RHSA-2016:2972

Affecting vim-minimal package, versions <2:7.4.160-1.el7_3.1

Report new vulnerabilities
medium severity
Do your applications use this vulnerable package? Test your applications

Overview

Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim. (CVE-2016-1248)

CVE
RHSA-2016:2972
Snyk ID
SNYK-CENTOS7-VIMMINIMAL-268041
Published
27 Jun, 2018