Publicly disclosed security vulnerabilities

I have responsibly reported several security vulnerabilities; some of the public ones are listed below.

• Arbitrary command execution on Windows in Vim: CVE-2023-4736 (2023)

• Untrusted search path on Windows systems leading to arbitrary code execution in GitPython: CVE-2023-40590 (2023)

• Blind local file inclusion in GitPython: CVE-2023-41040 (2023)

• Arbitrary write to files from builder server in Read the Docs: GHSA-v7x4-rhpg-3p2r (2023)

• Write access to projects via API V2 for any logged-in user in Read the Docs: GHSA-rqfv-8rrx-prmh (2023)

• CAS session hijacking in Read the Docs for Businesses: GHSA-4mgr-vrh5-hj8q (2023)

• Serving content from pull requests previews on main docs domains in Read the Docs: GHSA-h4cf-8gv8-4chf (2023)

• Cache poisoning: serving arbitrary content on documentation sites in Read the Docs: GHSA-mp38-vprc-7hf5 (2023)

• Arbitrary code execution when using treesitter with injections in Neovim: GHSA-6f9m-hj8h-xjgj (2023)

• Path traversal: access to files from any project in Read the Docs: GHSA-5w8m-r7jm-mhp9 (2023)

• Symlink following: arbitrary file access from builder server in Read the Docs: GHSA-hqwg-gjqw-h5wg (2023)

• Cache poisoning in Read the Docs: GHSA-7fcx-wwr3-99jv (2023)

• Arbitrary command execution in simple-git: CVE-2022-25860 (2022)

• Symlink following: arbitrary file access from builder server in Read the Docs: GHSA-368m-86q9-m99w (2022)

• Allow serving of arbitrary HTML files from the main domain in Read the Docs: GHSA-98pf-gfh3-x3mp (2022)

• CSRF from documentation domains in Read the Docs: GHSA-3v5m-qmm9-3c6c (2021)

• Serving arbitrary files in domains of other projects in Read the Docs: https://docs.readthedocs.io/en/stable/security.html#release-2-3-0 (2018)