CLSA-2026-1779694105

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1779694105

Upstream

CVE-2026-42307

Published

2026-05-25T07:28:29Z

Modified

2026-06-04T09:46:50.268186005Z

Summary

Fix CVE(s): CVE-2026-42307

Details

SECURITY UPDATE: fix shell-injection in netrw via crafted sftp:// and file:// URLs by escaping the tempfile name and restricting the filename-suffix regex to word characters (runtime/autoload/netrw.vim, upstream patch 9.2.0383)
- debian/patches/CVE-2026-42307.patch: fix shell-injection in netrw via crafted sftp:// and file:// URLs by escaping the tempfile name and restricting the filename-suffix regex to word characters (runtime/autoload/netrw.vim, upstream patch 9.2.0383)
- CVE-2026-42307

References

https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2026-1779694105.html

Affected packages

TuxCare:Ubuntu:16.04

vim

Package

Name: vim
Purl: pkg:deb/tuxcare/vim?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-athena

Package

Name: vim-athena
Purl: pkg:deb/tuxcare/vim-athena?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-athena-py2

Package

Name: vim-athena-py2
Purl: pkg:deb/tuxcare/vim-athena-py2?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-common

Package

Name: vim-common
Purl: pkg:deb/tuxcare/vim-common?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-doc

Package

Name: vim-doc
Purl: pkg:deb/tuxcare/vim-doc?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-gnome

Package

Name: vim-gnome
Purl: pkg:deb/tuxcare/vim-gnome?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-gnome-py2

Package

Name: vim-gnome-py2
Purl: pkg:deb/tuxcare/vim-gnome-py2?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-gtk

Package

Name: vim-gtk
Purl: pkg:deb/tuxcare/vim-gtk?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-gtk-py2

Package

Name: vim-gtk-py2
Purl: pkg:deb/tuxcare/vim-gtk-py2?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-gtk3

Package

Name: vim-gtk3
Purl: pkg:deb/tuxcare/vim-gtk3?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-gtk3-py2

Package

Name: vim-gtk3-py2
Purl: pkg:deb/tuxcare/vim-gtk3-py2?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-gui-common

Package

Name: vim-gui-common
Purl: pkg:deb/tuxcare/vim-gui-common?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-nox

Package

Name: vim-nox
Purl: pkg:deb/tuxcare/vim-nox?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-nox-py2

Package

Name: vim-nox-py2
Purl: pkg:deb/tuxcare/vim-nox-py2?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-runtime

Package

Name: vim-runtime
Purl: pkg:deb/tuxcare/vim-runtime?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"

vim-tiny

Package

Name: vim-tiny
Purl: pkg:deb/tuxcare/vim-tiny?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3:7.4.1689-3ubuntu1.5+tuxcare.els64

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779694105.json"