{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "CVE-2022-2182: in do_one_cmd(), after \";\" sets curwin->w_cursor.lnum\n to ea.line2, call check_cursor() instead of check_cursor_lnum() so\n the column is validated too, and fall back to check_cursor_col()\n when ea.line2 is zero, preventing read past end-of-line on \":0;'{\".\n- CVE-2022-2206: in check_shellsize(), clamp cmdline_row and msg_row\n to Rows - 1 after limit_screen_size() so a shrinking terminal\n cannot leave those values referencing freed screen rows.\n- CVE-2022-2257: in str2special(), when the byte is single-byte set\n *sp = str + (*str == NUL ? 0 : 1) so the caller cannot walk past\n the terminating NUL when a menu item ends in a modifier-only key.\n- CVE-2022-2849: in latin_ptr2len()/dbcs_ptr2len(), return 0 when\n *p == NUL so loops that advance by mb_ptr2len() cannot walk past\n the NUL terminator (matches the contract documented in\n src/globals.h).\n- CVE-2022-3352: in spell_load_lang(), snapshot curbuf before the\n SpellFileMissing autocommand and break out of the retry loop if\n the autocommand deleted/replaced curbuf, preventing a\n use-after-free on the cached \"lang\"/\"curbuf\" pointer. Uses\n sl.sl_lang (stack copy) for the apply_autocmds pattern to survive\n buffer deletion.\n- CVE-2023-2609: in get_register() (ops.c), treat y_current->y_array\n == NULL the same as y_size == 0 and set reg->y_array to NULL, so\n an invalid/NULL register contents cannot be walked as a valid\n string vector.\n- CVE-2021-3778: in find_match_text() (regexp_nfa.c), advance by\n utf_ptr2len(regline + col + len2) under enc_utf8 instead of\n MB_CHAR2LEN(c2), so an invalid UTF-8 byte cannot cause a read\n past the end of the line.\n- CVE-2022-1616: in append_command() (ex_docmd.c), change the\n buffer-space check to \"d - IObuff + 5 < IOSIZE\" and skip copying\n a multibyte character whose length would overrun IObuff, so an\n invalid command with composing chars cannot overflow the error-\n message buffer.\n- CVE-2022-1897: in undo_time() (undo.c), call text_locked() /\n text_locked_msg() and return early, so :undo / :earlier / g-\n cannot run while the text is locked (e.g. inside a :substitute\n callback) and free a buffer the caller is still walking.\n- CVE-2022-2125: in get_lisp_indent() (misc1.c), after the\n double-quoted-string skip loop break out of the outer scan loop\n when *that is NUL so lisp indenting cannot walk past end-of-line\n on an unterminated quote.", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/oraclelinux7els/advisories/2026/clsa-2026_1777540266.json" } ], "tracking": { "current_release_date": "2026-04-30T09:12:33Z", "generator": { "date": "2026-04-30T09:12:33Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1777540266", "initial_release_date": "2026-04-30T09:12:33Z", "revision_history": [ { "date": "2026-04-30T09:12:33Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "vim: Fix of 10 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Linux 7", "product": { "name": "Oracle Linux 7", "product_id": "Oracle-Linux-7", "product_identification_helper": { "cpe": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Oracle Linux" } ], "category": "vendor", "name": "Oracle Corporation" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els9?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els9?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els9?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els9?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els9?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els7?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els4?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els3?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els2?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_id": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-filesystem@7.4.629-8.0.1.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_id": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-X11@7.4.629-8.0.1.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_id": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-minimal@7.4.629-8.0.1.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_id": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-enhanced@7.4.629-8.0.1.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } }, { "category": "product_version", "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_id": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/vim-common@7.4.629-8.0.1.el7_9.tuxcare.els1?arch=x86_64&epoch=2" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64" }, "product_reference": "vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-2182", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2182" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/f7c7c3fad6d2135d558f3b36d0d1a943118aeb5e", "url": "https://github.com/vim/vim/commit/f7c7c3fad6d2135d558f3b36d0d1a943118aeb5e" }, { "category": "external", "summary": "https://huntr.dev/bounties/238d8650-3beb-4831-a8f7-6f0b597a6fb8", "url": "https://huntr.dev/bounties/238d8650-3beb-4831-a8f7-6f0b597a6fb8" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-06-23T18:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-2849", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2849" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2", "url": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2" }, { "category": "external", "summary": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e", "url": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-08-17T18:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-2257", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2257" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/083692d598139228e101b8c521aaef7bcf256e9a", "url": "https://github.com/vim/vim/commit/083692d598139228e101b8c521aaef7bcf256e9a" }, { "category": "external", "summary": "https://huntr.dev/bounties/ca581f80-03ba-472a-b820-78f7fd05fe89", "url": "https://huntr.dev/bounties/ca581f80-03ba-472a-b820-78f7fd05fe89" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-06-30T21:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-2609", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-2609" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/d1ae8366aff286d41e7f5bc513cc0a1af5130aad", "url": "https://github.com/vim/vim/commit/d1ae8366aff286d41e7f5bc513cc0a1af5130aad" }, { "category": "external", "summary": "https://huntr.dev/bounties/1679be5a-565f-4a44-a430-836412a0b622", "url": "https://huntr.dev/bounties/1679be5a-565f-4a44-a430-836412a0b622" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/" }, { "category": "external", "summary": "https://support.apple.com/kb/HT213844", "url": "https://support.apple.com/kb/HT213844" }, { "category": "external", "summary": "https://support.apple.com/kb/HT213845", "url": "https://support.apple.com/kb/HT213845" } ], "release_date": "2023-05-09T18:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2022-2206", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2206" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/e178af5a586ea023622d460779fdcabbbfac0908", "url": "https://github.com/vim/vim/commit/e178af5a586ea023622d460779fdcabbbfac0908" }, { "category": "external", "summary": "https://huntr.dev/bounties/01d01e74-55d0-4d9e-878e-79ba599be668", "url": "https://huntr.dev/bounties/01d01e74-55d0-4d9e-878e-79ba599be668" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-06-26T19:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-3352", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Use