VDB
ALPINE-CVE-2016-1248
ALPINE-CVE-2016-1248
PUBLISHED
CVSS 7.800000190734863 HIGH
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
Risk Scores
CVSS 3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.18 | vim | 7.3.112-r0, 0, 7.2.284-r0 |
| Alpine:v3.22 | vim | 7.2.394-r1, 7.3.401-r0, 7.3.364-r0 |
| Alpine:v3.10 | vim | 8.0.0027-r0, 0, 7.2.284-r0 |
| Alpine:v3.17 | vim | 0, 7.2.284-r0, 7.2.411-r0 |
| Alpine:v3.7 | vim | 7.3.434-r0, 7.2.284-r0, 7.2.394-r0 |
| Alpine:v3.23 | vim | 7.3.333-r0, 8.0.0027-r0, 8.0.0008-r0 |
| Alpine:v3.14 | vim | 8.0.0027-r0, 8.0.0008-r0, 8.0.0003-r0 |
| Alpine:v3.5 | vim | 7.3.266-r0, 7.3.547-r0, 7.3.600-r0 |
| Alpine:v3.20 | vim | 7.4.1831-r1, 7.4.2028-r0, 7.4.712-r0 |
| Alpine:v3.13 | vim | 0, 8.0.0027-r0, 8.0.0008-r0 |
| Alpine:v3.21 | vim | 7.2.394-r0, 7.2.394-r1, 7.2.411-r0 |
| Alpine:v3.12 | vim | 7.3.692-r0, 0, 7.2.284-r0 |
| Alpine:v3.8 | vim | 7.3.659-r0, 8.0.0027-r0, 8.0.0008-r0 |
| Alpine:v3.4 | vim | 0, 7.2.284-r0, 7.2.394-r1 |
| Alpine:v3.19 | vim | 7.4.712-r1, 8.0.0027-r0, 8.0.0008-r0 |
| Alpine:v3.15 | vim | 7.4.1831-r0, 7.4.1831-r1, 7.4.2028-r0 |
| Alpine:v3.3 | vim | 7.2.284-r0, 7.4.943-r3, 7.4.943-r2 |
| Alpine:v3.2 | vim | 7.3.82-r0, 0, 7.2.394-r0 |
| Alpine:v3.16 | vim | 0, 7.2.284-r0, 7.2.394-r0 |
| Alpine:v3.11 | vim | 7.3.112-r1, 7.3.112-r0, 7.3.1070-r0 |
…and 2 more
Timeline
- Nov 23, 2016 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch