{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "CVE-2021-3796: fix use-after-free in nv_replace by getting the\n line pointer again after ins_copychar may have released it\n- CVE-2021-3973: fix heap buffer overflow in\n find_file_in_path_option by rejecting len == 0 inputs\n- CVE-2022-0413: fix use-after-free in do_sub when the substitute\n string is a \"\\=\" expression by copying the string before eval\n- CVE-2022-0943: fix heap overflow in spell_suggest when \"z=\" in\n Visual mode by clamping badlen to the remaining line length\n- CVE-2022-1620: fix NULL pointer access by guarding both\n vim_regexec calls in fname_match and the second fname_match\n call in buflist_match against rmp->regprog becoming NULL after\n the AUTOMATIC_ENGINE fallback fails to recompile the pattern\n- CVE-2022-1796: fix use-after-free in find_pattern_in_path by\n making a copy of the identifier pointer before the call\n- CVE-2022-2207: fix read-before-start-of-line in ins_bs by\n requiring w_cursor.col > 0 in the whitespace back-step loop\n- CVE-2022-3235: fix use-after-free in cmdline input-method\n handling by tracking the owning buffer and checking buf_valid\n- CVE-2022-3296: fix buffer underflow in ex_finally by searching\n for a valid CSF_TRY frame before accessing cs_flags\n- CVE-2023-46246: fix integer overflow in :history by clamping\n long values to INT_MAX before casting to int\n- CVE-2023-48231: fix use-after-free in win_close by returning\n early when the window is no longer valid after BufLeave\n- CVE-2023-48706: fix use-after-free in ex_substitute by always\n allocating sub and freeing it on every exit path\n- CVE-2026-33412: fix command injection via newline in glob() by\n adding '\\n' to the SHELL_SPECIAL escape set", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/centos7els/advisories/2026/clsa-2026_1777544441.json" } ], "tracking": { "current_release_date": "2026-05-05T11:30:46Z", "generator": { "date": "2026-05-05T11:30:46Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1777544441", "initial_release_date": "2026-04-30T10:20:44Z", "revision_history": [ { "date": "2026-04-30T10:20:44Z", "number": "1", "summary": "Initial version" }, { "date": "2026-05-05T11:30:46Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "vim: Fix of 13 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Community Enterprise Operating System 7", "product": { "name": "Community Enterprise Operating System 7", "product_id": "CentOS-7", "product_identification_helper": { "cpe": "cpe:2.3:o:centos:centos:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Community Enterprise Operating System" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els11?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els11?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els11?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els11?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els11?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_id": "vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_id": "vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_id": "vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 7", "product_id": "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-2286", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2286" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/f12129f1714f7d2301935bb21d896609bdac221c", "url": "https://github.com/vim/vim/commit/f12129f1714f7d2301935bb21d896609bdac221c" }, { "category": "external", "summary": "https://huntr.dev/bounties/fe7681fb-2318-436b-8e65-daf66cd597d8", "url": "https://huntr.dev/bounties/fe7681fb-2318-436b-8e65-daf66cd597d8" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-07-02T19:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-2343", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2343" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/caea66442d86e7bbba3bf3dc202c3c0d549b9853", "url": "https://github.com/vim/vim/commit/caea66442d86e7bbba3bf3dc202c3c0d549b9853" }, { "category": "external", "summary": "https://huntr.dev/bounties/2ecb4345-2fc7-4e7f-adb0-83a20bb458f5", "url": "https://huntr.dev/bounties/2ecb4345-2fc7-4e7f-adb0-83a20bb458f5" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-07-08T18:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-2923", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2923" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/6669de1b235843968e88844ca6d3c8dec4b01a9e", "url": "https://github.com/vim/vim/commit/6669de1b235843968e88844ca6d3c8dec4b01a9e" }, { "category": "external", "summary": "https://huntr.dev/bounties/fd3a3ab8-ab0f-452f-afea-8c613e283fd2", "url": "https://huntr.dev/bounties/fd3a3ab8-ab0f-452f-afea-8c613e283fd2" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-08-22T21:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2022-3278", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-3278" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/69082916c8b5d321545d60b9f5facad0a2dd5a4e", "url": "https://github.com/vim/vim/commit/69082916c8b5d321545d60b9f5facad0a2dd5a4e" }, { "category": "external", "summary": "https://huntr.dev/bounties/a9fad77e-f245-4ce9-ba15-c7d4c86c4612", "url": "https://huntr.dev/bounties/a9fad77e-f245-4ce9-ba15-c7d4c86c4612" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-09-23T22:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2022-4292", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Use After Free in GitHub repository vim/vim prior to 9.0.0882.