CLSA-2026-1777889241

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777889241.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1777889241

Upstream

CVE-2026-35177

CVE-2026-39881

Published

2026-05-04T10:07:26Z

Modified

2026-06-01T00:32:51.122246720Z

Summary

vim: Fix of 2 CVEs

Details

CVE-2026-35177: fix path traversal bypass in zip.vim by using simplify() to detect attacks that circumvent the previous regex-only check
CVE-2026-39881: fix command injection in netbeans interface via unsanitized defineAnnoType and specialKeys parameters

References

https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1777889241.html

Affected packages

TuxCare:AlmaLinux:9.6

vim-X11

Package

Name: vim-X11
Purl: pkg:rpm/tuxcare/vim-X11?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.2.2637-22.el9_6.1.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777889241.json"

vim-common

Package

Name: vim-common
Purl: pkg:rpm/tuxcare/vim-common?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.2.2637-22.el9_6.1.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777889241.json"

vim-enhanced

Package

Name: vim-enhanced
Purl: pkg:rpm/tuxcare/vim-enhanced?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.2.2637-22.el9_6.1.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777889241.json"

vim-filesystem

Package

Name: vim-filesystem
Purl: pkg:rpm/tuxcare/vim-filesystem?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.2.2637-22.el9_6.1.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777889241.json"

vim-minimal

Package

Name: vim-minimal
Purl: pkg:rpm/tuxcare/vim-minimal?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.2.2637-22.el9_6.1.tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777889241.json"