{ "id": "CVE-2025-29768", "sourceIdentifier": "security-advisories@github.com", "published": "2025-03-13T17:15:37.623", "lastModified": "2025-03-13T17:15:37.623", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198." }, { "lang": "es", "value": "Vim, un editor de texto, es vulnerable a la posible p\u00e9rdida de datos con zip.vim y archivos zip manipulados especialmente en versiones anteriores a la 9.1.1198. El impacto es moderado, ya que es necesario que el usuario visualice dicho archivo con Vim y luego presione \"x\" en un nombre de archivo tan extra\u00f1o. El problema se ha solucionado con el parche de Vim v9.1.1198." } ], "metrics": { "cvssMetricV31": [ { "source": "security-advisories@github.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "baseScore": 4.4, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 2.5 } ] }, "weaknesses": [ { "source": "security-advisories@github.com", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-88" } ] } ], "references": [ { "url": "https://github.com/vim/vim/commit/f209dcd3defb95bae21b2740910e6aa7bb940531", "source": "security-advisories@github.com" }, { "url": "https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf", "source": "security-advisories@github.com" } ] }