VDB

ALPINE-CVE-2016-1248

ALPINE-CVE-2016-1248 PUBLISHED CVSS 7.800000190734863 HIGH

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.

Risk Scores

CVSS 3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.18vim7.3.112-r0, 0, 7.2.284-r0
Alpine:v3.22vim7.2.394-r1, 7.3.401-r0, 7.3.364-r0
Alpine:v3.10vim8.0.0027-r0, 0, 7.2.284-r0
Alpine:v3.17vim0, 7.2.284-r0, 7.2.411-r0
Alpine:v3.7vim7.3.434-r0, 7.2.284-r0, 7.2.394-r0
Alpine:v3.23vim7.3.333-r0, 8.0.0027-r0, 8.0.0008-r0
Alpine:v3.14vim8.0.0027-r0, 8.0.0008-r0, 8.0.0003-r0
Alpine:v3.5vim7.3.266-r0, 7.3.547-r0, 7.3.600-r0
Alpine:v3.20vim7.4.1831-r1, 7.4.2028-r0, 7.4.712-r0
Alpine:v3.13vim0, 8.0.0027-r0, 8.0.0008-r0
Alpine:v3.21vim7.2.394-r0, 7.2.394-r1, 7.2.411-r0
Alpine:v3.12vim7.3.692-r0, 0, 7.2.284-r0
Alpine:v3.8vim7.3.659-r0, 8.0.0027-r0, 8.0.0008-r0
Alpine:v3.4vim0, 7.2.284-r0, 7.2.394-r1
Alpine:v3.19vim7.4.712-r1, 8.0.0027-r0, 8.0.0008-r0
Alpine:v3.15vim7.4.1831-r0, 7.4.1831-r1, 7.4.2028-r0
Alpine:v3.3vim7.2.284-r0, 7.4.943-r3, 7.4.943-r2
Alpine:v3.2vim7.3.82-r0, 0, 7.2.394-r0
Alpine:v3.16vim0, 7.2.284-r0, 7.2.394-r0
Alpine:v3.11vim7.3.112-r1, 7.3.112-r0, 7.3.1070-r0

…and 2 more

Timeline

  • Nov 23, 2016 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch
Open in Interactive Console →
$ Console Community · 100/wk Open console ›