CVE-2025-27423

High CVSS: 7.1

Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164

Vendor

Vim

Product

Vim

CWE

CWE-77

Yayın Tarihi

2025-03-03 17:15:15

Güncelleme

2025-08-18 18:20:37

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-77 Vim HIGH Vim 2025

Referanslar

https://github.com/vim/vim/commit/129a8446d23cd9cb4445fcfea259cba5e0487d29 https://github.com/vim/vim/commit/334a13bff78aa0ad206bc436885f63e3a0bab399 https://github.com/vim/vim/security/advisories/GHSA-wfmf-8626-q3r3 https://security.netapp.com/advisory/ntap-20250502-0002/

Benzer Kayıtlar

Critical

CVE-2026-34714

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configurat…

Medium

CVE-2026-33412

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in…

Medium

CVE-2026-32249

Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encoun…

Medium

CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds r…

Medium

CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim'…

Medium

CVE-2026-28420

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an ou…