Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-u31g-svbe-h3as

Summary Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw. NOTE: the originally reported version was 7.1.314, but the researcher actually found this set of issues in 7.1.298. NOTE: the zipplugin issue (originally vector 2 in this identifier) has been subsumed by CVE-2008-3075.

Aliases

alias	CVE-2008-2712

Fixed_packages

url	pkg:deb/debian/vim@1:7.1.314-3?distro=trixie
purl	pkg:deb/debian/vim@1:7.1.314-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vim@1:7.1.314-3%3Fdistro=trixie

url pkg:deb/debian/vim@2:8.2.2434-3%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/vim@2:8.2.2434-3%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1d9p-66h6-fbar

vulnerability	VCID-1ef9-jhca-vfeg

vulnerability	VCID-1gst-ev7m-c3cj

vulnerability	VCID-1kbw-zfrc-w7gz

vulnerability	VCID-1kfp-e45g-budt

vulnerability	VCID-1kxn-f5y3-wfhg

vulnerability	VCID-1u4v-q5sa-uben

vulnerability	VCID-1wb3-q7mj-67eg

vulnerability	VCID-21th-v7zz-7fgx

vulnerability	VCID-2cad-1tff-d7bd

vulnerability	VCID-33vp-n2ex-eucn

vulnerability	VCID-37wt-gr46-3bfk

vulnerability	VCID-3jah-u714-m3gd

vulnerability	VCID-3n8u-q1fu-qbee

vulnerability	VCID-3t65-uwbj-abfh

vulnerability	VCID-44hm-r2z7-9kf9

vulnerability	VCID-466q-u5xw-w3g4

vulnerability	VCID-46bp-peus-qffx

vulnerability	VCID-4bz1-8c7q-ekfu

vulnerability	VCID-4c38-b6tw-ufd9

vulnerability	VCID-4gbu-7q6y-uyff

vulnerability	VCID-4n6v-zwra-vkda

vulnerability	VCID-569k-yq7a-mfdt

vulnerability	VCID-574e-1ack-pqff

vulnerability	VCID-5hjk-jbey-y7dj

vulnerability	VCID-68d3-j6xp-u3fw

vulnerability	VCID-6tph-4fts-mkds

vulnerability	VCID-71cb-u7jy-euc4

vulnerability	VCID-776a-wkg1-p7fq

vulnerability	VCID-77bk-xfwm-qbh3

vulnerability	VCID-79p5-rq7j-h3bx

vulnerability	VCID-7nat-nrts-dyau

vulnerability	VCID-7syq-qekh-cfc1

vulnerability	VCID-8337-c76a-gbde

vulnerability	VCID-85na-u24s-pfed

vulnerability	VCID-85z2-brt2-ubfa

vulnerability	VCID-864k-gdw7-gkcg

vulnerability	VCID-89zf-5yey-9bch

vulnerability	VCID-96sr-9kny-cbg6

vulnerability	VCID-9egw-bw85-x7f2

vulnerability	VCID-9gap-s1a9-aked

vulnerability	VCID-9wky-hnyq-7qe6

vulnerability	VCID-9xdf-m4d7-4ubt

vulnerability	VCID-a1d1-mbqa-x3ee

vulnerability	VCID-a3u1-4v99-93db

vulnerability	VCID-ah1v-nzqz-nbhv

vulnerability	VCID-ahu4-fduj-pkes

vulnerability	VCID-akgg-asjw-k7fe

vulnerability	VCID-apkm-mg6q-6kh8

vulnerability	VCID-aqts-gjq5-kbfc

vulnerability	VCID-aw2b-1g8c-qbfw

vulnerability	VCID-b749-1bpr-pqem

vulnerability	VCID-bb43-ykjv-tbas

vulnerability	VCID-bfj8-ev52-mbh1

vulnerability	VCID-bh1y-7m8f-hffe

vulnerability	VCID-bhjv-t75m-4bbs

vulnerability	VCID-bqp2-8xpn-h3d6

vulnerability	VCID-c3fd-ahn6-cygt

vulnerability	VCID-cdvg-q112-dbby

vulnerability	VCID-ckkg-gcdh-jqhd

vulnerability	VCID-cpvv-frpv-vqb4

vulnerability	VCID-crz8-sgq5-2qg9

vulnerability	VCID-d7rr-gwb7-xyfq

vulnerability	VCID-dc46-7wud-37c3

vulnerability	VCID-dc6a-q91z-pkhc

vulnerability	VCID-dvr5-sc2w-wkes

vulnerability	VCID-ead3-d3jj-ckfd

vulnerability	VCID-efmg-8rp8-fbcd

vulnerability	VCID-eg5f-mgrf-hff4

vulnerability	VCID-enyd-59nf-kkf7

vulnerability	VCID-ffjv-ucya-dyaz

vulnerability	VCID-frar-y25g-fkcr

vulnerability	VCID-fxs8-evy3-pyf6

vulnerability	VCID-gecw-77at-hkhf

vulnerability	VCID-gfqd-dgep-23h9

vulnerability	VCID-gmtk-gwvs-pugw

vulnerability	VCID-gmve-apcr-xqav

vulnerability	VCID-h5zu-mw4y-83em

vulnerability	VCID-h93h-421a-xfbd

vulnerability	VCID-hhc6-edy9-gbdr

vulnerability	VCID-huux-stsb-a7bj

vulnerability	VCID-jh9u-sk2h-2kde

vulnerability	VCID-jp5n-pgfm-wuct

vulnerability	VCID-jumk-chhp-67e9

vulnerability	VCID-k8yw-7wcu-bfeg

vulnerability	VCID-kmwc-jqxg-y3eq

vulnerability	VCID-knhh-ppe3-jbgd

vulnerability	VCID-kwgm-3rhn-h3h7

vulnerability	VCID-m22n-1r95-h7b3

vulnerability	VCID-maa3-wwya-a7hq

vulnerability	VCID-mhqq-9mfb-zket

vulnerability	VCID-mjf3-t8ym-dkfb

vulnerability	VCID-mvp6-pufw-vuav

vulnerability	VCID-n4sm-pk7p-r3f5

vulnerability	VCID-n5w4-tuca-2qe8

vulnerability	VCID-nahj-kmuw-8fa2

vulnerability	VCID-ng3y-j7js-c3gq

vulnerability	VCID-nn4p-n5f8-6bcr

vulnerability	VCID-npkj-jdnc-9ydn

vulnerability	VCID-nqca-kmxw-pkeg

100

vulnerability	VCID-nubx-6bmu-efhv

101

vulnerability	VCID-phqj-cun2-hkga

102

vulnerability	VCID-phrf-uytw-rbeb

103

vulnerability	VCID-px9g-qxcm-v3gx

104

vulnerability	VCID-pxet-3gqq-bbe1

105

vulnerability	VCID-pz9z-dw63-mqbt

106

vulnerability	VCID-qhqe-x9wc-sqbd

107

vulnerability	VCID-qmeg-u6d5-7kbb

108

vulnerability	VCID-qn8f-njne-wkea

109

vulnerability	VCID-qucp-utsj-pfa9

110

vulnerability	VCID-r442-6vcc-43df

111

vulnerability	VCID-rdhu-zhd7-pyb8

112

vulnerability	VCID-rr79-fdfv-wue4

113

vulnerability	VCID-rz5t-meeq-f7a2

114

vulnerability	VCID-s3cy-53r2-nkb1

115

vulnerability	VCID-sbas-btug-4kbj

116

vulnerability	VCID-sbp8-y1ap-kuay

117

vulnerability	VCID-sm9x-r28n-puhk

118

vulnerability	VCID-smet-j1kp-5qe6

119

vulnerability	VCID-sz8c-wy83-gygv

120

vulnerability	VCID-t2eu-4ew7-2qfu

121

vulnerability	VCID-tmcb-hc51-g3au

122

vulnerability	VCID-tsnm-ajh1-zyfp

123

vulnerability	VCID-tw37-mcdh-wkhy

124

vulnerability	VCID-u9ax-ysjx-4ycw

125

vulnerability	VCID-u9xy-qcv3-sugw

126

vulnerability	VCID-udj7-hpz9-wkeb

127

vulnerability	VCID-uhut-694f-bkd7

128

vulnerability	VCID-unp1-s8wm-93en

129

vulnerability	VCID-uwhs-7yf5-1qhz

130

vulnerability	VCID-uy5m-x1nq-qyc7

131

vulnerability	VCID-v24g-61h6-z3e4

132

vulnerability	VCID-v346-cdmc-ybfc

133

vulnerability	VCID-vb4y-nz7h-6bgf

134

vulnerability	VCID-vdb7-jpz3-q7gj

135

vulnerability	VCID-vdvr-usd4-hfe1

136

vulnerability	VCID-vm7w-cb39-d3ca

137

vulnerability	VCID-vmg6-gg3c-hffw

138

vulnerability	VCID-vxa4-e153-uqdg

139

vulnerability	VCID-w5tv-6rcz-bygx

140

vulnerability	VCID-wnse-7k4d-p7c7

141

vulnerability	VCID-wuzs-tju6-u3fk

142

vulnerability	VCID-x3b9-uvx4-4bb8

143

vulnerability	VCID-x8ux-rd5j-c3hc

144

vulnerability	VCID-xcx1-q32f-sfcw

145

vulnerability	VCID-xfcc-pyvs-rkbn

146

vulnerability	VCID-xtv2-cfha-bbax

147

vulnerability	VCID-y558-k2kf-2qap

148

vulnerability	VCID-y7us-vm3z-2ydu

149

vulnerability	VCID-yb9u-zqmf-w7db

150

vulnerability	VCID-yfpa-q76u-1ygg

151

vulnerability	VCID-yfte-4666-e3bn

152

vulnerability	VCID-yhtg-bwc8-x7ew

153

vulnerability	VCID-yn5g-hqdf-k7cn

154

vulnerability	VCID-ynmk-1f2c-zqcf

155

vulnerability	VCID-yyjf-6zxf-dub7

156

vulnerability	VCID-zj2p-68h9-kbh2

157

vulnerability	VCID-zycg-dh1c-97ea

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vim@2:8.2.2434-3%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/vim@2:9.0.1378-2%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/vim@2:9.0.1378-2%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kxn-f5y3-wfhg

vulnerability	VCID-21th-v7zz-7fgx

vulnerability	VCID-37wt-gr46-3bfk

vulnerability	VCID-3jah-u714-m3gd

vulnerability	VCID-44hm-r2z7-9kf9

vulnerability	VCID-466q-u5xw-w3g4

vulnerability	VCID-4c38-b6tw-ufd9

vulnerability	VCID-4n6v-zwra-vkda

vulnerability	VCID-68d3-j6xp-u3fw

vulnerability	VCID-6tph-4fts-mkds

vulnerability	VCID-77bk-xfwm-qbh3

vulnerability	VCID-8337-c76a-gbde

vulnerability	VCID-85na-u24s-pfed

vulnerability	VCID-96sr-9kny-cbg6

vulnerability	VCID-aqts-gjq5-kbfc

vulnerability	VCID-bfj8-ev52-mbh1

vulnerability	VCID-bqp2-8xpn-h3d6

vulnerability	VCID-cdvg-q112-dbby

vulnerability	VCID-d7rr-gwb7-xyfq

vulnerability	VCID-gmtk-gwvs-pugw

vulnerability	VCID-gmve-apcr-xqav

vulnerability	VCID-h5zu-mw4y-83em

vulnerability	VCID-h93h-421a-xfbd

vulnerability	VCID-hhc6-edy9-gbdr

vulnerability	VCID-jumk-chhp-67e9

vulnerability	VCID-k8yw-7wcu-bfeg

vulnerability	VCID-mjf3-t8ym-dkfb

vulnerability	VCID-nahj-kmuw-8fa2

vulnerability	VCID-ng3y-j7js-c3gq

vulnerability	VCID-nubx-6bmu-efhv

vulnerability	VCID-pz9z-dw63-mqbt

vulnerability	VCID-qucp-utsj-pfa9

vulnerability	VCID-s3cy-53r2-nkb1

vulnerability	VCID-sbp8-y1ap-kuay

vulnerability	VCID-sm9x-r28n-puhk

vulnerability	VCID-sz8c-wy83-gygv

vulnerability	VCID-t2eu-4ew7-2qfu

vulnerability	VCID-u9xy-qcv3-sugw

vulnerability	VCID-udj7-hpz9-wkeb

vulnerability	VCID-v24g-61h6-z3e4

vulnerability	VCID-v346-cdmc-ybfc

vulnerability	VCID-vdvr-usd4-hfe1

vulnerability	VCID-vm7w-cb39-d3ca

vulnerability	VCID-wmgw-22c9-6kfk

vulnerability	VCID-y558-k2kf-2qap

vulnerability	VCID-yb9u-zqmf-w7db

vulnerability	VCID-yn5g-hqdf-k7cn

vulnerability	VCID-ynmk-1f2c-zqcf

vulnerability	VCID-yyjf-6zxf-dub7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vim@2:9.0.1378-2%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/vim@2:9.1.1230-2?distro=trixie

purl pkg:deb/debian/vim@2:9.1.1230-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1kxn-f5y3-wfhg

