VDB
DEBIAN-CVE-2017-1000382
DEBIAN-CVE-2017-1000382
PUBLISHED
CVSS 5.5 MEDIUM
VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.
Risk Scores
CVSS 3.0
5.5
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | vim | 9.2.0218-1, 0, 9.1.1230-2 |
| Debian:13 | vim | *, 2:9.2.0218-1, 2:9.2.0315-1 |
| Debian:12 | vim | 2:9.1.0698-1, 2:9.1.0709-1, 2:9.1.0709-2 |
| Debian:11 | vim | 0, 8.2.2434-3, 8.2.2434-3 |
Exploit Intelligence
- glcve_test.go (github-poc)
Timeline
- Oct 31, 2017 CVE Published
- Apr 28, 2026 CVE Updated