Debian Neovim vulnerabilities

5 known vulnerabilities affecting debian/neovim.

Total CVEs
5
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2

Vulnerabilities

Page 1 of 1
CVE-2019-12735HIGHCVSS 8.6PoCfixed in neovim 0.3.4-3 (bookworm)2019
CVE-2019-12735 [HIGH] CVE-2019-12735: neovim - getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers... getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. Scope: local bookworm: resolved (fixed in 0.3.4-3) bullseye: resolved (fixed in 0.3.4-3) forky: resolved (fixed in 0.3.4-3) sid: resolved
debian
CVE-2017-5953CRITICALCVSS 9.8fixed in neovim 0.1.7-4 (bookworm)2017
CVE-2017-5953 [CRITICAL] CVE-2017-5953: neovim - vim before patch 8.0.0322 does not properly validate values for tree length when... vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow. Scope: local bookworm: resolved (fixed in 0.1.7-4) bullseye: resolved (fixed in 0.1.7-4) forky: resolved (fixed in 0.1.7-4) sid: resolved (fixed in 0.1.7-4) trixi
debian
CVE-2017-6350CRITICALCVSS 9.8fixed in neovim 0.1.7-4 (bookworm)2017
CVE-2017-6350 [CRITICAL] CVE-2017-6350: neovim - An integer overflow at an unserialize_uep memory allocation site would occur for... An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. Scope: local bookworm: resolved (fixed in 0.1.7-4) bullseye: resolved (fixed in 0.1.7-4) forky: resolved (fixed in 0.1.7-
debian
CVE-2017-6349CRITICALCVSS 9.8fixed in neovim 0.1.7-4 (bookworm)2017
CVE-2017-6349 [CRITICAL] CVE-2017-6349: neovim - An integer overflow at a u_read_undo memory allocation site would occur for vim ... An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. Scope: local bookworm: resolved (fixed in 0.1.7-4) bullseye: resolved (fixed in 0.1.7-4) forky: resolved (fixed in 0.1.7-4) si
debian
CVE-2016-1248HIGHCVSS 7.8PoCfixed in neovim 0.1.6-4 (bookworm)2016
CVE-2016-1248 [HIGH] CVE-2016-1248: neovim - vim before patch 8.0.0056 does not properly validate values for the 'filetype', ... vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. Scope: local bookworm: resolved (fixed in 0.1.6-4) bullseye: resolved (fixed in 0.1.6-4) forky: resolved (fixed in 0.1.6-4) sid: resolved (fixed in 0.1.6
debian