CLSA-2026-1779436673

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1779436673.json

JSON Data

https://api.test.osv.dev/v1/vulns/CLSA-2026-1779436673

Upstream

CVE-2026-42307

Published

2026-05-22T07:58:00Z

Modified

2026-05-27T11:18:18.550018157Z

Summary

vim: Fix of CVE-2026-42307

Details

CVE-2026-42307: fix shell-injection in netrw via crafted sftp:// and file:// URLs by escaping the tempfile name and restricting the filename-suffix regex to word characters (runtime/autoload/netrw.vim, upstream patch 9.2.0383)

References

https://errata.tuxcare.com/els_os/centos-stream8els/CLSA-2026-1779436673.html

Affected packages

TuxCare:CentOS-Stream:8

vim-X11

Package

Name: vim-X11
Purl: pkg:rpm/tuxcare/vim-X11?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.0.1763-19.el8.4.tuxcare.els15

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1779436673.json"

vim-common

Package

Name: vim-common
Purl: pkg:rpm/tuxcare/vim-common?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.0.1763-19.el8.4.tuxcare.els15

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1779436673.json"

vim-enhanced

Package

Name: vim-enhanced
Purl: pkg:rpm/tuxcare/vim-enhanced?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.0.1763-19.el8.4.tuxcare.els15

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1779436673.json"

vim-filesystem

Package

Name: vim-filesystem
Purl: pkg:rpm/tuxcare/vim-filesystem?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.0.1763-19.el8.4.tuxcare.els15

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1779436673.json"

vim-minimal

Package

Name: vim-minimal
Purl: pkg:rpm/tuxcare/vim-minimal?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.0.1763-19.el8.4.tuxcare.els15

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1779436673.json"