After Free in GitHub repository vim/vim prior to 9.0.0614.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-3352" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/ef976323e770315b5fca544efb6b2faa25674d15", "url": "https://github.com/vim/vim/commit/ef976323e770315b5fca544efb6b2faa25674d15" }, { "category": "external", "summary": "https://huntr.dev/bounties/d058f182-a49b-40c7-9234-43d4c5a29f60", "url": "https://huntr.dev/bounties/d058f182-a49b-40c7-9234-43d4c5a29f60" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" } ], "release_date": "2022-09-29T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-1616", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-1616" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/28", "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/41", "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/d88934406c5375d88f8f1b65331c9f0cab68cc6c", "url": "https://github.com/vim/vim/commit/d88934406c5375d88f8f1b65331c9f0cab68cc6c" }, { "category": "external", "summary": "https://huntr.dev/bounties/40f1d75f-fb2f-4281-b585-a41017f217e2", "url": "https://huntr.dev/bounties/40f1d75f-fb2f-4281-b585-a41017f217e2" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html", "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" }, { "category": "external", "summary": "https://support.apple.com/kb/HT213488", "url": "https://support.apple.com/kb/HT213488" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00023.html", "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00023.html" } ], "release_date": "2022-05-07T19:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-2125", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2125" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/28", "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/41", "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/43", "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/45", "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f", "url": "https://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f" }, { "category": "external", "summary": "https://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705", "url": "https://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" }, { "category": "external", "summary": "https://support.apple.com/kb/HT213443", "url": "https://support.apple.com/kb/HT213443" }, { "category": "external", "summary": "https://support.apple.com/kb/HT213444", "url": "https://support.apple.com/kb/HT213444" }, { "category": "external", "summary": "https://support.apple.com/kb/HT213488", "url": "https://support.apple.com/kb/HT213488" } ], "release_date": "2022-06-19T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-1897", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-1897" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/28", "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "category": "external", "summary": "http://seclists.org/fulldisclosure/2022/Oct/41", "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a", "url": "https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a" }, { "category": "external", "summary": "https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118", "url": "https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html", "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202305-16", "url": "https://security.gentoo.org/glsa/202305-16" }, { "category": "external", "summary": "https://support.apple.com/kb/HT213488", "url": "https://support.apple.com/kb/HT213488" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00023.html", "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00023.html" } ], "release_date": "2022-05-27T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2021-3778", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "description", "text": "vim is vulnerable to Heap-based Buffer Overflow", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "known_affected": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-3778" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2021/10/01/1", "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "category": "external", "summary": "https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f", "url": "https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f" }, { "category": "external", "summary": "https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273", "url": "https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html", "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202208-32", "url": "https://security.gentoo.org/glsa/202208-32" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20221118-0003/", "url": "https://security.netapp.com/advisory/ntap-20221118-0003/" } ], "release_date": "2021-09-15T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-30T09:11:09.422644Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1777540266" }, { "category": "none_available", "details": "Affected", "product_ids": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els1.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els2.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els3.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els4.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els7.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:vim-X11-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-common-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-enhanced-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-filesystem-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64", "Oracle-Linux-7:vim-minimal-2:7.4.629-8.0.1.el7_9.tuxcare.els9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }