- CVE-2021-3974: fix using freed memory with regexp using a mark
- CVE-2021-3984: fix illegal memory access when C-indenting
- CVE-2021-3973: fix crash when using CTRL-W f without finding a file name
- CVE-2021-4019: fix buffer overflow with long help argument
- CVE-2021-4069: fix using freed memory in open command
{"nessus": [{"lastseen": "2023-11-07T16:26:12", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-03-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1297)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1297.NASL", "href": "https://www.tenable.com/plugins/nessus/158551", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158551);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1297)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1297\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8989a182\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h5.r8.eulerosv2r9\",\n \"vim-enhanced-8.2-1.h5.r8.eulerosv2r9\",\n \"vim-filesystem-8.2-1.h5.r8.eulerosv2r9\",\n \"vim-minimal-8.2-1.h5.r8.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-02T15:05:02", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-04-20T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1470)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2023-11-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1470.NASL", "href": "https://www.tenable.com/plugins/nessus/159969", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159969);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/01\");\n\n script_cve_id(\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1470)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1470\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?00bf2881\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h15.eulerosv2r10\",\n \"vim-enhanced-8.2-1.h15.eulerosv2r10\",\n \"vim-filesystem-8.2-1.h15.eulerosv2r10\",\n \"vim-minimal-8.2-1.h15.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-18T14:40:13", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5247-1 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-27T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Vim vulnerabilities (USN-5247-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2023-10-16T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:vim", "p-cpe:/a:canonical:ubuntu_linux:vim-athena", "p-cpe:/a:canonical:ubuntu_linux:vim-common", "p-cpe:/a:canonical:ubuntu_linux:vim-gnome", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk3", "p-cpe:/a:canonical:ubuntu_linux:vim-gui-common", "p-cpe:/a:canonical:ubuntu_linux:vim-nox", "p-cpe:/a:canonical:ubuntu_linux:vim-runtime", "p-cpe:/a:canonical:ubuntu_linux:vim-tiny", "p-cpe:/a:canonical:ubuntu_linux:xxd"], "id": "UBUNTU_USN-5247-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157143", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5247-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157143);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/16\");\n\n script_cve_id(\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\"\n );\n script_xref(name:\"USN\", value:\"5247-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Vim vulnerabilities (USN-5247-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5247-1 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5247-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-athena\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gui-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-nox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-tiny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xxd\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'vim', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'vim-athena', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'vim-common', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'vim-gnome', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'vim-gtk', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'vim-gtk3', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'vim-gui-common', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'vim-nox', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'vim-runtime', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'vim-tiny', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'xxd', 'pkgver': '2:8.0.1453-1ubuntu1.8'},\n {'osver': '20.04', 'pkgname': 'vim', 'pkgver': '2:8.1.2269-1ubuntu5.6'},\n {'osver': '20.04', 'pkgname': 'vim-athena', 'pkgver': '2:8.1.2269-1ubuntu5.6'},\n {'osver': '20.04', 'pkgname': 'vim-common', 'pkgver': '2:8.1.2269-1ubuntu5.6'},\n {'osver': '20.04', 'pkgname': 'vim-gtk', 'pkgver': '2:8.1.2269-1ubuntu5.6'},\n {'osver': '20.04', 'pkgname': 'vim-gtk3', 'pkgver': '2:8.1.2269-1ubuntu5.6'},\n {'osver': '20.04', 'pkgname': 'vim-gui-common', 'pkgver': '2:8.1.2269-1ubuntu5.6'},\n {'osver': '20.04', 'pkgname': 'vim-nox', 'pkgver': '2:8.1.2269-1ubuntu5.6'},\n {'osver': '20.04', 'pkgname': 'vim-runtime', 'pkgver': '2:8.1.2269-1ubuntu5.6'},\n {'osver': '20.04', 'pkgname': 'vim-tiny', 'pkgver': '2:8.1.2269-1ubuntu5.6'},\n {'osver': '20.04', 'pkgname': 'xxd', 'pkgver': '2:8.1.2269-1ubuntu5.6'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim / vim-athena / vim-common / vim-gnome / vim-gtk / vim-gtk3 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T16:26:40", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-03-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1313)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1313.NASL", "href": "https://www.tenable.com/plugins/nessus/158549", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158549);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1313)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1313\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?792c544f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h5.r8.eulerosv2r9\",\n \"vim-enhanced-8.2-1.h5.r8.eulerosv2r9\",\n \"vim-filesystem-8.2-1.h5.r8.eulerosv2r9\",\n \"vim-minimal-8.2-1.h5.r8.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-02T15:04:23", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-04-20T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1479)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2023-11-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1479.NASL", "href": "https://www.tenable.com/plugins/nessus/159943", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159943);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/01\");\n\n script_cve_id(\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1479)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1479\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cf44c71c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h15.eulerosv2r10\",\n \"vim-enhanced-8.2-1.h15.eulerosv2r10\",\n \"vim-filesystem-8.2-1.h15.eulerosv2r10\",\n \"vim-minimal-8.2-1.h15.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-09T16:56:51", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3927, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-03-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-1283)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-x11", "p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1283.NASL", "href": "https://www.tenable.com/plugins/nessus/158461", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158461);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-1283)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3927, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1283\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e72b3484\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-X11-7.4.160-4.h17.eulerosv2r7\",\n \"vim-common-7.4.160-4.h17.eulerosv2r7\",\n \"vim-enhanced-7.4.160-4.h17.eulerosv2r7\",\n \"vim-filesystem-7.4.160-4.h17.eulerosv2r7\",\n \"vim-minimal-7.4.160-4.h17.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-11T14:37:47", "description": "The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5433-1 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-24T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5433-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4192", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-1154"], "modified": "2023-07-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "p-cpe:/a:canonical:ubuntu_linux:vim", "p-cpe:/a:canonical:ubuntu_linux:vim-athena", "p-cpe:/a:canonical:ubuntu_linux:vim-athena-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-common", "p-cpe:/a:canonical:ubuntu_linux:vim-gnome", "p-cpe:/a:canonical:ubuntu_linux:vim-gnome-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk3", "p-cpe:/a:canonical:ubuntu_linux:vim-gtk3-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-gui-common", "p-cpe:/a:canonical:ubuntu_linux:vim-nox", "p-cpe:/a:canonical:ubuntu_linux:vim-nox-py2", "p-cpe:/a:canonical:ubuntu_linux:vim-runtime", "p-cpe:/a:canonical:ubuntu_linux:vim-tiny"], "id": "UBUNTU_USN-5433-1.NASL", "href": "https://www.tenable.com/plugins/nessus/161449", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5433-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161449);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/10\");\n\n script_cve_id(\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4192\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-1154\"\n );\n script_xref(name:\"USN\", value:\"5433-1\");\n\n script_name(english:\"Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5433-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5433-1 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5433-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-athena\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-athena-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gnome-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gtk3-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-gui-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-nox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-nox-py2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:vim-tiny\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'vim', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-athena', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-athena-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-common', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-gnome', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-gnome-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-gtk', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-gtk-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-gtk3', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-gtk3-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-gui-common', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-nox', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-nox-py2', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-runtime', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'},\n {'osver': '16.04', 'pkgname': 'vim-tiny', 'pkgver': '2:7.4.1689-3ubuntu1.5+esm4'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim / vim-athena / vim-athena-py2 / vim-common / vim-gnome / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:08:41", "description": "An update of the vim package has been released.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974)", "cvss3": {}, "published": "2022-01-10T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Vim PHSA-2022-3.0-0338", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974"], "modified": "2023-11-21T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:vim", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2022-3_0-0338_VIM.NASL", "href": "https://www.tenable.com/plugins/nessus/156589", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2022-3.0-0338. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156589);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\"CVE-2021-3973\", \"CVE-2021-3974\");\n\n script_name(english:\"Photon OS 3.0: Vim PHSA-2022-3.0-0338\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the vim package has been released.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-338.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3974\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 3.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'vim-8.2.3408-7.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'vim-extra-8.2.3408-7.ph3')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-10T16:14:27", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:366 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3984, CVE-2021-4019)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : vim (RLSA-2022:366)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3984", "CVE-2021-4019"], "modified": "2023-11-09T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:vim-x11", "p-cpe:/a:rocky:linux:vim-x11-debuginfo", "p-cpe:/a:rocky:linux:vim-common", "p-cpe:/a:rocky:linux:vim-common-debuginfo", "p-cpe:/a:rocky:linux:vim-debuginfo", "p-cpe:/a:rocky:linux:vim-debugsource", "p-cpe:/a:rocky:linux:vim-enhanced", "p-cpe:/a:rocky:linux:vim-enhanced-debuginfo", "p-cpe:/a:rocky:linux:vim-filesystem", "p-cpe:/a:rocky:linux:vim-minimal", "p-cpe:/a:rocky:linux:vim-minimal-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-366.NASL", "href": "https://www.tenable.com/plugins/nessus/157778", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:366.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157778);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/09\");\n\n script_cve_id(\"CVE-2021-3984\", \"CVE-2021-4019\");\n script_xref(name:\"RLSA\", value:\"2022:366\");\n\n script_name(english:\"Rocky Linux 8 : vim (RLSA-2022:366)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:366 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3984, CVE-2021-4019)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2016056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2028122\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2028212\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039687\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4019\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-X11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-common-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-enhanced-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-minimal-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'vim-common-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-filesystem-8.0.1763-16.el8_5.4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim-X11 / vim-X11-debuginfo / vim-common / vim-common-debuginfo / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-22T15:09:32", "description": "An update of the vim package has been released.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3984, CVE-2021-4019)", "cvss3": {}, "published": "2022-01-10T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Vim PHSA-2021-3.0-0346", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3984", "CVE-2021-4019"], "modified": "2023-11-21T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:vim", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2021-3_0-0346_VIM.NASL", "href": "https://www.tenable.com/plugins/nessus/156588", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-3.0-0346. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156588);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\"CVE-2021-3984\", \"CVE-2021-4019\");\n\n script_name(english:\"Photon OS 3.0: Vim PHSA-2021-3.0-0346\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the vim package has been released.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3984, CVE-2021-4019)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-346.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4019\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 3.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'vim-8.2.3408-9.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'vim-extra-8.2.3408-9.ph3')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-02T15:05:03", "description": "According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-04-18T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-1389)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2023-11-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2022-1389.NASL", "href": "https://www.tenable.com/plugins/nessus/159837", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159837);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/01\");\n\n script_cve_id(\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3875\",\n \"CVE-2021-3903\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-1389)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875,\n CVE-2021-3903, CVE-2021-3927, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1389\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?963039fb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h15.eulerosv2r10\",\n \"vim-enhanced-8.2-1.h15.eulerosv2r10\",\n \"vim-filesystem-8.2-1.h15.eulerosv2r10\",\n \"vim-minimal-8.2-1.h15.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-02T15:04:24", "description": "According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-04-18T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-1415)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2023-11-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2022-1415.NASL", "href": "https://www.tenable.com/plugins/nessus/159870", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159870);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/01\");\n\n script_cve_id(\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3875\",\n \"CVE-2021-3903\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-1415)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875,\n CVE-2021-3903, CVE-2021-3927, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1415\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8dc070a3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-8.2-1.h15.eulerosv2r10\",\n \"vim-enhanced-8.2-1.h15.eulerosv2r10\",\n \"vim-filesystem-8.2-1.h15.eulerosv2r10\",\n \"vim-minimal-8.2-1.h15.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T14:39:13", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1557 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-20T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : vim (ALAS-2022-1557)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2023-11-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:vim-common", "p-cpe:/a:amazon:linux:vim-data", "p-cpe:/a:amazon:linux:vim-debuginfo", "p-cpe:/a:amazon:linux:vim-enhanced", "p-cpe:/a:amazon:linux:vim-filesystem", "p-cpe:/a:amazon:linux:vim-minimal", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2022-1557.NASL", "href": "https://www.tenable.com/plugins/nessus/156877", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1557.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156877);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/20\");\n\n script_cve_id(\n \"CVE-2021-3903\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4173\",\n \"CVE-2021-4187\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\"\n );\n script_xref(name:\"ALAS\", value:\"2022-1557\");\n\n script_name(english:\"Amazon Linux AMI : vim (ALAS-2022-1557)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1557 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903, CVE-2021-3927, CVE-2021-3968,\n CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2022-1557.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3903.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3927.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3928.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3968.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3973.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3974.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3984.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4019.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4069.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4136.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4166.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4173.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4187.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update vim' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3968\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'vim-common-8.2.4006-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-8.2.4006-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-data-8.2.4006-1.1.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4006-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4006-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4006-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4006-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-filesystem-8.2.4006-1.1.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4006-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4006-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim-common / vim-data / vim-debuginfo / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-10T16:15:33", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1743 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-14T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : vim (ALAS-2022-1743)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2023-11-09T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:vim-x11", "p-cpe:/a:amazon:linux:vim-common", "p-cpe:/a:amazon:linux:vim-data", "p-cpe:/a:amazon:linux:vim-debuginfo", "p-cpe:/a:amazon:linux:vim-enhanced", "p-cpe:/a:amazon:linux:vim-filesystem", "p-cpe:/a:amazon:linux:vim-minimal", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1743.NASL", "href": "https://www.tenable.com/plugins/nessus/158046", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1743.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158046);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/09\");\n\n script_cve_id(\n \"CVE-2021-3903\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4173\",\n \"CVE-2021-4187\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\"\n );\n script_xref(name:\"ALAS\", value:\"2022-1743\");\n\n script_name(english:\"Amazon Linux 2 : vim (ALAS-2022-1743)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1743 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903, CVE-2021-3927, CVE-2021-3968,\n CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187,\n CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1743.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3903.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3927.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3928.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3968.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3973.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3974.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3984.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4019.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4069.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4136.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4166.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4173.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4187.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4192.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4193.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update vim' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3968\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'vim-common-8.2.4006-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-8.2.4006-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-8.2.4006-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-data-8.2.4006-1.amzn2.0.1', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4006-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4006-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4006-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4006-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4006-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4006-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-filesystem-8.2.4006-1.amzn2.0.1', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4006-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4006-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4006-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.2.4006-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.2.4006-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.2.4006-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim-X11 / vim-common / vim-data / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-01T15:22:06", "description": "According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3927, CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-05-07T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.0 : vim (EulerOS-SA-2022-1699)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3872", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0213", "CVE-2022-0351", "CVE-2022-0359"], "modified": "2023-10-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2022-1699.NASL", "href": "https://www.tenable.com/plugins/nessus/160699", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160699);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/30\");\n\n script_cve_id(\n \"CVE-2021-3872\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0213\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.0 : vim (EulerOS-SA-2022-1699)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3927, CVE-2021-3984,\n CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1699\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e10f0c6b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0359\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-7.4.160-4.h19\",\n \"vim-enhanced-7.4.160-4.h19\",\n \"vim-filesystem-7.4.160-4.h19\",\n \"vim-minimal-7.4.160-4.h19\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-29T19:28:25", "description": "The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3973 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-20T00:00:00", "type": "nessus", "title": "CBL Mariner 2.0 Security Update: vim (CVE-2021-3973)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3973"], "modified": "2023-08-29T00:00:00", "cpe": ["p-cpe:/a:microsoft:cbl-mariner:vim", "x-cpe:/o:microsoft:cbl-mariner"], "id": "MARINER_VIM_CVE-2021-3973.NASL", "href": "https://www.tenable.com/plugins/nessus/172828", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(172828);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/08/29\");\n\n script_cve_id(\"CVE-2021-3973\");\n\n script_name(english:\"CBL Mariner 2.0 Security Update: vim (CVE-2021-3973)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CBL Mariner host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected\nby a vulnerability as referenced in the CVE-2021-3973 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3973)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://nvd.nist.gov/vuln/detail/CVE-2021-3973\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:microsoft:cbl-mariner:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:microsoft:cbl-mariner\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MarinerOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CBLMariner/release\", \"Host/CBLMariner/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CBLMariner/release');\nif (isnull(release) || 'CBL-Mariner' >!< release) audit(AUDIT_OS_NOT, 'CBL-Mariner');\nvar os_ver = pregmatch(pattern: \"CBL-Mariner ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CBL-Mariner');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'CBL-Mariner 2.0', 'CBL-Mariner ' + os_ver);\n\nif (!get_kb_item('Host/CBLMariner/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu)\n audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CBL-Mariner', cpu);\n\nvar pkgs = [\n {'reference':'vim-8.2.4081-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-8.2.4081-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CBLMariner-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T15:34:20", "description": "According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3984)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.0 : vim (EulerOS-SA-2021-2845)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4069"], "modified": "2023-11-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2021-2845.NASL", "href": "https://www.tenable.com/plugins/nessus/156364", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156364);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3984\",\n \"CVE-2021-4069\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.0 : vim (EulerOS-SA-2021-2845)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3984)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-4069)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2845\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3390a7c8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-7.4.160-4.h11\",\n \"vim-enhanced-7.4.160-4.h11\",\n \"vim-filesystem-7.4.160-4.h11\",\n \"vim-minimal-7.4.160-4.h11\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-23T14:38:10", "description": "An update of the vim package has been released.\n\n - vim is vulnerable to Use After Free (CVE-2021-4069)", "cvss3": {}, "published": "2022-01-10T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Vim PHSA-2022-3.0-0347", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4069"], "modified": "2023-11-21T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:vim", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2022-3_0-0347_VIM.NASL", "href": "https://www.tenable.com/plugins/nessus/156581", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2022-3.0-0347. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156581);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/21\");\n\n script_cve_id(\"CVE-2021-4069\");\n\n script_name(english:\"Photon OS 3.0: Vim PHSA-2022-3.0-0347\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the vim package has been released.\n\n - vim is vulnerable to Use After Free (CVE-2021-4069)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-347.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4069\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 3.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'vim-8.2.3408-10.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'vim-extra-8.2.3408-10.ph3')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T16:27:12", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0366 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-11T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : vim (ALSA-2022:0366)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:alma:linux:vim-x11", "p-cpe:/a:alma:linux:vim-common", "p-cpe:/a:alma:linux:vim-enhanced", "p-cpe:/a:alma:linux:vim-filesystem", "p-cpe:/a:alma:linux:vim-minimal", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2022-0366.NASL", "href": "https://www.tenable.com/plugins/nessus/158837", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:0366.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158837);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2021-3872\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\"\n );\n script_xref(name:\"ALSA\", value:\"2022:0366\");\n\n script_name(english:\"AlmaLinux 8 : vim (ALSA-2022:0366)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:0366 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-0366.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4192\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'vim-common-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-filesystem-8.0.1763-16.el8_5.4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim-X11 / vim-common / vim-enhanced / vim-filesystem / vim-minimal');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-18T15:21:34", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0366 advisory.\n\n - vim: heap-based buffer overflow in win_redr_status() in drawscreen.c (CVE-2021-3872)\n\n - vim: illegal memory access in find_start_brace() in cindent.c when C-indenting (CVE-2021-3984)\n\n - vim: heap-based buffer overflow in find_help_tags() in help.c (CVE-2021-4019)\n\n - vim: use-after-free in win_linetabsize() (CVE-2021-4192)\n\n - vim: out-of-bound read in getvcol() (CVE-2021-4193)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "RHEL 8 : vim (RHSA-2022:0366)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2023-11-17T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:vim-x11", "p-cpe:/a:redhat:enterprise_linux:vim-common", "p-cpe:/a:redhat:enterprise_linux:vim-enhanced", "p-cpe:/a:redhat:enterprise_linux:vim-filesystem", "p-cpe:/a:redhat:enterprise_linux:vim-minimal"], "id": "REDHAT-RHSA-2022-0366.NASL", "href": "https://www.tenable.com/plugins/nessus/157313", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0366. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157313);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/17\");\n\n script_cve_id(\n \"CVE-2021-3872\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0366\");\n\n script_name(english:\"RHEL 8 : vim (RHSA-2022:0366)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0366 advisory.\n\n - vim: heap-based buffer overflow in win_redr_status() in drawscreen.c (CVE-2021-3872)\n\n - vim: illegal memory access in find_start_brace() in cindent.c when C-indenting (CVE-2021-3984)\n\n - vim: heap-based buffer overflow in find_help_tags() in help.c (CVE-2021-4019)\n\n - vim: use-after-free in win_linetabsize() (CVE-2021-4192)\n\n - vim: out-of-bound read in getvcol() (CVE-2021-4193)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4193\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2016056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2028122\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2028212\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2039687\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4192\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 122, 125, 416, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:vim-minimal\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'vim-common-8.0.1763-16.el8_5.4', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-8.0.1763-16.el8_5.4', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-filesystem-8.0.1763-16.el8_5.4', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-8.0.1763-16.el8_5.4', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-8.0.1763-16.el8_5.4', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'vim-common-8.0.1763-16.el8_5.4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-8.0.1763-16.el8_5.4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-filesystem-8.0.1763-16.el8_5.4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-8.0.1763-16.el8_5.4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-8.0.1763-16.el8_5.4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim-X11 / vim-common / vim-enhanced / vim-filesystem / vim-minimal');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-18T15:21:33", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:0366 advisory.\n\n - vim: heap-based buffer overflow in win_redr_status() in drawscreen.c (CVE-2021-3872)\n\n - vim: illegal memory access in find_start_brace() in cindent.c when C-indenting (CVE-2021-3984)\n\n - vim: heap-based buffer overflow in find_help_tags() in help.c (CVE-2021-4019)\n\n - vim: use-after-free in win_linetabsize() (CVE-2021-4192)\n\n - vim: out-of-bound read in getvcol() (CVE-2021-4193)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-02T00:00:00", "type": "nessus", "title": "CentOS 8 : vim (CESA-2022:0366)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2023-11-17T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:vim-x11", "p-cpe:/a:centos:centos:vim-common", "p-cpe:/a:centos:centos:vim-enhanced", "p-cpe:/a:centos:centos:vim-filesystem", "p-cpe:/a:centos:centos:vim-minimal"], "id": "CENTOS8_RHSA-2022-0366.NASL", "href": "https://www.tenable.com/plugins/nessus/157328", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2022:0366. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157328);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/17\");\n\n script_cve_id(\n \"CVE-2021-3872\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\"\n );\n script_xref(name:\"RHSA\", value:\"2022:0366\");\n\n script_name(english:\"CentOS 8 : vim (CESA-2022:0366)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2022:0366 advisory.\n\n - vim: heap-based buffer overflow in win_redr_status() in drawscreen.c (CVE-2021-3872)\n\n - vim: illegal memory access in find_start_brace() in cindent.c when C-indenting (CVE-2021-3984)\n\n - vim: heap-based buffer overflow in find_help_tags() in help.c (CVE-2021-4019)\n\n - vim: use-after-free in win_linetabsize() (CVE-2021-4192)\n\n - vim: out-of-bound read in getvcol() (CVE-2021-4193)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0366\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4192\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:vim-minimal\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'vim-common-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-common-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-filesystem-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-filesystem-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim-X11 / vim-common / vim-enhanced / vim-filesystem / vim-minimal');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T13:32:30", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0366 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-06T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : vim (RLSA-2022:0366)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:vim-x11", "p-cpe:/a:rocky:linux:vim-x11-debuginfo", "p-cpe:/a:rocky:linux:vim-common", "p-cpe:/a:rocky:linux:vim-common-debuginfo", "p-cpe:/a:rocky:linux:vim-debuginfo", "p-cpe:/a:rocky:linux:vim-debugsource", "p-cpe:/a:rocky:linux:vim-enhanced", "p-cpe:/a:rocky:linux:vim-enhanced-debuginfo", "p-cpe:/a:rocky:linux:vim-filesystem", "p-cpe:/a:rocky:linux:vim-minimal", "p-cpe:/a:rocky:linux:vim-minimal-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-0366.NASL", "href": "https://www.tenable.com/plugins/nessus/184481", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:0366.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184481);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2021-3872\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\"\n );\n script_xref(name:\"RLSA\", value:\"2022:0366\");\n\n script_name(english:\"Rocky Linux 8 : vim (RLSA-2022:0366)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2022:0366 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:0366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2016056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2028122\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2028212\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2039687\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4192\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-X11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-common-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-enhanced-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vim-minimal-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'vim-common-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-common-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-common-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-common-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-debugsource-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-debugsource-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-filesystem-8.0.1763-16.el8_5.4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-debuginfo-8.0.1763-16.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim-X11 / vim-X11-debuginfo / vim-common / vim-common-debuginfo / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-18T15:22:51", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0366 advisory.\n\n - vim is vulnerable to Use After Free (CVE-2021-4192)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-03T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : vim (ELSA-2022-0366)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2023-11-17T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:vim-x11", "p-cpe:/a:oracle:linux:vim-common", "p-cpe:/a:oracle:linux:vim-enhanced", "p-cpe:/a:oracle:linux:vim-filesystem", "p-cpe:/a:oracle:linux:vim-minimal"], "id": "ORACLELINUX_ELSA-2022-0366.NASL", "href": "https://www.tenable.com/plugins/nessus/157335", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-0366.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157335);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/17\");\n\n script_cve_id(\n \"CVE-2021-3872\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\"\n );\n\n script_name(english:\"Oracle Linux 8 : vim (ELSA-2022-0366)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-0366 advisory.\n\n - vim is vulnerable to Use After Free (CVE-2021-4192)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-0366.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4192\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vim-minimal\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'vim-common-8.0.1763-16.0.1.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-common-8.0.1763-16.0.1.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-8.0.1763-16.0.1.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-enhanced-8.0.1763-16.0.1.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-filesystem-8.0.1763-16.0.1.el8_5.4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-8.0.1763-16.0.1.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-minimal-8.0.1763-16.0.1.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-8.0.1763-16.0.1.el8_5.4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'vim-X11-8.0.1763-16.0.1.el8_5.4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim-X11 / vim-common / vim-enhanced / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-29T19:05:58", "description": "The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3974 advisory.\n\n - vim is vulnerable to Use After Free (CVE-2021-3974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-20T00:00:00", "type": "nessus", "title": "CBL Mariner 2.0 Security Update: vim (CVE-2021-3974)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3974"], "modified": "2023-08-29T00:00:00", "cpe": ["p-cpe:/a:microsoft:cbl-mariner:vim", "x-cpe:/o:microsoft:cbl-mariner"], "id": "MARINER_VIM_CVE-2021-3974.NASL", "href": "https://www.tenable.com/plugins/nessus/172855", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(172855);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/08/29\");\n\n script_cve_id(\"CVE-2021-3974\");\n\n script_name(english:\"CBL Mariner 2.0 Security Update: vim (CVE-2021-3974)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CBL Mariner host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected\nby a vulnerability as referenced in the CVE-2021-3974 advisory.\n\n - vim is vulnerable to Use After Free (CVE-2021-3974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://nvd.nist.gov/vuln/detail/CVE-2021-3974\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3974\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:microsoft:cbl-mariner:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:microsoft:cbl-mariner\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MarinerOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CBLMariner/release\", \"Host/CBLMariner/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CBLMariner/release');\nif (isnull(release) || 'CBL-Mariner' >!< release) audit(AUDIT_OS_NOT, 'CBL-Mariner');\nvar os_ver = pregmatch(pattern: \"CBL-Mariner ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CBL-Mariner');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'CBL-Mariner 2.0', 'CBL-Mariner ' + os_ver);\n\nif (!get_kb_item('Host/CBLMariner/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu)\n audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CBL-Mariner', cpu);\n\nvar pkgs = [\n {'reference':'vim-8.2.4081-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-8.2.4081-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CBLMariner-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-11T18:32:58", "description": "According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927, CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.6 : vim (EulerOS-SA-2023-1053)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0213", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0729"], "modified": "2023-09-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:uvp:3.0.2.6"], "id": "EULEROS_SA-2023-1053.NASL", "href": "https://www.tenable.com/plugins/nessus/169611", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169611);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/11\");\n\n script_cve_id(\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0213\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0729\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.6 : vim (EulerOS-SA-2023-1053)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927,\n CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1053\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b0d14173\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0359\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-7.4.160-4.h20.eulerosv2r7\",\n \"vim-enhanced-7.4.160-4.h20.eulerosv2r7\",\n \"vim-filesystem-7.4.160-4.h20.eulerosv2r7\",\n \"vim-minimal-7.4.160-4.h20.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-27T14:57:10", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-05-26T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-1769)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0213", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154"], "modified": "2023-10-26T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "p-cpe:/a:huawei:euleros:vim-x11", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1769.NASL", "href": "https://www.tenable.com/plugins/nessus/161528", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161528);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/26\");\n\n script_cve_id(\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0213\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0729\",\n \"CVE-2022-0943\",\n \"CVE-2022-1154\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-1769)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1769\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9753a4da\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1154\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-X11-7.4.160-2.h20\",\n \"vim-common-7.4.160-2.h20\",\n \"vim-enhanced-7.4.160-2.h20\",\n \"vim-filesystem-7.4.160-2.h20\",\n \"vim-minimal-7.4.160-2.h20\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T16:25:54", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2947 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3927, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359, CVE-2022-0361)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-16T00:00:00", "type": "nessus", "title": "Debian DLA-2947-1 : vim - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3872", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0213", "CVE-2022-0319", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0408", "CVE-2022-0554", "CVE-2022-0685", "CVE-2022-0714", "CVE-2022-0729"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:vim", "p-cpe:/a:debian:debian_linux:vim-athena", "p-cpe:/a:debian:debian_linux:vim-common", "p-cpe:/a:debian:debian_linux:vim-doc", "p-cpe:/a:debian:debian_linux:vim-gnome", "p-cpe:/a:debian:debian_linux:vim-gtk", "p-cpe:/a:debian:debian_linux:vim-gtk3", "p-cpe:/a:debian:debian_linux:vim-gui-common", "p-cpe:/a:debian:debian_linux:vim-nox", "p-cpe:/a:debian:debian_linux:vim-runtime", "p-cpe:/a:debian:debian_linux:vim-tiny", "p-cpe:/a:debian:debian_linux:xxd", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2947.NASL", "href": "https://www.tenable.com/plugins/nessus/158978", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2947. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158978);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2021-3872\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0213\",\n \"CVE-2022-0319\",\n \"CVE-2022-0359\",\n \"CVE-2022-0361\",\n \"CVE-2022-0368\",\n \"CVE-2022-0408\",\n \"CVE-2022-0554\",\n \"CVE-2022-0685\",\n \"CVE-2022-0714\",\n \"CVE-2022-0729\"\n );\n\n script_name(english:\"Debian DLA-2947-1 : vim - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2947 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3927, CVE-2021-3973,\n CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359, CVE-2022-0361)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/vim\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3927\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4069\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4193\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0213\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0319\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0359\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0408\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0554\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0714\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/vim\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vim packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 2\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-athena\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gui-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-nox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-tiny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xxd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'vim', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-athena', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-common', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-doc', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-gnome', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-gtk', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-gtk3', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-gui-common', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-nox', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-runtime', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'vim-tiny', 'reference': '2:8.0.0197-4+deb9u5'},\n {'release': '9.0', 'prefix': 'xxd', 'reference': '2:8.0.0197-4+deb9u5'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim / vim-athena / vim-common / vim-doc / vim-gnome / vim-gtk / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-24T15:23:54", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1728 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3968, CVE-2021-3973)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-10T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : vim (ALAS-2021-1728)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974"], "modified": "2023-11-22T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:vim-x11", "p-cpe:/a:amazon:linux:vim-common", "p-cpe:/a:amazon:linux:vim-debuginfo", "p-cpe:/a:amazon:linux:vim-enhanced", "p-cpe:/a:amazon:linux:vim-filesystem", "p-cpe:/a:amazon:linux:vim-minimal", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2021-1728.NASL", "href": "https://www.tenable.com/plugins/nessus/155982", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2021-1728.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155982);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/22\");\n\n script_cve_id(\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3875\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\"\n );\n script_xref(name:\"ALAS\", value:\"2021-1728\");\n\n script_name(english:\"Amazon Linux 2 : vim (ALAS-2021-1728)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1728 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875,\n CVE-2021-3968, CVE-2021-3973)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2021-1728.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/../../faqs.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3778.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3796.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3872.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3875.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3968.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3973.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3974.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update vim' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3968\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'vim-common-8.2.3642-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-8.2.3642-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-8.2.3642-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.3642-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.3642-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.3642-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.3642-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.3642-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.3642-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-filesystem-8.2.3642-1.amzn2.0.1', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.3642-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.3642-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.3642-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.2.3642-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.2.3642-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.2.3642-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim-X11 / vim-common / vim-debuginfo / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-15T15:08:08", "description": "According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3927, CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359, CVE-2022-1942)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898, CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-10-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : vim (EulerOS-SA-2022-2541)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0213", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0413", "CVE-2022-0443", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1616", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042"], "modified": "2023-10-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-x11", "p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2022-2541.NASL", "href": "https://www.tenable.com/plugins/nessus/165911", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165911);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/10\");\n\n script_cve_id(\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0213\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0413\",\n \"CVE-2022-0443\",\n \"CVE-2022-0714\",\n \"CVE-2022-0729\",\n \"CVE-2022-0943\",\n \"CVE-2022-1154\",\n \"CVE-2022-1616\",\n \"CVE-2022-1620\",\n \"CVE-2022-1621\",\n \"CVE-2022-1629\",\n \"CVE-2022-1674\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1942\",\n \"CVE-2022-1968\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : vim (EulerOS-SA-2022-2541)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3927, CVE-2021-3984, CVE-2021-4019,\n CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359, CVE-2022-1942)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898,\n CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is\n capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution\n (CVE-2022-1616)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim\n prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This\n vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution\n (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim\n prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2541\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?90d8d0e8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2042\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-X11-7.4.160-4.h26.eulerosv2r7\",\n \"vim-common-7.4.160-4.h26.eulerosv2r7\",\n \"vim-enhanced-7.4.160-4.h26.eulerosv2r7\",\n \"vim-filesystem-7.4.160-4.h26.eulerosv2r7\",\n \"vim-minimal-7.4.160-4.h26.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T16:26:45", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0736-1 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-46059)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0361)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-05T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : vim (openSUSE-SU-2022:0736-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0361", "CVE-2022-0413"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gvim", "p-cpe:/a:novell:opensuse:vim", "p-cpe:/a:novell:opensuse:vim-data", "p-cpe:/a:novell:opensuse:vim-data-common", "p-cpe:/a:novell:opensuse:vim-small", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0736-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158630", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0736-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158630);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4193\",\n \"CVE-2021-46059\",\n \"CVE-2022-0318\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0361\",\n \"CVE-2022-0413\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : vim (openSUSE-SU-2022:0736-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0736-1 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927,\n CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-46059)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0361)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192478\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192481\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193294\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193298\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194556\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195066\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195126\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195202\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195356\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FDNZ3N5S7UGKPUUKPGOQQGPJJK3YTW37/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7e3b18cd\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3778\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3927\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4193\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-46059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0319\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0351\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0413\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gvim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vim-data-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vim-small\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'gvim-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-data-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-small-8.0.1568-5.17.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gvim / vim / vim-data / vim-data-common / vim-small');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-15T14:41:36", "description": "The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0736-1 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927, CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0361)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-05T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:0736-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0361", "CVE-2022-0413"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:gvim", "p-cpe:/a:novell:suse_linux:vim", "p-cpe:/a:novell:suse_linux:vim-data", "p-cpe:/a:novell:suse_linux:vim-data-common", "p-cpe:/a:novell:suse_linux:vim-small", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0736-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158593", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0736-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158593);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4193\",\n \"CVE-2021-46059\",\n \"CVE-2022-0318\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0361\",\n \"CVE-2022-0413\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0736-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:0736-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the SUSE-SU-2022:0736-1 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927,\n CVE-2021-3984, CVE-2021-4019)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0361)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192478\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192481\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193294\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193298\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194556\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195066\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195126\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195202\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195356\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3778\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3927\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4193\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-46059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0319\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0351\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0413\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010366.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e60b8201\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gvim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim-data-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim-small\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLED_SAP15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED_SAP15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1|2|3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1/2/3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(0|1|2|3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP0/1/2/3/4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'0', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'0', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'1', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'1', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-small-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-small-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-small-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-small-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-small-8.0.1568-5.17.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-small-8.0.1568-5.17.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'SUSE-Manager-Proxy-release-4.2', 'SUSE-Manager-Server-release-4.2', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-data-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-data-common-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-small-8.0.1568-5.17.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-small-8.0.1568-5.17.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'gvim-8.0.1568-5.17.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'vim-8.0.1568-5.17.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gvim / vim / vim-data / vim-data-common / vim-small');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-08T16:18:17", "description": "According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-02-23T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-1193)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3974"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-x11", "p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1193.NASL", "href": "https://www.tenable.com/plugins/nessus/158275", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158275);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3974\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-1193)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1193\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f41fc7be\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3974\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-X11-7.4.160-2.h14\",\n \"vim-common-7.4.160-2.h14\",\n \"vim-enhanced-7.4.160-2.h14\",\n \"vim-filesystem-7.4.160-2.h14\",\n \"vim-minimal-7.4.160-2.h14\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T15:10:39", "description": "The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2102-1 advisory.\n\n - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382. (CVE-2017-17087)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359, CVE-2022-0361, CVE-2022-0407)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-1898)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-17T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:2102-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000382", "CVE-2017-17087", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0128", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0392", "CVE-2022-0407", "CVE-2022-0413", "CVE-2022-0696", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:gvim", "p-cpe:/a:novell:suse_linux:vim", "p-cpe:/a:novell:suse_linux:vim-data", "p-cpe:/a:novell:suse_linux:vim-data-common", "p-cpe:/a:novell:suse_linux:vim-small", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2102-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162382", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2102-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162382);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2017-17087\",\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3875\",\n \"CVE-2021-3903\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2021-46059\",\n \"CVE-2022-0128\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0361\",\n \"CVE-2022-0392\",\n \"CVE-2022-0407\",\n \"CVE-2022-0413\",\n \"CVE-2022-0696\",\n \"CVE-2022-1381\",\n \"CVE-2022-1420\",\n \"CVE-2022-1616\",\n \"CVE-2022-1619\",\n \"CVE-2022-1620\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1771\",\n \"CVE-2022-1785\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1927\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2102-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:2102-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the SUSE-SU-2022:2102-1 advisory.\n\n - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group\n (which may be different from the group ownership of the original file), which allows local users to obtain\n sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned\n by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability\n than CVE-2017-1000382. (CVE-2017-17087)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875,\n CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136,\n CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359,\n CVE-2022-0361, CVE-2022-0407)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-1898)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is\n capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution\n (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution\n (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim\n prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1070955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191770\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192167\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193905\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195332\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198596\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199334\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199655\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199693\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-17087\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3778\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3927\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4069\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4193\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-46059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0128\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0213\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0319\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0351\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0359\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0407\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0413\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1620\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1785\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1927\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-June/011301.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3d03ccc8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gvim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim-data-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim-small\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLED_SAP15\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED_SAP15 SP3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1|2|3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1/2/3/4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(0|1|2|3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP0/1/2/3/4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'0', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'0', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'1', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'1', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-small-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'vim-small-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-small-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'vim-small-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-small-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'vim-small-8.2.5038-150000.5.21.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-data-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-data-common-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-small-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'vim-small-8.2.5038-150000.5.21.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'gvim-8.2.5038-150000.5.21.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'vim-8.2.5038-150000.5.21.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gvim / vim / vim-data / vim-data-common / vim-small');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-05T21:17:04", "description": "The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3182 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3927, CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359, CVE-2022-0361, CVE-2022-0572)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368, CVE-2022-1851)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898, CVE-2022-1968)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Undefined Behavior for Input to API in GitHub repository vim/vim prior to 9.0.0100. (CVE-2022-2598)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0246. (CVE-2022-2946)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. (CVE-2022-3234)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. (CVE-2022-3324)\n\n - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324. (CVE-2022-3705)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-10T00:00:00", "type": "nessus", "title": "Debian DLA-3182-1 : vim - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0554", "CVE-2022-0572", "CVE-2022-0685", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1616", "CVE-2022-1720", "CVE-2022-1851", "CVE-2022-1898", "CVE-2022-1968", "CVE-2022-2285", "CVE-2022-2304", "CVE-2022-2598", "CVE-2022-2946", "CVE-2022-3099", "CVE-2022-3134", "CVE-2022-3234", "CVE-2022-3324", "CVE-2022-3705"], "modified": "2023-10-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:vim", "p-cpe:/a:debian:debian_linux:vim-athena", "p-cpe:/a:debian:debian_linux:vim-common", "p-cpe:/a:debian:debian_linux:vim-doc", "p-cpe:/a:debian:debian_linux:vim-gtk", "p-cpe:/a:debian:debian_linux:vim-gtk3", "p-cpe:/a:debian:debian_linux:vim-gui-common", "p-cpe:/a:debian:debian_linux:vim-nox", "p-cpe:/a:debian:debian_linux:vim-runtime", "p-cpe:/a:debian:debian_linux:vim-tiny", "p-cpe:/a:debian:debian_linux:xxd", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3182.NASL", "href": "https://www.tenable.com/plugins/nessus/167256", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3182. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167256);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/05\");\n\n script_cve_id(\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0361\",\n \"CVE-2022-0368\",\n \"CVE-2022-0408\",\n \"CVE-2022-0413\",\n \"CVE-2022-0417\",\n \"CVE-2022-0443\",\n \"CVE-2022-0554\",\n \"CVE-2022-0572\",\n \"CVE-2022-0685\",\n \"CVE-2022-0714\",\n \"CVE-2022-0729\",\n \"CVE-2022-0943\",\n \"CVE-2022-1154\",\n \"CVE-2022-1616\",\n \"CVE-2022-1720\",\n \"CVE-2022-1851\",\n \"CVE-2022-1898\",\n \"CVE-2022-1968\",\n \"CVE-2022-2285\",\n \"CVE-2022-2304\",\n \"CVE-2022-2598\",\n \"CVE-2022-2946\",\n \"CVE-2022-3099\",\n \"CVE-2022-3134\",\n \"CVE-2022-3234\",\n \"CVE-2022-3324\",\n \"CVE-2022-3705\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n script_xref(name:\"IAVB\", value:\"2023-B-0016-S\");\n\n script_name(english:\"Debian DLA-3182-1 : vim - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-3182 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3927, CVE-2021-3984, CVE-2021-4019,\n CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359,\n CVE-2022-0361, CVE-2022-0572)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368, CVE-2022-1851)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898,\n CVE-2022-1968)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is\n capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution\n (CVE-2022-1616)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This\n vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Undefined Behavior for Input to API in GitHub repository vim/vim prior to 9.0.0100. (CVE-2022-2598)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0246. (CVE-2022-2946)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. (CVE-2022-3234)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. (CVE-2022-3324)\n\n - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function\n qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use\n after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this\n issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the\n affected component. The identifier of this vulnerability is VDB-212324. (CVE-2022-3705)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/vim\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3927\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4069\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4193\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0213\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0319\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0351\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0359\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0408\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0413\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0417\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0443\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0554\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0714\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0943\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2946\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3134\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/vim\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vim packages.\n\nFor Debian 10 buster, these problems have been fixed in version 2\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2304\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-athena\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-gui-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-nox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:vim-tiny\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xxd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar debian_release = get_kb_item('Host/Debian/release');\nif ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');\ndebian_release = chomp(debian_release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'vim', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'vim-athena', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'vim-common', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'vim-doc', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'vim-gtk', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'vim-gtk3', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'vim-gui-common', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'vim-nox', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'vim-runtime', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'vim-tiny', 'reference': '2:8.1.0875-5+deb10u3'},\n {'release': '10.0', 'prefix': 'xxd', 'reference': '2:8.1.0875-5+deb10u3'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var _release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (_release && prefix && reference) {\n if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'vim / vim-athena / vim-common / vim-doc / vim-gtk / vim-gtk3 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-05T18:39:13", "description": "According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927, CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359, CVE-2022-1942, CVE-2022-2125, CVE-2022-2207)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898, CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218. (CVE-2022-2845)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-30T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : