Information on source package vim

Available versions

ReleaseVersion
buster2:8.1.0875-5+deb10u2
buster (security)2:8.1.0875-5+deb10u4
bullseye2:8.2.2434-3+deb11u1
bookworm2:9.0.0813-1
sid2:9.0.0813-1

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2022-4141vulnerablevulnerable (no DSA)vulnerablevulnerableHeap based buffer overflow in vim/vim 9.0.0946 and below by allowing a ...
CVE-2022-3324fixedvulnerable (no DSA)fixedfixedStack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-3134fixedvulnerable (no DSA)fixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0389. ...
CVE-2022-3099fixedvulnerable (no DSA)fixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0360. ...
CVE-2022-2304fixedvulnerable (no DSA)fixedfixedStack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2129fixedvulnerable (no DSA)fixedfixedOut-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2000fixedvulnerable (no DSA)fixedfixedOut-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1942fixedvulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1897fixedvulnerable (no DSA)fixedfixedOut-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1785fixedvulnerable (no DSA)fixedfixedOut-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. ...
CVE-2022-1616fixedvulnerable (no DSA)fixedfixedUse after free in append_command in GitHub repository vim/vim prior to ...
CVE-2022-0572fixedvulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0417fixedvulnerable (no DSA)fixedfixedHeap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0392fixedvulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim prior to 8.2. ...
CVE-2022-0361fixedvulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0359fixedvulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0351fixedvulnerable (no DSA)fixedfixedAccess of Memory Location Before Start of Buffer in GitHub repository ...
CVE-2022-0261fixedvulnerable (no DSA)fixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2021-4187fixedvulnerable (no DSA)fixedfixedvim is vulnerable to Use After Free ...
CVE-2021-4173fixedvulnerable (no DSA)fixedfixedvim is vulnerable to Use After Free ...
CVE-2021-4019fixedvulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3872fixedvulnerable (no DSA)fixedfixedvim is vulnerable to Heap-based Buffer Overflow ...

