[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-34714/vim
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 31 19:33:12 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4c6f7a55 by Salvatore Bonaccorso at 2026-03-31T20:32:42+02:00
Update status for CVE-2026-34714/vim
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -237,7 +237,11 @@ CVE-2026-3321 (A vulnerability of authorization bypass through user-controlled k
NOT-FOR-US: ON24 Q&A chat
CVE-2026-34714 (Vim before 9.2.0272 allows code execution that happens immediately upo ...)
- vim <unfixed>
+ [trixie] - vim <not-affected> (Vulnerable code not present)
+ [bookworm] - vim <not-affected> (Vulnerable code not present)
+ [bullseye] - vim <not-affected> (Vulnerable code not present)
NOTE: https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh
+ NOTE: Introduced with: https://github.com/vim/vim/commit/be5bd4d6292fddcc103091407792730aaa48cc48 (v9.1.1391)
NOTE: Fixed by: https://github.com/vim/vim/commit/664701eb7576edb7c7c7d9f2d600815ec1f43459 (v9.2.0272)
CVE-2026-34472 (Unauthenticated credential disclosure in the wizard interface in ZTE Z ...)
NOT-FOR-US: ZTE
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c6f7a55ed681876e912b123983e914c3b5a6bbe
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c6f7a55ed681876e912b123983e914c3b5a6bbe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260331/077e2c80/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list