vim (SUSE:Linux Enterprise Desktop 12 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Desktop 12 SP2 package vim, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2017-5953 — CVSS 9.8 (critical): vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer…
CVE-2017-6349 — CVSS 9.8 (critical): An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate…
CVE-2017-6350 — CVSS 9.8 (critical): An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly…
CVE-2016-1248 — CVSS 7.8 (high): vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the…