Release date:
2026-05-05 01:13:07 UTC
Description:
- CVE-2026-35177: fix path traversal bypass in zip.vim by using simplify() to
detect attacks that circumvent the previous regex-only check
- CVE-2026-39881: fix command injection in netbeans interface via unsanitized
defineAnnoType and specialKeys parameters
Updated packages:
-
vim-X11-8.2.2637-22.el9_2.1.tuxcare.els18.x86_64.rpm
sha:baaa3326aadd8cf57014beda02356488ffe5ccd46ee7b292cc0cbc9322a65218
-
vim-common-8.2.2637-22.el9_2.1.tuxcare.els18.x86_64.rpm
sha:d162b3515d337fe00e86545f3a526d22bb33d3c6d4f5646d947e8fab78254563
-
vim-enhanced-8.2.2637-22.el9_2.1.tuxcare.els18.x86_64.rpm
sha:3594802a99fa97cbcef214b35857f93a0c711a2820e47af5b18a91bb25fd9394
-
vim-filesystem-8.2.2637-22.el9_2.1.tuxcare.els18.noarch.rpm
sha:7765f04d97ce7c9034f98580fafbb4a6ec3ef337267aba50f0da79114665e3aa
-
vim-minimal-8.2.2637-22.el9_2.1.tuxcare.els18.x86_64.rpm
sha:ccd177528c9efc0d9eede8ab1a539654974682919581497e350cfa7fea16fafc
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