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-4292" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/c3d27ada14acd02db357f2d16347acc22cb17e93", "url": "https://github.com/vim/vim/commit/c3d27ada14acd02db357f2d16347acc22cb17e93" }, { "category": "external", "summary": "https://huntr.dev/bounties/da3d4c47-e57a-451e-993d-9df0ed31f57b", "url": "https://huntr.dev/bounties/da3d4c47-e57a-451e-993d-9df0ed31f57b" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20230113-0005/", "url": "https://security.netapp.com/advisory/ntap-20230113-0005/" } ], "release_date": "2022-12-05T19:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-2175", "cwe": { "id": "CWE-126", "name": "Buffer Over-read" }, "notes": [ { "category": "description", "text": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2175" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/6046aded8da002b08d380db29de2ba0268b6616e", "url": "https://github.com/vim/vim/commit/6046aded8da002b08d380db29de2ba0268b6616e" }, { "category": "external", "summary": "https://huntr.dev/bounties/7f0481c2-8b57-4324-b47c-795d1ea67e55", "url": "https://huntr.dev/bounties/7f0481c2-8b57-4324-b47c-795d1ea67e55" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-06-23T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-2208", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2208" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195", "url": "https://github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195" }, { "category": "external", "summary": "https://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1", "url": "https://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-06-27T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2022-2289", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Use After Free in GitHub repository vim/vim prior to 9.0.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2289" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/c5274dd12224421f2430b30c53b881b9403d649e", "url": "https://github.com/vim/vim/commit/c5274dd12224421f2430b30c53b881b9403d649e" }, { "category": "external", "summary": "https://huntr.dev/bounties/7447d2ea-db5b-4883-adf4-1eaf7deace64", "url": "https://huntr.dev/bounties/7447d2ea-db5b-4883-adf4-1eaf7deace64" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-07-03T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-2264", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2264" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/d25f003342aca9889067f2e839963dfeccf1fe05", "url": "https://github.com/vim/vim/commit/d25f003342aca9889067f2e839963dfeccf1fe05" }, { "category": "external", "summary": "https://huntr.dev/bounties/2241c773-02c9-4708-b63e-54aef99afa6c", "url": "https://huntr.dev/bounties/2241c773-02c9-4708-b63e-54aef99afa6c" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-07-01T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-0943", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-0943" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/28", "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/41", "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3", "url": "https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3" }, { "category": "external", "summary": "https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1", "url": "https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html", "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://support.apple.com/kb/HT213488", "url": "https://support.apple.com/kb/HT213488" } ], "release_date": "2022-03-14T21:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2021-3796", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "vim is vulnerable to Use After Free", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-3796" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2021/10/01/1", "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/35a9a00afcb20897d462a766793ff45534810dc3", "url": "https://github.com/vim/vim/commit/35a9a00afcb20897d462a766793ff45534810dc3" }, { "category": "external", "summary": "https://huntr.dev/bounties/ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d", "url": "https://huntr.dev/bounties/ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html", "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20221118-0004/", "url": "https://security.netapp.com/advisory/ntap-20221118-0004/" } ], "release_date": "2021-09-15T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-2207", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2207" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/0971c7a4e537ea120a6bb2195960be8d0815e97b", "url": "https://github.com/vim/vim/commit/0971c7a4e537ea120a6bb2195960be8d0815e97b" }, { "category": "external", "summary": "https://huntr.dev/bounties/05bc6051-4dc3-483b-ae56-cf23346b97b9", "url": "https://huntr.dev/bounties/05bc6051-4dc3-483b-ae56-cf23346b97b9" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-06-27T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-0413", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Use After Free in GitHub repository vim/vim prior to 8.2.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-0413" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a", "url": "https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a" }, { "category": "external", "summary": "https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38", "url": "https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html", "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" } ], "release_date": "2022-01-30T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-1796", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Use After Free in GitHub repository vim/vim prior to 8.2.4979.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-1796" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/28d032cc688ccfda18c5bbcab8b50aba6e18cde5", "url": "https://github.com/vim/vim/commit/28d032cc688ccfda18c5bbcab8b50aba6e18cde5" }, { "category": "external", "summary": "https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e", "url": "https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-05-19T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-1620", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-1620" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/28", "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/41", "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f", "url": "https://github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f" }, { "category": "external", "summary": "https://huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51", "url": "https://huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" }, { "category": "external", "summary": "https://support.apple.com/kb/HT213488", "url": "https://support.apple.com/kb/HT213488" } ], "release_date": "2022-05-08T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2021-3973", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "vim is vulnerable to Heap-based Buffer Overflow", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-3973" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2022/01/15/1", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847", "url": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847" }, { "category": "external", "summary": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e", "url": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" } ], "release_date": "2021-11-19T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-3296", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-3296" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/96b9bf8f74af8abf1e30054f996708db7dc285be", "url": "https://github.com/vim/vim/commit/96b9bf8f74af8abf1e30054f996708db7dc285be" }, { "category": "external", "summary": "https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077", "url": "https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-09-25T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-3235", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Use After Free in GitHub repository vim/vim prior to 9.0.0490.