oss-sec mailing list archives
Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272
From: Salvatore Bonaccorso <carnil () debian org>
Date: Fri, 3 Apr 2026 11:43:50 +0200
Hi, On Thu, Apr 02, 2026 at 01:20:46PM +0200, Christian Brabandt wrote:
Tianyu Chen schrieb am Donnerstag, den 02. April 2026:On Thu, Apr 02, 2026 at 09:25:58AM +0200, Christian Brabandt wrote:Sorry for being potentially off-topic, but I am wondering if I am doing something wrong here. Did anybody request a CVE for this? I got a notification from Github Support (after 10 hours or so) that they cannot assign a CVE for this, as there was already one assigned. I typically hit the *Request CVE* button before I publish an advisory and send out the notifications, and usually github assigns those pretty fast, but not this time. Does anybody here know how this works? Or did I do something wrong?Isn't it CVE-2026-34714? I saw it noted on https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh.Yes, but Github did not assign it. Someone else did and GH did barely notify me of this already existing CVE.
According to https://www.cve.org/CVERecord?id=CVE-2026-34714 the assigner is MITRE CNA itself. Regards, Salvatore
Current thread:
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 01)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 David A. Wheeler (Apr 02)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Solar Designer (Apr 02)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
- <Possible follow-ups>
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Tianyu Chen (Apr 02)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Salvatore Bonaccorso (Apr 03)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Tianyu Chen (Apr 02)
- Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 David A. Wheeler (Apr 02)
