Information on source package vim

Available versions

ReleaseVersion
buster2:8.1.0875-5+deb10u2
bullseye2:8.2.2434-3+deb11u1
bookworm2:8.2.4793-1
sid2:8.2.4793-1

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2022-2304vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableStack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2288vulnerablevulnerablevulnerablevulnerableOut-of-bounds Write in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2285vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableInteger Overflow or Wraparound in GitHub repository vim/vim prior to 9 ...
CVE-2022-2207vulnerablevulnerablevulnerablevulnerableHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2129vulnerablevulnerablevulnerablevulnerableOut-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2126vulnerablevulnerablevulnerablevulnerableOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2125vulnerablevulnerablevulnerablevulnerableHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2124vulnerablevulnerablevulnerablevulnerableBuffer Over-read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2000vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableOut-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1968vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1942vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1898vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1897vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableOut-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1851vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1785vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableOut-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. ...
CVE-2022-1720vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableBuffer Over-read in function grab_file_name in GitHub repository vim/v ...
CVE-2022-1621vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableHeap buffer overflow in vim_strncpy find_word in GitHub repository vim ...
CVE-2022-1619vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableHeap-based Buffer Overflow in function cmdline_erase_chars in GitHub r ...
CVE-2022-1616vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableUse after free in append_command in GitHub repository vim/vim prior to ...
CVE-2022-1420vulnerable (no DSA)vulnerable (no DSA)fixedfixedUse of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...
CVE-2022-1381vulnerable (no DSA)vulnerable (no DSA)fixedfixedglobal heap buffer overflow in skip_range in GitHub repository vim/vim ...
CVE-2022-1154vulnerable (no DSA)vulnerable (no DSA)fixedfixedUse after free in utf_ptr2char in GitHub repository vim/vim prior to 8 ...
CVE-2022-0943vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow occurs in vim in GitHub repository vim/vim ...
CVE-2022-0729vulnerable (no DSA)vulnerable (no DSA)fixedfixedUse of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...
CVE-2022-0714vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ...
CVE-2022-0696vulnerable (no DSA)vulnerable (no DSA)fixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.442 ...
CVE-2022-0685vulnerable (no DSA)vulnerable (no DSA)fixedfixedUse of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...
CVE-2022-0629vulnerable (no DSA)vulnerable (no DSA)fixedfixedStack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0572vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0554vulnerable (no DSA)vulnerable (no DSA)fixedfixedUse of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...
CVE-2022-0443vulnerable (no DSA)vulnerable (no DSA)fixedfixedUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0417vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0413vulnerable (no DSA)vulnerable (no DSA)fixedfixedUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0408vulnerable (no DSA)vulnerable (no DSA)fixedfixedStack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0407vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0393vulnerable (no DSA)vulnerable (no DSA)fixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0392vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim prior to 8.2. ...
CVE-2022-0368vulnerable (no DSA)vulnerable (no DSA)fixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0361vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0359vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0351vulnerable (no DSA)vulnerable (no DSA)fixedfixedAccess of Memory Location Before Start of Buffer in GitHub repository ...
CVE-2022-0319vulnerable (no DSA)vulnerable (no DSA)fixedfixedOut-of-bounds Read in vim/vim prior to 8.2. ...
CVE-2022-0318vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in vim/vim prior to 8.2. ...
CVE-2022-0261vulnerable (no DSA)vulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0213vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2022-0158vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2022-0156vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Use After Free ...
CVE-2021-4193vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Out-of-bounds Read ...
CVE-2021-4192vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Use After Free ...
CVE-2021-4187fixedvulnerable (no DSA)fixedfixedvim is vulnerable to Use After Free ...
CVE-2021-4173fixedvulnerable (no DSA)fixedfixedvim is vulnerable to Use After Free ...
CVE-2021-4166vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Out-of-bounds Read ...
CVE-2021-4136fixedvulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-4069vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Use After Free ...
CVE-2021-4019vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3984vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3974vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Use After Free ...
CVE-2021-3973vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3968vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3928vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Use of Uninitialized Variable ...
CVE-2021-3927vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3903vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3872vulnerable (no DSA)vulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...

