CVE-2021-3968: Heap-based Buffer Overflow in vim/vim
First published: Fri Nov 19 2021(Updated: )
vim is vulnerable to Heap-based Buffer Overflow
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vim Vim | >=8.2.3430<8.2.3610 | |
| Fedoraproject Fedora | =34 | |
| Fedoraproject Fedora | =35 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2022/01/15/1
- https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69
- https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/
- https://security.gentoo.org/glsa/202208-32
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
- agent/type
- agent/remedy
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/vim
- canonical/vim vim
- version/vim vim/8.2.3430
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/34
- version/fedoraproject fedora/35