StackPatch is live — CVE patch ops for indie SaaS, $99 lifetime founder seat (50 only).See product

Back to CVE digest

Package · vim

`vim` CVE matrix across Linux distros

1053 CVEs tracked across 13 distro releases. Showing the 200 most-recent fix records.

Ecosystems with tracked fixes

Alpine edgeAlpine v3.18Alpine v3.19Alpine v3.20Alpine v3.21Debian bookwormDebian bullseyeDebian trixieUbuntu bionicUbuntu focalUbuntu jammyUbuntu nobleUbuntu questing

Recent fix records

Each row links to the full per-CVE cross-distro view. Sorted most-recent first.

Debian bullseye

Source: Debian

CVE-2002-1377→ fixed in6.1.263-1
CVE-2004-1138→ fixed in1:6.3-046+0sarge1
CVE-2005-0069→ fixed in1:6.3-058+1
CVE-2005-2368→ fixed in1:6.3-085+1
CVE-2007-2438→ fixed in1:7.1-022+1
CVE-2007-2953→ fixed in1:7.1-056+1
CVE-2008-2712→ fixed in1:7.1.314-3
CVE-2008-3074→ fixed in2:7.2.010-1
+22 more in Debian bullseye

Single command to patch all of these:

sudo apt-get install --only-upgrade -y vim

Debian bookworm

Source: Debian

CVE-2002-1377→ fixed in6.1.263-1
CVE-2004-1138→ fixed in1:6.3-046+0sarge1
CVE-2005-0069→ fixed in1:6.3-058+1
CVE-2005-2368→ fixed in1:6.3-085+1
CVE-2007-2438→ fixed in1:7.1-022+1
CVE-2007-2953→ fixed in1:7.1-056+1
CVE-2008-2712→ fixed in1:7.1.314-3
CVE-2008-3074→ fixed in2:7.2.010-1
+32 more in Debian bookworm

Single command to patch all of these:

sudo apt-get install --only-upgrade -y vim

Debian trixie

Source: Debian

CVE-2002-1377→ fixed in6.1.263-1
CVE-2004-1138→ fixed in1:6.3-046+0sarge1
CVE-2005-0069→ fixed in1:6.3-058+1
CVE-2005-2368→ fixed in1:6.3-085+1
CVE-2007-2438→ fixed in1:7.1-022+1
CVE-2007-2953→ fixed in1:7.1-056+1
CVE-2008-2712→ fixed in1:7.1.314-3
CVE-2008-3074→ fixed in2:7.2.010-1
+32 more in Debian trixie

Single command to patch all of these:

sudo apt-get install --only-upgrade -y vim

Alpine v3.20

Source: Alpine secdb

CVE-2016-1248→ fixed in8.0.0056-r0
CVE-2017-5953→ fixed in8.0.0329-r0
CVE-2017-6349→ fixed in8.0.1521-r0
CVE-2017-6350→ fixed in8.0.1521-r0
CVE-2019-12735→ fixed in8.1.1365-r0
CVE-2021-3770→ fixed in8.2.3437-r0
CVE-2021-3778→ fixed in8.2.3437-r0
CVE-2021-3796→ fixed in8.2.3437-r0
+10 more in Alpine v3.20

Single command to patch all of these:

apk add --upgrade vim

Alpine v3.21

Source: Alpine secdb

CVE-2016-1248→ fixed in8.0.0056-r0
CVE-2017-5953→ fixed in8.0.0329-r0
CVE-2017-6349→ fixed in8.0.1521-r0
CVE-2017-6350→ fixed in8.0.1521-r0
CVE-2019-12735→ fixed in8.1.1365-r0
CVE-2021-3770→ fixed in8.2.3437-r0
CVE-2021-3778→ fixed in8.2.3437-r0
CVE-2021-3796→ fixed in8.2.3437-r0
+10 more in Alpine v3.21

Single command to patch all of these:

apk add --upgrade vim

Alpine edge

Source: Alpine secdb

CVE-2016-1248→ fixed in8.0.0056-r0
CVE-2017-5953→ fixed in8.0.0329-r0
CVE-2017-6349→ fixed in8.0.1521-r0
CVE-2017-6350→ fixed in8.0.1521-r0
CVE-2019-12735→ fixed in8.1.1365-r0
CVE-2021-3770→ fixed in8.2.3437-r0
CVE-2021-3778→ fixed in8.2.3437-r0
CVE-2021-3796→ fixed in8.2.3437-r0
+10 more in Alpine edge

Single command to patch all of these:

apk add --upgrade vim

Alpine v3.18

Source: Alpine secdb

CVE-2016-1248→ fixed in8.0.0056-r0
CVE-2017-5953→ fixed in8.0.0329-r0
CVE-2017-6349→ fixed in8.0.1521-r0
CVE-2017-6350→ fixed in8.0.1521-r0
CVE-2019-12735→ fixed in8.1.1365-r0
CVE-2021-3770→ fixed in8.2.3437-r0
CVE-2021-3778→ fixed in8.2.3437-r0
CVE-2021-3796→ fixed in8.2.3437-r0
+10 more in Alpine v3.18

Single command to patch all of these:

apk add --upgrade vim

Alpine v3.19

Source: Alpine secdb

CVE-2016-1248→ fixed in8.0.0056-r0
CVE-2017-5953→ fixed in8.0.0329-r0
CVE-2017-6349→ fixed in8.0.1521-r0
CVE-2017-6350→ fixed in8.0.1521-r0
CVE-2019-12735→ fixed in8.1.1365-r0
CVE-2021-3770→ fixed in8.2.3437-r0
CVE-2021-3778→ fixed in8.2.3437-r0
CVE-2021-3796→ fixed in8.2.3437-r0
+10 more in Alpine v3.19

Single command to patch all of these:

apk add --upgrade vim

Is YOUR vim patched?

5-second check on your actual server. The quickscan reads your installed vim version and matches against the same 1053-CVE catalog above.

curl https://mindsparkstack.com/scan.sh | bash

Form-based quickscan Continuous monitoring ($99 lifetime)