CLSA-2026-1779356802
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1779356802.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1779356802
- Upstream
- Published
- 2026-05-21T09:46:46Z
- Modified
- 2026-06-01T00:33:14.738789324Z
- Summary
- vim: Fix of 21 CVEs
- Details
-
- CVE-2022-0572: heap overflow on vcol-overflow in :retab (upstream vim 8.2.4359)
- CVE-2022-0368: illegal memory access when undo makes Visual area invalid (upstream vim 8.2.4217)
- CVE-2022-0685: crash on multi-byte char in unix_expandpath() (upstream vim 8.2.4418)
- CVE-2022-2125: heap overflow in getlispindent() (upstream vim 8.2.5122)
- CVE-2022-2183: reading past end-of-line in lisp indenting (upstream vim 8.2.5151)
- CVE-2022-2124: reading past end-of-line in current_quote() (upstream vim 8.2.5120)
- CVE-2022-2344: heap overflow in inscompladd() (upstream vim 9.0.0046)
- CVE-2022-3256: use-after-free in movemark() when autocmd changes mark (upstream vim 9.0.0530)
- CVE-2023-4752: heap use-after-free in inscomplget_exp() (upstream vim 9.0.1858)
- CVE-2022-2126: spell-suggest read past bad word (upstream vim 8.2.5123)
- CVE-2022-2946: use-after-free in do_tag() when tagfunc invalidates tagstack (upstream vim 9.0.0246)
- CVE-2022-1720: OOB read in getvisualtext() (upstream vim 8.2.4956)
- CVE-2022-3234: OOB write in op_replace() (upstream vim 9.0.0483)
- CVE-2023-0433: same_leader() read past end-of-line on short comment line (upstream vim 9.0.1225)
- CVE-2023-4781: heap-buffer-overflow in vimregsubboth() via nmatch underflow in :substitute, plus textlock guard in win_exchange() (upstream vim 9.0.1873)
- CVE-2022-0351: crash on deeply nested expression (upstream vim 8.2.4206)
- CVE-2022-2175: new_cmdpos leak across register insertion in getcmdline() (upstream vim 8.2.5148)
- CVE-2026-39881: netbeans command injection via crafted sign/highlight identifier + special-keys (upstream vim 9.2.0316)
- CVE-2021-4166: heap-buffer-overflow when clearing the argument list while it is being used (upstream vim 8.2.3884, with 8.2.2421 + 8.2.2463 prereqs for arglist_locked plumbing)
- CVE-2022-2343: heap-buffer-overflow in inscompladd_infercase() on long line with 'infercase' (upstream vim 9.0.0045)
- CVE-2022-3296: stack underflow in exfinally / exendtry when :finally lacks an enclosing :try (upstream vim 9.0.0577)
- References