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-3235" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/1c3dd8ddcba63c1af5112e567215b3cec2de11d0", "url": "https://github.com/vim/vim/commit/1c3dd8ddcba63c1af5112e567215b3cec2de11d0" }, { "category": "external", "summary": "https://huntr.dev/bounties/96d5f7a0-a834-4571-b73b-0fe523b941af", "url": "https://huntr.dev/bounties/96d5f7a0-a834-4571-b73b-0fe523b941af" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-09-18T20:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2026-33412", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" }, "notes": [ { "category": "description", "text": "Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob() function on Unix-like systems. By including a newline character (\\n) in a pattern passed to glob(), an attacker may be able to execute arbitrary shell commands. This vulnerability depends on the user's 'shell' setting. This issue has been patched in version 9.2.0202.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2026-33412" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/645ed6597d1ea896c712cd7ddbb6edee79577e9a", "url": "https://github.com/vim/vim/commit/645ed6597d1ea896c712cd7ddbb6edee79577e9a" }, { "category": "external", "summary": "https://github.com/vim/vim/releases/tag/v9.2.0202", "url": "https://github.com/vim/vim/releases/tag/v9.2.0202" }, { "category": "external", "summary": "https://github.com/vim/vim/security/advisories/GHSA-w5jw-f54h-x46c", "url": "https://github.com/vim/vim/security/advisories/GHSA-w5jw-f54h-x46c" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2026/03/19/10", "url": "http://www.openwall.com/lists/oss-security/2026/03/19/10" } ], "release_date": "2026-03-24T20:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-48231", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-48231" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2023/11/16/1", "url": "http://www.openwall.com/lists/oss-security/2023/11/16/1" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/25aabc2b8ee1e19ced6f4da9d866cf9378fc4c5a", "url": "https://github.com/vim/vim/commit/25aabc2b8ee1e19ced6f4da9d866cf9378fc4c5a" }, { "category": "external", "summary": "https://github.com/vim/vim/security/advisories/GHSA-8g46-v9ff-c765", "url": "https://github.com/vim/vim/security/advisories/GHSA-8g46-v9ff-c765" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20231227-0008/", "url": "https://security.netapp.com/advisory/ntap-20231227-0008/" } ], "release_date": "2023-11-16T23:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2023-46246", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "description", "text": "Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-46246" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/9198c1f2b1ddecde22af918541e0de2a32f0f45a", "url": "https://github.com/vim/vim/commit/9198c1f2b1ddecde22af918541e0de2a32f0f45a" }, { "category": "external", "summary": "https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm", "url": "https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNMFS3IH74KEMMESOA3EOB6MZ56TWGFF/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNMFS3IH74KEMMESOA3EOB6MZ56TWGFF/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IVA7K73WHQH4KVFDJQ7ELIUD2WK5ZT5E/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IVA7K73WHQH4KVFDJQ7ELIUD2WK5ZT5E/" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20231208-0006/", "url": "https://security.netapp.com/advisory/ntap-20231208-0006/" } ], "release_date": "2023-10-27T19:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2023-48706", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "known_affected": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-48706" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2023/11/22/3", "url": "http://www.openwall.com/lists/oss-security/2023/11/22/3" }, { "category": "external", "summary": "https://github.com/gandalf4a/crash_report/blob/main/vim/vim_huaf", "url": "https://github.com/gandalf4a/crash_report/blob/main/vim/vim_huaf" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/26c11c56888d01e298cd8044caf860f3c26f57bb", "url": "https://github.com/vim/vim/commit/26c11c56888d01e298cd8044caf860f3c26f57bb" }, { "category": "external", "summary": "https://github.com/vim/vim/pull/13552", "url": "https://github.com/vim/vim/pull/13552" }, { "category": "external", "summary": "https://github.com/vim/vim/security/advisories/GHSA-c8qm-x72m-q53q", "url": "https://github.com/vim/vim/security/advisories/GHSA-c8qm-x72m-q53q" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNMFS3IH74KEMMESOA3EOB6MZ56TWGFF/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNMFS3IH74KEMMESOA3EOB6MZ56TWGFF/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IVA7K73WHQH4KVFDJQ7ELIUD2WK5ZT5E/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IVA7K73WHQH4KVFDJQ7ELIUD2WK5ZT5E/" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20240105-0001/", "url": "https://security.netapp.com/advisory/ntap-20240105-0001/" } ], "release_date": "2023-11-22T22:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T10:20:44.934980Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777544441" }, { "category": "none_available", "details": "Affected", "product_ids": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-X11-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-common-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.el7_9.tuxcare.els1.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.el7_9.tuxcare.els1.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64", "CentOS-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }