4 matches found
Security update for vim
This update for vim fixes the following issues CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim...
Security update for vim (important)
openSUSE security update: security update for vim ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20828-1 Rating: important References: bsc1261833 bsc1262395 bsc1264706 bsc1264707 bsc1264708 bsc1265349 bsc1265360 Cross-References: CVE-2026-39881...
CLSA-2026-1779371406 vim: Fix of CVE-2026-42307
CVE-2026-42307: fix shell injection in netrw via the tempfile suffix when reading sftp:// or file:// URLs by escaping the tempfile and restricting the suffix regex to word characters...
CLSA-2026-1779694105 Fix CVE(s): CVE-2026-42307
SECURITY UPDATE: fix shell-injection in netrw via crafted sftp:// and file:// URLs by escaping the tempfile name and restricting the filename-suffix regex to word characters runtime/autoload/netrw.vim, upstream patch 9.2.0383 - debian/patches/CVE-2026-42307.patch: fix shell-injection in netrw via...