Opened 3 weeks ago
Closed 3 weeks ago
#5877 closed enhancement (fixed)
vim-9.2.0078 (Security update)
| Reported by: | Bruce Dubbs | Owned by: | zeckma |
|---|---|---|---|
| Priority: | high | Milestone: | 13.1 |
| Component: | Book | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
# Summary
An OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using thescp:// protocol handler), an attacker can execute arbitrary shell commands with the privileges
of the Vim process.
Change History (4)
comment:1 by , 3 weeks ago
comment:2 by , 3 weeks ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
Ensure that commit was pushed in LFS. I'll handle the SA.
comment:3 by , 3 weeks ago
Security fixes
Rating: Medium
- CVE-2026-28417 (Medium): OS Command Injection in
netrw - CVE-2026-28418 (Medium): Heap-based Buffer Overflow in Emacs tags parsing
- CVE-2026-28419 (Medium): Heap-based Buffer Underflow in Emacs tags parsing
- CVE-2026-28420 (Medium): Heap-based Buffer Overflow and OOB Read in
:terminal - CVE-2026-28421 (Medium): Heap-based Buffer Overflow / Improper Input Validation
- CVE-2026-28422 (Low): Stack-buffer-overflow in
build_stl_str_hl()
comment:4 by , 3 weeks ago
| Priority: | normal → high |
|---|---|
| Resolution: | → fixed |
| Status: | assigned → closed |
SA-12.4-108 issued.
Note:
See TracTickets
for help on using tickets.
Fixed at commit 87c5aa4fed.
Leaving open for sa