CVE-2021-4069

Name
CVE-2021-4069
Description
vim is vulnerable to Use After Free
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
CONFIRM https://huntr.dev/bounties/0efd6d23-2259-4081-9ff1-3ade26907d74
MISC https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYB2LLNUFJUKJJ5HYCZ6MV3Z6YX3U5BN/
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
Mailing List http://www.openwall.com/lists/oss-security/2022/01/15/1
Mailing List https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:* vim >= None <= 8.2.3728
cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:* vim >= None < 8.2.3741

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
vim edge-main 8.2.4173-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
vim edge-main 8.2.3650-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
vim edge-main 8.2.3567-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
vim edge-main 8.2.3500-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
vim edge-main 8.2.3437-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
vim edge-main 8.1.1365-r0 None possibly vulnerable
vim edge-main 8.0.1521-r0 None possibly vulnerable
vim edge-main 8.0.0329-r0 None possibly vulnerable
vim edge-main 8.0.0056-r0 None possibly vulnerable
vim 3.22-main 8.2.4173-r0 None fixed
vim 3.22-main 8.2.3650-r0 None possibly vulnerable
vim 3.22-main 8.2.3567-r0 None possibly vulnerable
vim 3.22-main 8.2.3500-r0 None possibly vulnerable
vim 3.22-main 8.2.3437-r0 None possibly vulnerable
vim 3.22-main 8.1.1365-r0 None possibly vulnerable
vim 3.22-main 8.0.1521-r0 None possibly vulnerable
vim 3.22-main 8.0.0329-r0 None possibly vulnerable
vim 3.22-main 8.0.0056-r0 None possibly vulnerable
vim 3.21-main 8.2.4173-r0 None fixed
vim 3.21-main 8.2.3650-r0 None possibly vulnerable
vim 3.21-main 8.2.3567-r0 None possibly vulnerable
vim 3.21-main 8.2.3500-r0 None possibly vulnerable
vim 3.21-main 8.2.3437-r0 None possibly vulnerable
vim 3.21-main 8.1.1365-r0 None possibly vulnerable
vim 3.21-main 8.0.1521-r0 None possibly vulnerable
vim 3.21-main 8.0.0329-r0 None possibly vulnerable
vim 3.21-main 8.0.0056-r0 None possibly vulnerable
vim 3.20-main 8.2.4173-r0 None fixed
vim 3.20-main 8.2.3650-r0 None possibly vulnerable
vim 3.20-main 8.2.3567-r0 None possibly vulnerable
vim 3.20-main 8.2.3500-r0 None possibly vulnerable
vim 3.20-main 8.2.3437-r0 None possibly vulnerable
vim 3.20-main 8.1.1365-r0 None possibly vulnerable
vim 3.20-main 8.0.1521-r0 None possibly vulnerable
vim 3.20-main 8.0.0329-r0 None possibly vulnerable
vim 3.20-main 8.0.0056-r0 None possibly vulnerable
vim 3.19-main 8.2.4173-r0 None fixed
vim 3.19-main 8.2.3650-r0 None possibly vulnerable
vim 3.19-main 8.2.3567-r0 None possibly vulnerable
vim 3.19-main 8.2.3500-r0 None possibly vulnerable
vim 3.19-main 8.2.3437-r0 None possibly vulnerable
vim 3.19-main 8.1.1365-r0 None possibly vulnerable
vim 3.19-main 8.0.1521-r0 None possibly vulnerable
vim 3.19-main 8.0.0329-r0 None possibly vulnerable
vim 3.19-main 8.0.0056-r0 None possibly vulnerable
vim 3.18-main 8.2.4173-r0 None fixed
vim 3.17-main 8.2.4173-r0 None fixed
vim 3.12-main 8.2.4173-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
vim 3.12-main 8.2.3437-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable