Описание
vim is vulnerable to Heap-based Buffer Overflow
A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/openshift-hive-rhel8 | Not affected | ||
| Red Hat Enterprise Linux 6 | vim | Out of support scope | ||
| Red Hat Enterprise Linux 7 | vim | Out of support scope | ||
| Red Hat Enterprise Linux 9 | vim | Not affected | ||
| Red Hat Enterprise Linux 8 | vim | Fixed | RHSA-2021:4517 | 09.11.2021 |
| Red Hat Enterprise Linux 8 | vim | Fixed | RHSA-2021:4517 | 09.11.2021 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-119->CWE-120
https://bugzilla.redhat.com/show_bug.cgi?id=2004621vim: heap-based buffer overflow in utf_ptr2char() in mbyte.c
EPSS
Процентиль: 59%
0.00393
Низкий
7.8 High
CVSS3
EPSS
Процентиль: 59%
0.00393
Низкий
7.8 High
CVSS3