CLSA-2026-1779583625 vim: Fix of CVE-2026-46483

CVE-2026-46483: fix command injection in tar plugin Vimuntar when decompressing .tgz archives by passing the special flag to shellescape upstream vim 9.2.0479...

CLSA-2026-1779583115 vim: Fix of CVE-2026-46483

CVE-2026-46483: fix command injection in tar plugin Vimuntar when decompressing .tgz archives by passing the special flag to shellescape upstream vim 9.2.0479...

CLSA-2026-1779582830 vim: Fix of CVE-2026-46483

CVE-2026-46483: fix command injection in tar plugin Vimuntar when decompressing .tgz archives by passing the special flag to shellescape upstream vim 9.2.0479...

Astra Linux - уязвимость в vim

Vim is an open-source, command-line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin could allow overwriting of arbitrary files when opening specially crafted tar archives. The impact is limited because this exploit requires direct user interaction. However,...

EulerOS Virtualization 2.12.0 : vim (EulerOS-SA-2026-1526)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow...

Path traversal issues in Vims tar.vim and zip.vim plugins

CVE-2025-53905 Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction...

EulerOS Virtualization 2.13.0 : vim (EulerOS-SA-2025-2603)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.1.2)

The version of AHV installed on the remote host is prior to AHV-10.3.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.1.2 advisory. - A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the...

EulerOS 2.0 SP12 : vim (EulerOS-SA-2025-2345)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow overwriting of...

TencentOS Server 3: vim (TSSA-2025:0778)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0778 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

SUSE-SU-2025:03300-1 Security update for vim

This update for vim fixes the following issues: Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin bsc1246604 - CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip bsc1246602 - CVE-2025-55157:...

Security update for vim

This update for vim fixes the following issues: Update to version 9.1.1629. CVE-2025-53905: Fixed a path traversal issue in tar.vim plugin that may allow for file overwriting when opening specially crafted tar files bsc1246604. CVE-2025-53906: Fixed a path traversal issue in zip.vim plugin that m...

Linux Distros Unpatched Vulnerability : CVE-2025-53905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim's tar.vim plugin can allow overwriting of arbitrary...

TencentOS Server 4: vim (TSSA-2025:0646)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0646 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Medium: vim

Issue Overview: Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim's tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction...

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2025-1138)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1138 advisory. Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim's tar.vim plugin can allow overwriting of arbitrary files when opening specially craft...

OESA-2025-1985 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

OESA-2025-1943 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

SUSE CVE-2025-53905

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim's tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...

AZL-65513 CVE-2025-53905 affecting package vim for versions less than 9.1.1552-1

Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successful...