{"id":"CLSA-2022-1657182572","summary":"Fixed CVEs in vim: CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720","details":"- CVE-2022-2125: add checking for NUL to avoid running over the end of line\n- CVE-2022-1720: do not include the NUL in the length to avoid reading past end\n  of line with \"gf\" in Visual block mode\n- CVE-2022-2124: add checking for NUL to avoid running over the end of line\n- CVE-2022-2129: disallow switching buffers in a substitute expression to avoid\n  overruning destination buffer\n- CVE-2022-2126: do not decrement the index when it is zero","modified":"2026-05-27T11:33:16.293742469Z","published":"2022-07-07T08:29:32Z","upstream":["CVE-2022-1720","CVE-2022-2124","CVE-2022-2125","CVE-2022-2126","CVE-2022-2129"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/els6/CLSA-2022-1657182572.html"}],"affected":[{"package":{"name":"vim-X11","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/vim-X11?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:7.4.629-5.2.el6.tuxcare.els19"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2022-1657182572.json"}},{"package":{"name":"vim-common","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/vim-common?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:7.4.629-5.2.el6.tuxcare.els19"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2022-1657182572.json"}},{"package":{"name":"vim-enhanced","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/vim-enhanced?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:7.4.629-5.2.el6.tuxcare.els19"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2022-1657182572.json"}},{"package":{"name":"vim-filesystem","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/vim-filesystem?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:7.4.629-5.2.el6.tuxcare.els19"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2022-1657182572.json"}},{"package":{"name":"vim-minimal","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/vim-minimal?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:7.4.629-5.2.el6.tuxcare.els19"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2022-1657182572.json"}}],"schema_version":"1.7.5"}