Описание
Moderate: vim security update
Vim (Vi IMproved) is an updated and improved version of the vi editor.
Security Fix(es):
- vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode (CVE-2019-20807)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section.
Затронутые продукты
Rocky Linux 8
Связанные CVE
Исправления
- Red Hat - 1745476
- Red Hat - 1842658
Связанные уязвимости
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
In Vim before 8.1.0881, users can circumvent the rvim restricted mode ...