Open unimportant issues

BugbusterbullseyebookwormsidDescription
CVE-2022-2289vulnerablevulnerablevulnerablevulnerableUse After Free in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2287vulnerablevulnerablevulnerablevulnerableOut-of-bounds Read in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2286vulnerablevulnerablevulnerablevulnerableOut-of-bounds Read in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2284vulnerablevulnerablevulnerablevulnerableHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2264vulnerablevulnerablevulnerablevulnerableHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2257vulnerablevulnerablevulnerablevulnerableOut-of-bounds Read in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2231vulnerablevulnerablevulnerablevulnerableNULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2210vulnerablevulnerablevulnerablevulnerableOut-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2208vulnerablevulnerablevulnerablevulnerableNULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.516 ...
CVE-2022-2206vulnerablevulnerablevulnerablevulnerableOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2183vulnerablevulnerablevulnerablevulnerableOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2182vulnerablevulnerablevulnerablevulnerableHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2175vulnerablevulnerablevulnerablevulnerableBuffer Over-read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2042vulnerablevulnerablevulnerablevulnerableUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1927vulnerablevulnerablevulnerablevulnerableBuffer Over-read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1886vulnerablevulnerablevulnerablevulnerableHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1796vulnerablevulnerablevulnerablevulnerableUse After Free in GitHub repository vim/vim prior to 8.2.4979. ...
CVE-2022-1771vulnerablevulnerablevulnerablevulnerableUncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. ...
CVE-2022-1769vulnerablevulnerablevulnerablevulnerableBuffer Over-read in GitHub repository vim/vim prior to 8.2.4974. ...
CVE-2022-1735vulnerablevulnerablevulnerablevulnerableClassic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969 ...
CVE-2022-1733vulnerablevulnerablevulnerablevulnerableHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ...
CVE-2022-1725vulnerablevulnerablevulnerablevulnerableNULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.495 ...
CVE-2022-1674vulnerablevulnerablevulnerablevulnerableNULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ...
CVE-2022-1629vulnerablevulnerablevulnerablevulnerableBuffer Over-read in function find_next_quote in GitHub repository vim/ ...
CVE-2022-1620vulnerablevulnerablevulnerablevulnerableNULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ...
CVE-2017-1000382vulnerablevulnerablevulnerablevulnerableVIM version 8.0.1187 (and other versions most likely) ignores umask wh ...
CVE-2008-4677vulnerablevulnerablevulnerablevulnerableautoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions ...

Resolved issues

BugDescription
CVE-2022-1160heap buffer overflow in get_one_sourceline in GitHub repository vim/vi ...
CVE-2022-0128vim is vulnerable to Out-of-bounds Read ...
CVE-2021-3875vim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3796vim is vulnerable to Use After Free ...
CVE-2021-3778vim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3770vim is vulnerable to Heap-based Buffer Overflow ...
CVE-2019-20807In Vim before 8.1.0881, users can circumvent the rvim restricted mode ...
CVE-2019-20079The autocmd feature in window.c in Vim before 8.1.2136 accesses freed ...
CVE-2019-12735getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote ...
CVE-2018-20786libvterm through 0+bzr726, as used in Vim and other products, mishandl ...
CVE-2017-17087fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp f ...
CVE-2017-11109Vim 8.0 allows attackers to cause a denial of service (invalid free) o ...
CVE-2017-6350An integer overflow at an unserialize_uep memory allocation site would ...
CVE-2017-6349An integer overflow at a u_read_undo memory allocation site would occu ...
CVE-2017-5953vim before patch 8.0.0322 does not properly validate values for tree l ...
CVE-2016-1248vim before patch 8.0.0056 does not properly validate values for the 'f ...
CVE-2010-3914Untrusted search path vulnerability in VIM Development Group GVim befo ...
CVE-2009-0316Untrusted search path vulnerability in src/if_python.c in the Python i ...
CVE-2008-6235The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted a ...
CVE-2008-4101Vim 3.0 through 7.x before 7.2.010 does not properly escape characters ...
CVE-2008-3432Heap-based buffer overflow in the mch_expand_wildcards function in os_ ...
CVE-2008-3294src/configure.in in Vim 5.0 through 7.1, when used for a build with Py ...
CVE-2008-3076The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted ...
CVE-2008-3075The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ...
CVE-2008-3074The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ...
CVE-2008-2712Vim 7.1.314, 6.4, and other versions allows user-assisted remote attac ...
CVE-2007-2953Format string vulnerability in the helptags_one function in src/ex_cmd ...
CVE-2007-2438The sandbox for vim allows dangerous functions such as (1) writefile, ...
CVE-2005-2368vim 6.3 before 6.3.082, with modelines enabled, allows external user-a ...
CVE-2005-0069The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local user ...
CVE-2004-1138VIM before 6.3 and gVim before 6.3 allow local users to execute arbitr ...
CVE-2002-1377vim 6.0 and 6.1, and possibly other versions, allows attackers to exec ...

Security announcements

DSA / DLADescription
DLA-3053-1vim - security update
DLA-3011-1vim - security update
DLA-2947-1vim - security update
DLA-2876-1vim - security update
DLA-1871-1vim - security update
DSA-4467-2vim - regression update
DSA-4467-1vim - security update
DLA-1030-1vim - security update
DLA-850-1vim - security update
DSA-3786-1vim - security update
DLA-822-1vim - security update
DSA-3722-1vim - security update
DLA-718-1vim - security update
DSA-1733-1vim - multiple vulnerabilities
DSA-1364-2vim - several vulnerabilities
DSA-1364-1vim

Search for package or bug name: Reporting problems