vim (EulerOS-SA-2023-1303)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0213", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0413", "CVE-2022-0443", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2257", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2287", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-2345", "CVE-2022-2845"], "modified": "2023-09-05T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:vim-common", "p-cpe:/a:huawei:euleros:vim-enhanced", "p-cpe:/a:huawei:euleros:vim-filesystem", "p-cpe:/a:huawei:euleros:vim-minimal", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2023-1303.NASL", "href": "https://www.tenable.com/plugins/nessus/170811", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170811);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/05\");\n\n script_cve_id(\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0213\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0413\",\n \"CVE-2022-0443\",\n \"CVE-2022-0714\",\n \"CVE-2022-0729\",\n \"CVE-2022-0943\",\n \"CVE-2022-1154\",\n \"CVE-2022-1620\",\n \"CVE-2022-1621\",\n \"CVE-2022-1629\",\n \"CVE-2022-1674\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1942\",\n \"CVE-2022-1968\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2257\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2287\",\n \"CVE-2022-2289\",\n \"CVE-2022-2304\",\n \"CVE-2022-2345\",\n \"CVE-2022-2845\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : vim (EulerOS-SA-2023-1303)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3927,\n CVE-2021-3984, CVE-2021-4019, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359, CVE-2022-1942,\n CVE-2022-2125, CVE-2022-2207)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898,\n CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim\n prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This\n vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution\n (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim\n prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126,\n CVE-2022-2183, CVE-2022-2206)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000,\n CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218. (CVE-2022-2845)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1303\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ecb01bec\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected vim packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"vim-common-7.4.160-4.h33.eulerosv2r7\",\n \"vim-enhanced-7.4.160-4.h33.eulerosv2r7\",\n \"vim-filesystem-7.4.160-4.h33.eulerosv2r7\",\n \"vim-minimal-7.4.160-4.h33.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-15T15:04:50", "description": "The remote host is affected by the vulnerability described in GLSA-202208-32 (Vim, gVim: Multiple Vulnerabilities)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3770, CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136, CVE-2022-0158, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187, CVE-2021-4192, CVE-2022-0156)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-46059)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359, CVE-2022-0361, CVE-2022-0407, CVE-2022-1886, CVE-2022-1942, CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368, CVE-2022-0393, CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408, CVE-2022-0629)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898, CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. (CVE-2022-1160)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. (CVE-2022-1769)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000, CVE-2022-2129, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286, CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. (CVE-2022-2288)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-21T00:00:00", "type": "nessus", "title": "GLSA-202208-32 : Vim, gVim: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3770", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0128", "CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0392", "CVE-2022-0393", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0554", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1160", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1720", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1886", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2288", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345"], "modified": "2023-10-13T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:gvim", "p-cpe:/a:gentoo:linux:vim", "p-cpe:/a:gentoo:linux:vim-core", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202208-32.NASL", "href": "https://www.tenable.com/plugins/nessus/164318", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202208-32.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164318);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/13\");\n\n script_cve_id(\n \"CVE-2021-3770\",\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3875\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4173\",\n \"CVE-2021-4187\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2021-46059\",\n \"CVE-2022-0128\",\n \"CVE-2022-0156\",\n \"CVE-2022-0158\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0361\",\n \"CVE-2022-0368\",\n \"CVE-2022-0392\",\n \"CVE-2022-0393\",\n \"CVE-2022-0407\",\n \"CVE-2022-0408\",\n \"CVE-2022-0413\",\n \"CVE-2022-0417\",\n \"CVE-2022-0443\",\n \"CVE-2022-0554\",\n \"CVE-2022-0629\",\n \"CVE-2022-0685\",\n \"CVE-2022-0714\",\n \"CVE-2022-0729\",\n \"CVE-2022-0943\",\n \"CVE-2022-1154\",\n \"CVE-2022-1160\",\n \"CVE-2022-1381\",\n \"CVE-2022-1420\",\n \"CVE-2022-1616\",\n \"CVE-2022-1619\",\n \"CVE-2022-1620\",\n \"CVE-2022-1621\",\n \"CVE-2022-1629\",\n \"CVE-2022-1674\",\n \"CVE-2022-1720\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1769\",\n \"CVE-2022-1771\",\n \"CVE-2022-1785\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1886\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1927\",\n \"CVE-2022-1942\",\n \"CVE-2022-1968\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2129\",\n \"CVE-2022-2175\",\n \"CVE-2022-2182\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2231\",\n \"CVE-2022-2257\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2288\",\n \"CVE-2022-2289\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n script_xref(name:\"IAVB\", value:\"2023-B-0016-S\");\n\n script_name(english:\"GLSA-202208-32 : Vim, gVim: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202208-32 (Vim, gVim: Multiple Vulnerabilities)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3770, CVE-2021-3778, CVE-2021-3872,\n CVE-2021-3875, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136,\n CVE-2022-0158, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4173,\n CVE-2021-4187, CVE-2021-4192, CVE-2022-0156)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-46059)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359,\n CVE-2022-0361, CVE-2022-0407, CVE-2022-1886, CVE-2022-1942, CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368, CVE-2022-0393,\n CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408, CVE-2022-0629)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898,\n CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. (CVE-2022-1160)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is\n capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution\n (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution\n (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim\n prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This\n vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution\n (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim\n prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This\n vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. (CVE-2022-1769)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000,\n CVE-2022-2129, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286,\n CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. (CVE-2022-2288)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202208-32\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=811870\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=818562\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=819528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=823473\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=824930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=828583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=829658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=830106\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=830994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=833572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=836432\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=851231\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Vim users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=app-editors/vim-9.0.0060\n \nAll gVim users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=app-editors/gvim-9.0.0060\n \nAll vim-core users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=app-editors/vim-core-9.0.0060\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gvim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:vim-core\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : \"app-editors/gvim\",\n 'unaffected' : make_list(\"ge 9.0.0060\"),\n 'vulnerable' : make_list(\"lt 9.0.0060\")\n },\n {\n 'name' : \"app-editors/vim\",\n 'unaffected' : make_list(\"ge 9.0.0060\"),\n 'vulnerable' : make_list(\"lt 9.0.0060\")\n },\n {\n 'name' : \"app-editors/vim-core\",\n 'unaffected' : make_list(\"ge 9.0.0060\"),\n 'vulnerable' : make_list(\"lt 9.0.0060\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Vim / gVim\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T21:11:40", "description": "The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4619-1 advisory.\n\n - Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair. (CVE-2009-0316)\n\n - vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. (CVE-2016-1248)\n\n - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382. (CVE-2017-17087)\n\n - vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.\n (CVE-2017-5953)\n\n - An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. (CVE-2017-6349)\n\n - An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. (CVE-2017-6350)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359, CVE-2022-0361, CVE-2022-0407, CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-1898, CVE-2022-1968)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2129, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286, CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. (CVE-2022-2522)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. (CVE-2022-2571)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. (CVE-2022-2580)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. (CVE-2022-2581)\n\n - Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100. (CVE-2022-2598)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. (CVE-2022-2816)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0213. (CVE-2022-2817)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. (CVE-2022-2819)\n\n - Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.