漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Path traversal issue with zip.vim in Vim
Vulnerability Description
Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed in 9.2.0280.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Vim 路径遍历漏洞
Vulnerability Description
Vim是Vim开源的一款跨平台的文本编辑器。 Vim 9.2.0280之前版本存在路径遍历漏洞,该漏洞源于zip.vim插件存在路径遍历绕过问题,可能导致打开特制zip存档时覆盖任意文件。
CVSS Information
N/A
Vulnerability Type
N/A