CVE-2021-4136

Опубликовано: 19 дек. 2021

Источник: debian

EPSS Низкий

Описание

vim is vulnerable to Heap-based Buffer Overflow

Пакет	Статус	Версия исправления	Релиз	Тип
vim	fixed	2:8.2.3995-1		package
vim	not-affected		buster	package
vim	not-affected		stretch	package

https://huntr.dev/bounties/5c6b93c1-2d27-4e98-a931-147877b8c938
Introduced by: https://github.com/vim/vim/commit/2949cfdbe4335b9abcfeda1be4dfc52090ee1df6 (v8.2.2257)
Fixed by: https://github.com/vim/vim/commit/605ec91e5a7330d61be313637e495fa02a6dc264 (v8.2.3847)
Crash in CLI tool, no security impact

EPSS

Процентиль: 50%

0.00273

Низкий

CVE-2021-4136

CVSS3: 7.8

ubuntu

около 4 лет назад

vim is vulnerable to Heap-based Buffer Overflow

CVE-2021-4136

CVSS3: 6.8

redhat

около 4 лет назад

vim is vulnerable to Heap-based Buffer Overflow

CVE-2021-4136

CVSS3: 7.8

nvd

около 4 лет назад

vim is vulnerable to Heap-based Buffer Overflow

CVE-2021-4136

CVSS3: 7.8

msrc

около 4 лет назад

Heap-based Buffer Overflow in vim/vim

GHSA-85p4-xh3v-w37r

CVSS3: 7.8

github

около 4 лет назад

vim is vulnerable to Heap-based Buffer Overflow

EPSS

Процентиль: 50%

0.00273

Низкий