These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2017-6350 is a critical Vim vulnerability affecting versions through 8.0.0377. According to NVD and the vendor-linked patch reference, an integer overflow in unserialize_uep can occur when Vim fails to validate tree length values while reading a corrupted undo file, which may lead to buffer overflows. The vulnerability was publicly recorded on 2017-02-27, and the NVD entry was later modified on 2026-0 [truncated]
CVE-2017-6349 is a critical Vim flaw in undo-file handling. A corrupted undo file can trigger an integer overflow during memory allocation in u_read_undo if tree-length values are not validated, which can lead to buffer overflows. The issue was published on 2017-02-27 and is fixed by the upstream patch referenced in the source corpus.
CVE-2017-5953 is a critical memory-corruption issue in Vim's spell-file handling. According to the NVD record and vendor references, Vim did not properly validate tree-length values, which could trigger an integer overflow at a memory-allocation site and then a resulting buffer overflow. The issue was publicly disclosed on 2017-02-10 and is rated CVSS 3.0 9.8 (network, low complexity, no privileges, no us [truncated]