Medium severity5.5NVD Advisory· Published Oct 31, 2017· Updated May 13, 2026

CVE-2017-1000382

Description

VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.cucumberlinux.com/security/details.phpnvdThird Party Advisory
www.openwall.com/lists/oss-security/2017/10/31/1nvdMailing ListThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000