Open unimportant issues

BugbusterbullseyebookwormsidDescription
CVE-2022-3705fixedvulnerablefixedfixedA vulnerability was found in vim and classified as problematic. Affect ...
CVE-2022-3352fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0614. ...
CVE-2022-3297vulnerablevulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0579. ...
CVE-2022-3296vulnerablevulnerablefixedfixedStack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-3278vulnerablevulnerablefixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.055 ...
CVE-2022-3256fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0530. ...
CVE-2022-3235fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0490. ...
CVE-2022-3234fixedvulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...
CVE-2022-3153vulnerablevulnerablefixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.040 ...
CVE-2022-3037fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0322. ...
CVE-2022-3016vulnerablevulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0286. ...
CVE-2022-2982fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0260. ...
CVE-2022-2980vulnerablevulnerablefixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.025 ...
CVE-2022-2946fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0246. ...
CVE-2022-2923vulnerablevulnerablefixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.024 ...
CVE-2022-2889vulnerablevulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0225. ...
CVE-2022-2874vulnerablevulnerablefixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.022 ...
CVE-2022-2862fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0221. ...
CVE-2022-2849vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...
CVE-2022-2845vulnerablevulnerablefixedfixedBuffer Over-read in GitHub repository vim/vim prior to 9.0.0218. ...
CVE-2022-2819fixedvulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...
CVE-2022-2817fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0213. ...
CVE-2022-2816vulnerablevulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. ...
CVE-2022-2598fixedvulnerablefixedfixedUndefined Behavior for Input to API in GitHub repository vim/vim prior ...
CVE-2022-2581vulnerablevulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. ...
CVE-2022-2571fixedvulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...
CVE-2022-2522vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...
CVE-2022-2345vulnerablevulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0.0046. ...
CVE-2022-2344vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...
CVE-2022-2343vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...
CVE-2022-2289vulnerablevulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2287vulnerablevulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2286vulnerablevulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2285fixedvulnerablefixedfixedInteger Overflow or Wraparound in GitHub repository vim/vim prior to 9 ...
CVE-2022-2284vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2264vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2257vulnerablevulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-2231vulnerablevulnerablefixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2210vulnerablevulnerablefixedfixedOut-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2208vulnerablevulnerablefixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.516 ...
CVE-2022-2207vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2206vulnerablevulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2183vulnerablevulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2182vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2175vulnerablevulnerablefixedfixedBuffer Over-read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2126vulnerablevulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2125vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2124vulnerablevulnerablefixedfixedBuffer Over-read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-2042vulnerablevulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1968fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1927vulnerablevulnerablefixedfixedBuffer Over-read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1898fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1886vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1851fixedvulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-1796vulnerablevulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 8.2.4979. ...
CVE-2022-1771vulnerablevulnerablefixedfixedUncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. ...
CVE-2022-1769vulnerablevulnerablefixedfixedBuffer Over-read in GitHub repository vim/vim prior to 8.2.4974. ...
CVE-2022-1735vulnerablevulnerablefixedfixedClassic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969 ...
CVE-2022-1733vulnerablevulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ...
CVE-2022-1725vulnerablevulnerablefixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.495 ...
CVE-2022-1720fixedvulnerablefixedfixedBuffer Over-read in function grab_file_name in GitHub repository vim/v ...
CVE-2022-1674vulnerablevulnerablefixedfixedNULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ...
CVE-2022-1629vulnerablevulnerablefixedfixedBuffer Over-read in function find_next_quote in GitHub repository vim/ ...
CVE-2022-1621fixedvulnerablefixedfixedHeap buffer overflow in vim_strncpy find_word in GitHub repository vim ...
CVE-2022-1620vulnerablevulnerablefixedfixedNULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ...
CVE-2022-1619fixedvulnerablefixedfixedHeap-based Buffer Overflow in function cmdline_erase_chars in GitHub r ...
CVE-2022-1420fixedvulnerablefixedfixedUse of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...
CVE-2022-1154fixedvulnerablefixedfixedUse after free in utf_ptr2char in GitHub repository vim/vim prior to 8 ...
CVE-2022-0943fixedvulnerablefixedfixedHeap-based Buffer Overflow occurs in vim in GitHub repository vim/vim ...
CVE-2022-0729fixedvulnerablefixedfixedUse of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...
CVE-2022-0714fixedvulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ...
CVE-2022-0696fixedvulnerablefixedfixedNULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.442 ...
CVE-2022-0685fixedvulnerablefixedfixedUse of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...
CVE-2022-0629fixedvulnerablefixedfixedStack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0554fixedvulnerablefixedfixedUse of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...
CVE-2022-0443fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0413fixedvulnerablefixedfixedUse After Free in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0408fixedvulnerablefixedfixedStack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0407fixedvulnerablefixedfixedHeap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0393fixedvulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0368fixedvulnerablefixedfixedOut-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...
CVE-2022-0319fixedvulnerablefixedfixedOut-of-bounds Read in vim/vim prior to 8.2. ...
CVE-2022-0318fixedvulnerablefixedfixedHeap-based Buffer Overflow in vim/vim prior to 8.2. ...
CVE-2022-0213fixedvulnerablefixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2022-0158fixedvulnerablefixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2022-0156fixedvulnerablefixedfixedvim is vulnerable to Use After Free ...
CVE-2021-4193fixedvulnerablefixedfixedvim is vulnerable to Out-of-bounds Read ...
CVE-2021-4192fixedvulnerablefixedfixedvim is vulnerable to Use After Free ...
CVE-2021-4166vulnerablevulnerablefixedfixedvim is vulnerable to Out-of-bounds Read ...
CVE-2021-4136fixedvulnerablefixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-4069fixedvulnerablefixedfixedvim is vulnerable to Use After Free ...
CVE-2021-3984fixedvulnerablefixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3974fixedvulnerablefixedfixedvim is vulnerable to Use After Free ...
CVE-2021-3973vulnerablevulnerablefixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3968fixedvulnerablefixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3928fixedvulnerablefixedfixedvim is vulnerable to Use of Uninitialized Variable ...
CVE-2021-3927fixedvulnerablefixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3903vulnerablevulnerablefixedfixedvim is vulnerable to Heap-based Buffer Overflow ...
CVE-2017-1000382vulnerablevulnerablevulnerablevulnerableVIM version 8.0.1187 (and other versions most likely) ignores umask wh ...
CVE-2008-4677vulnerablevulnerablevulnerablevulnerableautoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions ...

