Lucene search
CloudLinuxCLSA-2021:1640621325HistoryDec 27, 2021 - 4:08 p.m.
Fix of CVE: CVE-2021-3973, CVE-2021-3974, CVE-2021-4019, CVE-2021-4069, CVE-2021-3984
2021-12-2716:08:45
repo.cloudlinux.com
22
cve-2021-3974
regexp memory fix
cve-2021-3984
illegal memory access
cve-2021-3973
crash fix
ctrl-w f
cve-2021-4019
buffer overflow
help argument
cve-2021-4069
open command
unix
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
45.5%
- CVE-2021-3974: fix using freed memory with regexp using a mark
- CVE-2021-3984: fix illegal memory access when C-indenting
- CVE-2021-3973: fix crash when using CTRL-W f without finding a file name
- CVE-2021-4019: fix buffer overflow with long help argument
- CVE-2021-4069: fix using freed memory in open command
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Centos | 6 | x86_64 | vim-x11 | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els4.src.rpm |
| Centos | 6 | x86_64 | vim-common | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els4.src.rpm |
| Centos | 6 | x86_64 | vim-minimal | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els4.src.rpm |
| Centos | 6 | x86_64 | vim-enhanced | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els4.src.rpm |
| Centos | 6 | x86_64 | vim-filesystem | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els4.src.rpm |
Related
osv
osv
vim vulnerabilities
2024-08-21 02:28:10
vim vulnerabilities
2022-01-27 06:37:23
vim vulnerabilities
2022-05-23 11:39:44
nessus
nessus
Ubuntu 14.04 LTS : Vim vulnerabilities (USN-6965-1)
2024-08-21 00:00:00
EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1313)
2022-03-02 00:00:00
EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1470)
2022-04-20 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-1297)
2022-03-02 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-1479)
2022-04-20 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-1470)
2022-04-20 00:00:00
cloudfoundry
cloudfoundry
USN-5247-1: Vim vulnerabilities | Cloud Foundry
2022-03-15 00:00:00
cloudlinux
cloudlinux
ubuntu
ubuntu
Vim vulnerabilities
2022-01-27 00:00:00
Vim vulnerabilities
2024-08-21 00:00:00
Vim vulnerabilities
2022-05-23 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: vim-8.2.3755-1.fc34
2021-12-16 01:13:59
[SECURITY] Fedora 35 Update: vim-8.2.3642-1.fc35
2021-11-24 01:21:04
[SECURITY] Fedora 35 Update: vim-8.2.3717-1.fc35
2021-12-04 01:24:08
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2022-3.0-0338
2021-12-08 00:00:00
Important Photon OS Security Update - PHSA-2022-0338
2022-01-11 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0338
2021-12-08 00:00:00
rocky
rocky
vim security update
2022-02-02 04:36:58
vim security update
2022-02-01 20:12:46
amazon
amazon
cbl_mariner
cbl_mariner
CVE-2021-3974 affecting package vim for versions less than 8.2.4081-1
2022-04-09 06:51:50
CVE-2021-3973 affecting package vim for versions less than 8.2.4081-1
2022-04-09 06:51:50
CVE-2021-3973 affecting package vim 8.2.3582-1
2021-12-17 20:09:33
prion
prion
Design/Logic Flaw
2021-11-19 11:15:00
Heap overflow
2021-11-19 12:15:00
Design/Logic Flaw
2021-12-06 12:15:00
redhatcve
redhatcve
alpinelinux
alpinelinux
veracode
veracode
Heap-based Buffer Overflow
2022-01-15 22:10:54
Remote Code Execution (RCE)
2022-01-15 22:11:12
Heap-Based Buffer Overflow
2022-01-23 00:19:12
debiancve
debiancve
huntr
huntr
Heap-based Buffer Overflow in vim/vim
2021-11-12 21:47:32
None in vim/vim
2021-10-24 22:44:39
None in vim/vim
2021-12-03 22:41:35
ubuntucve
ubuntucve
cve
cve
cnvd
cnvd
Vim Buffer Overflow Vulnerability (CNVD-2022-05069)
2021-11-24 00:00:00
Vim Resource Management Error Vulnerability (CNVD-2022-05068)
2021-11-24 00:00:00
Vim memory mis-reference vulnerability
2021-12-12 00:00:00
cvelist
cvelist
CVE-2021-3973 Heap-based Buffer Overflow in vim/vim
2021-11-19 11:35:11
CVE-2021-3974 Use After Free in vim/vim
2021-11-19 00:00:00
CVE-2021-4019 Heap-based Buffer Overflow in vim/vim
2021-12-01 00:00:00
nvd
nvd
mageia
mageia
Updated vim packages fix security vulnerability
2021-12-08 23:04:18
Updated vim packages fix security vulnerability
2021-12-19 15:26:08
Updated vim packages fix security vulnerability
2021-12-03 21:45:31
oraclelinux
oraclelinux
vim security update
2022-02-03 00:00:00
redhat
redhat
(RHSA-2022:0366) Moderate: vim security update
2022-02-01 20:12:46
(RHSA-2022:0476) Important: Red Hat OpenShift GitOps security update
2022-02-08 22:00:22
almalinux
almalinux
Moderate: vim security update
2022-02-01 20:12:46
debian
debian
[SECURITY] [DLA 2947-1] vim security update
2022-03-11 22:50:56
[SECURITY] [DLA 3182-1] vim security update
2022-11-08 14:54:53
ibm
ibm
rosalinux
rosalinux
Advisory ROSA-SA-2023-2214
2023-08-15 09:10:06
suse
suse
Security update for vim (important)
2022-03-04 00:00:00
Security update for vim (important)
2022-06-16 00:00:00
gentoo
gentoo
Vim, gVim: Multiple Vulnerabilities
2022-08-21 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
45.5%
Related for CLSA-2021:1640621325