glvd logo
glvd logo
Garden Linux Vulnerability Database
CVE Description

"VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file (\"[ORIGINAL_FILENAME].swp\") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary."

Metadata

Vulnerability Status Published Date Modified Date Ingested Date
Deferred 2017-10-31T20:29:00.263 2025-04-20T01:37:25.860 2025-04-20 01:37:25.86+00

CVSS Scores

CVSS Version Base Score DEB CVSS Severity Vector String
3.0 5.5 UNIMPORTANT CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2 2.1 UNIMPORTANT AV:L/AC:L/Au:N/C:P/I:N/A:N

Affected Linux Images

Distro Version Source Package Package Version Is Vulnerable Is fixed in Version
gardenlinux kvm-cilium-k3s-1605.0-490ed850 vim 2:9.1.0496-1+b1 true
gardenlinux kvm-gardener-1605.0-490ed850 vim 2:9.1.0496-1+b1 true
gardenlinux metal-cilium-k3s-osc-vhost-1605.0-490ed850 vim 2:9.1.0496-1+b1 true
gardenlinux metal-cilium-k3s-osc-1605.0-490ed850 vim 2:9.1.0496-1+b1 true
gardenlinux kvm-cilium-k3s-1721.0-9802b525 vim 2:9.1.0861-1 true
gardenlinux kvm-gardener-1721.0-9802b525 vim 2:9.1.0861-1 true
gardenlinux metal-cilium-k3s-osc-ucode-vhost-1721.0-9802b525 vim 2:9.1.0861-1 true
gardenlinux metal-cilium-k3s-osc-ucode-1721.0-9802b525 vim 2:9.1.0861-1 true
debian_linux 13 vim 2:9.1.1230-2 true
debian_linux 12 vim 2:9.0.1378-2+deb12u2 true
gardenlinux metal-cilium-k3s-osc-router-ucode-1721.0-9802b525 vim 2:9.1.0861-1 true
gardenlinux kvm-cilium-k3s-1862.0-6be879c6 vim 2:9.1.1230-1 true
gardenlinux kvm-gardener-1862.0-6be879c6 vim 2:9.1.1230-1 true
gardenlinux pt-gardener-nvgpu-1862.0-6be879c6 vim 2:9.1.1230-1 true
gardenlinux metal-cilium-k3s-osc-ucode-vhost-1862.0-6be879c6 vim 2:9.1.1230-1 true
gardenlinux metal-cilium-k3s-osc-ucode-1862.0-6be879c6 vim 2:9.1.1230-1 true
gardenlinux metal-cilium-k3s-osc-router-ucode-1862.0-6be879c6 vim 2:9.1.1230-1 true
debian_linux 14 vim 2:9.1.2103-1 true