CVE-2021-3770

Опубликовано: 06 сент. 2021

Источник: redhat

CVSS3: 7.3

EPSS Низкий

Описание

vim is vulnerable to Heap-based Buffer Overflow

A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	vim	Not affected
Red Hat Enterprise Linux 7	vim	Not affected
Red Hat Enterprise Linux 8	vim	Not affected
Red Hat Enterprise Linux 9	vim	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-119->CWE-120

https://bugzilla.redhat.com/show_bug.cgi?id=2001929vim: using retab with large value may lead to heap buffer overflow

EPSS

Процентиль: 52%

0.00294

Низкий

7.3 High

CVSS3

Связанные уязвимости

CVE-2021-3770

CVSS3: 7.8

ubuntu

больше 4 лет назад

vim is vulnerable to Heap-based Buffer Overflow

CVE-2021-3770

CVSS3: 7.8

nvd

больше 4 лет назад

vim is vulnerable to Heap-based Buffer Overflow

CVE-2021-3770

CVSS3: 7.8

msrc

больше 4 лет назад

Heap-based Buffer Overflow in vim/vim

CVE-2021-3770

CVSS3: 7.8

debian

больше 4 лет назад

vim is vulnerable to Heap-based Buffer Overflow

GHSA-qjvf-2fhp-q8rx

CVSS3: 7.8

github

больше 3 лет назад

vim is vulnerable to Heap-based Buffer Overflow

EPSS

Процентиль: 52%

0.00294

Низкий

7.3 High

CVSS3