Out-of-bounds Write

vim:sid is vulnerable to Out-of-bounds Write. It causes a memory access error when substitute expression changes window...

CLSA-2022-1657182572 Fixed CVEs in vim: CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720

CVE-2022-2125: add checking for NUL to avoid running over the end of line - CVE-2022-1720: do not include the NUL in the length to avoid reading past end of line with "gf" in Visual block mode - CVE-2022-2124: add checking for NUL to avoid running over the end of line - CVE-2022-2129: disallow...

CVE-2022-1942

An out-of-bounds write vulnerability was found in Vim's vimregsubboth function in the src/regexp.c file. The flaw can open a command-line window from a substitute expression when a text or buffer is locked. This flaw allows an attacker to trick a user into opening a specially crafted file,...

CLSA-2022-1654525751 Fix CVE(s): CVE-2022-1796, CVE-2022-1785

SECURITY UPDATE: Memory access error when substitute expression changes window - debian/patches/CVE-2022-1785.patch: Disallow changing window in substitute expression - CVE-2022-1785 SECURITY UPDATE: Accessing freed memory when line is flushed - debian/patches/CVE-2022-1796.patch: Make a copy of...