{"id":"CLSA-2025-1761845210","summary":"Fix CVE(s): CVE-2022-1733, CVE-2022-1796, CVE-2022-1886, CVE-2022-3016","details":"   * SECURITY UPDATE: Heap-based Buffer Overflow\n   - debian/patches/CVE-2022-1733.patch: Check for NUL to prevent\n     reading past end of the line when C-indenting\n   - CVE-2022-1733\n   * SECURITY UPDATE: Use After Free\n   - debian/patches/CVE-2022-1796.patch: Fix accessing freed memory when line\n     is flushed by making a copy of the search pattern\n   - CVE-2022-1796\n   * SECURITY UPDATE: Heap-based Buffer Overflow\n   - debian/patches/CVE-2022-1886.patch: Check the length is more than zero\n     to fix access before start of text with a put command\n   - CVE-2022-1886\n   * SECURITY UPDATE: Use After Free\n   - debian/patches/CVE-2022-3016.patch: Return QF_ABORT when location\n     list changed in autocmd\n   - CVE-2022-3016","modified":"2026-06-04T09:45:04.575077947Z","published":"2025-10-30T18:06:08Z","upstream":["CVE-2022-1733","CVE-2022-1796","CVE-2022-1886","CVE-2022-3016"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/debian10els/CLSA-2025-1761845210.html"}],"affected":[{"package":{"name":"vim","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"vim-athena","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim-athena?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"vim-common","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim-common?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"vim-doc","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim-doc?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"vim-gtk","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim-gtk?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"vim-gtk3","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim-gtk3?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"vim-gui-common","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim-gui-common?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"vim-nox","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim-nox?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"vim-runtime","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim-runtime?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"vim-tiny","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/vim-tiny?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}},{"package":{"name":"xxd","ecosystem":"TuxCare:Debian:10","purl":"pkg:deb/tuxcare/xxd?distro=debian-10"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:8.1.0875-5+deb10u6+tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2025-1761845210.json"}}],"schema_version":"1.7.5"}