9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.1%
It was discovered that vim incorrectly handled parsing of filenames in its
search functionality. If a user was tricked into opening a specially crafted
file, an attacker could crash the application, leading to a denial of
service. This issue only affected Ubuntu 21.10. (CVE-2021-3973)
It was discovered that vim incorrectly handled memory when opening and
searching the contents of certain files. If a user was tricked into opening
a specially crafted file, an attacker could crash the application, leading to
a denial of service, or possibly achieve code execution with user privileges.
This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-3974)
It was discovered that vim incorrectly handled memory when opening and editing
certain files. If a user was tricked into opening a specially crafted file, an
attacker could crash the application, leading to a denial of service, or
possibly achieve code execution with user privileges. (CVE-2021-3984)
It was discovered that vim incorrectly handled memory when opening and editing
certain files. If a user was tricked into opening a specially crafted file, an
attacker could crash the application, leading to a denial of service, or
possibly achieve code execution with user privileges. (CVE-2021-4019)
It was discovered that vim incorrectly handled memory when opening and editing
certain files. If a user was tricked into opening a specially crafted file, an
attacker could crash the application, leading to a denial of service, or
possibly achieve code execution with user privileges.(CVE-2021-4069)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 21.10 | noarch | vim | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | vim-athena | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | vim-athena-dbgsym | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | vim-common | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | vim-dbgsym | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | vim-doc | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | vim-gtk | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | vim-gtk3 | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | vim-gtk3-dbgsym | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
Ubuntu | 21.10 | noarch | vim-gui-common | < 2:8.2.2434-3ubuntu3.2 | UNKNOWN |
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.1%