Issued at: 2025-10-12
Updated at: 2025-10-15
Synopsis
Moderate: vim security update
Description
Vim (Vi IMproved) is an updated and improved version of the vi editor.
Security Fix(es):
* vim: Vim path traversal (CVE-2025-53906)
* vim: Vim path traversial (CVE-2025-53905)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 8 aarch64
Rocky Linux 8 x86_64
Fixes
2380360
2380362
CVEs
CVE-2025-53905
CVE-2025-53906
Affected packages
Rocky Linux 8 x86_64 - BaseOS
vim-2:8.0.1763-21.el8_10.src.rpm
vim-debuginfo-2:8.0.1763-21.el8_10.x86_64.rpm
vim-debugsource-2:8.0.1763-21.el8_10.x86_64.rpm
vim-minimal-2:8.0.1763-21.el8_10.x86_64.rpm
vim-minimal-debuginfo-2:8.0.1763-21.el8_10.x86_64.rpm
Rocky Linux 8 aarch64 - BaseOS
vim-2:8.0.1763-21.el8_10.src.rpm
vim-debuginfo-2:8.0.1763-21.el8_10.aarch64.rpm
vim-debugsource-2:8.0.1763-21.el8_10.aarch64.rpm
vim-minimal-2:8.0.1763-21.el8_10.aarch64.rpm
vim-minimal-debuginfo-2:8.0.1763-21.el8_10.aarch64.rpm
Rocky Linux 8 aarch64 - AppStream
vim-common-2:8.0.1763-21.el8_10.aarch64.rpm
vim-common-debuginfo-2:8.0.1763-21.el8_10.aarch64.rpm
vim-enhanced-2:8.0.1763-21.el8_10.aarch64.rpm
vim-enhanced-debuginfo-2:8.0.1763-21.el8_10.aarch64.rpm
vim-filesystem-2:8.0.1763-21.el8_10.noarch.rpm
vim-X11-2:8.0.1763-21.el8_10.aarch64.rpm
vim-X11-debuginfo-2:8.0.1763-21.el8_10.aarch64.rpm
Rocky Linux 8 x86_64 - AppStream
vim-common-2:8.0.1763-21.el8_10.x86_64.rpm
vim-common-debuginfo-2:8.0.1763-21.el8_10.x86_64.rpm
vim-enhanced-2:8.0.1763-21.el8_10.x86_64.rpm
vim-enhanced-debuginfo-2:8.0.1763-21.el8_10.x86_64.rpm
vim-filesystem-2:8.0.1763-21.el8_10.noarch.rpm
vim-X11-2:8.0.1763-21.el8_10.x86_64.rpm
vim-X11-debuginfo-2:8.0.1763-21.el8_10.x86_64.rpm