Vulnerability roundup 107: vim-8.2.3337: 4 advisories [7.8] - Githubissues

NixOS / nixpkgs

Nix Packages collection & NixOS

MIT License

18.13k stars 14.16k forks source link

Vulnerability roundup 107: vim-8.2.3337: 4 advisories [7.8] #143011

Closed ckauhaus closed 2 years ago

ckauhaus commented 3 years ago

[ ] CVE-2021-3778 CVSSv3=7.8 (nixos-unstable)
[ ] CVE-2021-3872 CVSSv3=7.8 (nixos-unstable)
[ ] CVE-2021-3796 CVSSv3=7.3 (nixos-unstable)
[ ] CVE-2021-3875 CVSSv3=5.5 (nixos-unstable)

CVE details

CVE-2021-3778

vim is vulnerable to Heap-based Buffer Overflow

CVE-2021-3872

vim is vulnerable to Heap-based Buffer Overflow

CVE-2021-3796

vim is vulnerable to Use After Free

CVE-2021-3875

vim is vulnerable to Heap-based Buffer Overflow

Scanned versions: nixos-unstable: 34ad3ffe08a.

Cc @equirosa Cc @lovek323

ckauhaus commented 3 years ago

See also: #138699

FliegendeWurst commented 2 years ago

Fixed by #147146