Resolved issues

BugDescription
CVE-2022-2580Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...
CVE-2022-2288Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. ...
CVE-2022-1381global heap buffer overflow in skip_range in GitHub repository vim/vim ...
CVE-2022-1160heap buffer overflow in get_one_sourceline in GitHub repository vim/vi ...
CVE-2022-0128vim is vulnerable to Out-of-bounds Read ...
CVE-2021-3875vim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3796vim is vulnerable to Use After Free ...
CVE-2021-3778vim is vulnerable to Heap-based Buffer Overflow ...
CVE-2021-3770vim is vulnerable to Heap-based Buffer Overflow ...
CVE-2019-20807In Vim before 8.1.0881, users can circumvent the rvim restricted mode ...
CVE-2019-20079The autocmd feature in window.c in Vim before 8.1.2136 accesses freed ...
CVE-2019-12735getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote ...
CVE-2018-20786libvterm through 0+bzr726, as used in Vim and other products, mishandl ...
CVE-2017-17087fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp f ...
CVE-2017-11109Vim 8.0 allows attackers to cause a denial of service (invalid free) o ...
CVE-2017-6350An integer overflow at an unserialize_uep memory allocation site would ...
CVE-2017-6349An integer overflow at a u_read_undo memory allocation site would occu ...
CVE-2017-5953vim before patch 8.0.0322 does not properly validate values for tree l ...
CVE-2016-1248vim before patch 8.0.0056 does not properly validate values for the 'f ...
CVE-2010-3914Untrusted search path vulnerability in VIM Development Group GVim befo ...
CVE-2009-0316Untrusted search path vulnerability in src/if_python.c in the Python i ...
CVE-2008-6235The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted a ...
CVE-2008-4101Vim 3.0 through 7.x before 7.2.010 does not properly escape characters ...
CVE-2008-3432Heap-based buffer overflow in the mch_expand_wildcards function in os_ ...
CVE-2008-3294src/configure.in in Vim 5.0 through 7.1, when used for a build with Py ...
CVE-2008-3076The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted ...
CVE-2008-3075The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ...
CVE-2008-3074The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, al ...
CVE-2008-2712Vim 7.1.314, 6.4, and other versions allows user-assisted remote attac ...
CVE-2007-2953Format string vulnerability in the helptags_one function in src/ex_cmd ...
CVE-2007-2438The sandbox for vim allows dangerous functions such as (1) writefile, ...
CVE-2005-2368vim 6.3 before 6.3.082, with modelines enabled, allows external user-a ...
CVE-2005-0069The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local user ...
CVE-2004-1138VIM before 6.3 and gVim before 6.3 allow local users to execute arbitr ...
CVE-2002-1377vim 6.0 and 6.1, and possibly other versions, allows attackers to exec ...

Security announcements

DSA / DLADescription
DLA-3204-1vim - security update
DLA-3182-1vim - security update
DLA-3053-1vim - security update
DLA-3011-1vim - security update
DLA-2947-1vim - security update
DLA-2876-1vim - security update
DLA-1871-1vim - security update
DSA-4467-2vim - regression update
DSA-4467-1vim - security update
DLA-1030-1vim - security update
DLA-850-1vim - security update
DSA-3786-1vim - security update
DLA-822-1vim - security update
DSA-3722-1vim - security update
DLA-718-1vim - security update
DSA-1733-1vim - multiple vulnerabilities
DSA-1364-2vim - several vulnerabilities
DSA-1364-1vim

Search for package or bug name: Reporting problems