vulnerability	VCID-21th-v7zz-7fgx

vulnerability	VCID-37wt-gr46-3bfk

vulnerability	VCID-3jah-u714-m3gd

vulnerability	VCID-466q-u5xw-w3g4

vulnerability	VCID-68d3-j6xp-u3fw

vulnerability	VCID-77bk-xfwm-qbh3

vulnerability	VCID-96sr-9kny-cbg6

vulnerability	VCID-aqts-gjq5-kbfc

vulnerability	VCID-fkmm-ehwq-xye9

vulnerability	VCID-gmtk-gwvs-pugw

vulnerability	VCID-gmve-apcr-xqav

vulnerability	VCID-h5zu-mw4y-83em

vulnerability	VCID-nubx-6bmu-efhv

vulnerability	VCID-sm9x-r28n-puhk

vulnerability	VCID-udj7-hpz9-wkeb

vulnerability	VCID-v24g-61h6-z3e4

vulnerability	VCID-vdvr-usd4-hfe1

vulnerability	VCID-y558-k2kf-2qap

vulnerability	VCID-yn5g-hqdf-k7cn

vulnerability	VCID-yyjf-6zxf-dub7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vim@2:9.1.1230-2%3Fdistro=trixie

url	pkg:deb/debian/vim@2:9.2.0524-1?distro=trixie
purl	pkg:deb/debian/vim@2:9.2.0524-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vim@2:9.2.0524-1%3Fdistro=trixie

Affected_packages

url pkg:rpm/redhat/vim@1:6.0-7?arch=25

purl pkg:rpm/redhat/vim@1:6.0-7?arch=25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5gaz-u5jq-gkbx

vulnerability	VCID-u31g-svbe-h3as

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/vim@1:6.0-7%3Farch=25

url pkg:rpm/redhat/vim@1:6.3.046-0.30E?arch=11

purl pkg:rpm/redhat/vim@1:6.3.046-0.30E?arch=11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5gaz-u5jq-gkbx

vulnerability	VCID-u31g-svbe-h3as

vulnerability	VCID-uk67-uv62-quhv

vulnerability	VCID-x9j8-feju-7kh7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/vim@1:6.3.046-0.30E%3Farch=11

url pkg:rpm/redhat/vim@1:6.3.046-1.el4_7?arch=5z

purl pkg:rpm/redhat/vim@1:6.3.046-1.el4_7?arch=5z

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5gaz-u5jq-gkbx

vulnerability	VCID-u31g-svbe-h3as

vulnerability	VCID-uk67-uv62-quhv

vulnerability	VCID-x9j8-feju-7kh7

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/vim@1:6.3.046-1.el4_7%3Farch=5z

url pkg:rpm/redhat/vim@2:7.0.109-4.el5_2?arch=4z

purl pkg:rpm/redhat/vim@2:7.0.109-4.el5_2?arch=4z

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1yzh-sauy-xkb2

vulnerability	VCID-5gaz-u5jq-gkbx

vulnerability	VCID-cj62-behh-nbbz

vulnerability	VCID-fdgd-vgt7-5yg9

vulnerability	VCID-u31g-svbe-h3as

vulnerability	VCID-uk67-uv62-quhv

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/vim@2:7.0.109-4.el5_2%3Farch=4z

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2712.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2712.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2712

reference_id

reference_type

scores

value	0.16974
scoring_system	epss
scoring_elements	0.95096
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2712

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=451759
reference_id	451759
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=451759

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486502
reference_id	486502
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486502

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/31911.txt
reference_id	CVE-2008-2712;OSVDB-46306
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/31911.txt

reference_url	https://www.securityfocus.com/bid/29715/info
reference_id	CVE-2008-2712;OSVDB-46306
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/29715/info

reference_url	https://access.redhat.com/errata/RHSA-2008:0580
reference_id	RHSA-2008:0580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0580

reference_url	https://access.redhat.com/errata/RHSA-2008:0617
reference_id	RHSA-2008:0617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0617

reference_url	https://access.redhat.com/errata/RHSA-2008:0618
reference_id	RHSA-2008:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0618

Weaknesses

Exploits

date_added	2008-06-14
description	Vim 7.x - Vim Script Multiple Command Execution Vulnerabilities
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`false`
source_date_published	2008-06-14
exploit_type	local
platform	linux
source_date_updated	2014-03-03
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/29715/info

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.2

Risk_score 0.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u31g-svbe-h3as

Vulnerability Instance