\n (CVE-2022-2845)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. (CVE-2022-2849)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0221. (CVE-2022-2862)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. (CVE-2022-2874)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0225. (CVE-2022-2889)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. (CVE-2022-2923)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0246. (CVE-2022-2946)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. (CVE-2022-2980)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0260. (CVE-2022-2982)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0286. (CVE-2022-3016)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0322. (CVE-2022-3037)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. (CVE-2022-3234)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0490. (CVE-2022-3235)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. (CVE-2022-3278)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. (CVE-2022-3296)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0579. (CVE-2022-3297)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. (CVE-2022-3324)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0614. (CVE-2022-3352)\n\n - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324. (CVE-2022-3705)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-28T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : vim (SUSE-SU-2022:4619-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2009-0316", "CVE-2016-1248", "CVE-2017-1000382", "CVE-2017-17087", "CVE-2017-5953", "CVE-2017-6349", "CVE-2017-6350", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0128", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0392", "CVE-2022-0407", "CVE-2022-0413", "CVE-2022-0696", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1720", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1968", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345", "CVE-2022-2522", "CVE-2022-2571", "CVE-2022-2580", "CVE-2022-2581", "CVE-2022-2598", "CVE-2022-2816", "CVE-2022-2817", "CVE-2022-2819", "CVE-2022-2845", "CVE-2022-2849", "CVE-2022-2862", "CVE-2022-2874", "CVE-2022-2889", "CVE-2022-2923", "CVE-2022-2946", "CVE-2022-2980", "CVE-2022-2982", "CVE-2022-3016", "CVE-2022-3037", "CVE-2022-3099", "CVE-2022-3134", "CVE-2022-3153", "CVE-2022-3234", "CVE-2022-3235", "CVE-2022-3278", "CVE-2022-3296", "CVE-2022-3297", "CVE-2022-3324", "CVE-2022-3352", "CVE-2022-3705"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:gvim", "p-cpe:/a:novell:suse_linux:vim", "p-cpe:/a:novell:suse_linux:vim-data", "p-cpe:/a:novell:suse_linux:vim-data-common", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-4619-1.NASL", "href": "https://www.tenable.com/plugins/nessus/169350", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:4619-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169350);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2009-0316\",\n \"CVE-2016-1248\",\n \"CVE-2017-5953\",\n \"CVE-2017-6349\",\n \"CVE-2017-6350\",\n \"CVE-2017-17087\",\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3875\",\n \"CVE-2021-3903\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2021-46059\",\n \"CVE-2022-0128\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0361\",\n \"CVE-2022-0392\",\n \"CVE-2022-0407\",\n \"CVE-2022-0413\",\n \"CVE-2022-0696\",\n \"CVE-2022-1381\",\n \"CVE-2022-1420\",\n \"CVE-2022-1616\",\n \"CVE-2022-1619\",\n \"CVE-2022-1620\",\n \"CVE-2022-1720\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1771\",\n \"CVE-2022-1785\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1927\",\n \"CVE-2022-1968\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2129\",\n \"CVE-2022-2175\",\n \"CVE-2022-2182\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2231\",\n \"CVE-2022-2257\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\",\n \"CVE-2022-2522\",\n \"CVE-2022-2571\",\n \"CVE-2022-2580\",\n \"CVE-2022-2581\",\n \"CVE-2022-2598\",\n \"CVE-2022-2816\",\n \"CVE-2022-2817\",\n \"CVE-2022-2819\",\n \"CVE-2022-2845\",\n \"CVE-2022-2849\",\n \"CVE-2022-2862\",\n \"CVE-2022-2874\",\n \"CVE-2022-2889\",\n \"CVE-2022-2923\",\n \"CVE-2022-2946\",\n \"CVE-2022-2980\",\n \"CVE-2022-2982\",\n \"CVE-2022-3016\",\n \"CVE-2022-3037\",\n \"CVE-2022-3099\",\n \"CVE-2022-3134\",\n \"CVE-2022-3153\",\n \"CVE-2022-3234\",\n \"CVE-2022-3235\",\n \"CVE-2022-3278\",\n \"CVE-2022-3296\",\n \"CVE-2022-3297\",\n \"CVE-2022-3324\",\n \"CVE-2022-3352\",\n \"CVE-2022-3705\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n script_xref(name:\"IAVB\", value:\"2023-B-0016-S\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:4619-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : vim (SUSE-SU-2022:4619-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:4619-1 advisory.\n\n - Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045\n allows local users to execute arbitrary code via a Trojan horse Python file in the current working\n directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an\n erroneous search path for plugin/bike.vim in bicyclerepair. (CVE-2009-0316)\n\n - vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap'\n options, which may result in the execution of arbitrary code if a file with a specially crafted modeline\n is opened. (CVE-2016-1248)\n\n - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group\n (which may be different from the group ownership of the original file), which allows local users to obtain\n sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned\n by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability\n than CVE-2017-1000382. (CVE-2017-17087)\n\n - vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file,\n which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.\n (CVE-2017-5953)\n\n - An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if\n it does not properly validate values for tree length when reading a corrupted undo file, which may lead to\n resultant buffer overflows. (CVE-2017-6349)\n\n - An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch\n 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file,\n which may lead to resultant buffer overflows. (CVE-2017-6350)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875,\n CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136,\n CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359,\n CVE-2022-0361, CVE-2022-0407, CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-1898, CVE-2022-1968)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is\n capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution\n (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution\n (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim\n prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This\n vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126,\n CVE-2022-2183, CVE-2022-2206)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2129,\n CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286,\n CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. (CVE-2022-2522)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. (CVE-2022-2571)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. (CVE-2022-2580)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. (CVE-2022-2581)\n\n - Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100. (CVE-2022-2598)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. (CVE-2022-2816)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0213. (CVE-2022-2817)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. (CVE-2022-2819)\n\n - Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.\n (CVE-2022-2845)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. (CVE-2022-2849)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0221. (CVE-2022-2862)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. (CVE-2022-2874)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0225. (CVE-2022-2889)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. (CVE-2022-2923)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0246. (CVE-2022-2946)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. (CVE-2022-2980)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0260. (CVE-2022-2982)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0286. (CVE-2022-3016)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0322. (CVE-2022-3037)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. (CVE-2022-3234)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0490. (CVE-2022-3235)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. (CVE-2022-3278)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. (CVE-2022-3296)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0579. (CVE-2022-3297)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. (CVE-2022-3324)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0614. (CVE-2022-3352)\n\n - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function\n qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use\n after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this\n issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the\n affected component. The identifier of this vulnerability is VDB-212324. (CVE-2022-3705)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1070955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1174564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1176549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1182324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191770\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192167\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192478\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192481\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193294\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193298\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193905\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194556\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195066\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195126\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195202\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195332\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195356\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198596\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199334\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199655\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199693\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200270\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200697\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201132\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201133\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201134\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201135\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201150\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201151\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201152\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201249\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201356\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201359\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201620\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201863\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202049\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202050\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202421\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202515\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202687\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203110\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203152\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203194\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203272\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203508\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203509\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204779\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2009-0316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2016-1248\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-17087\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-5953\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-6349\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-6350\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3778\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3927\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4069\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4193\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-46059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0128\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0213\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0319\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0351\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0359\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0361\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0407\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0413\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1620\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1785\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1927\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2124\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2126\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2175\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2206\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2207\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2208\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2231\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2284\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2344\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2522\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2571\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2580\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2874\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2946\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2980\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3134\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3278\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3296\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3297\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3705\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-December/013343.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a2be2817\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected gvim, vim, vim-data and / or vim-data-common packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gvim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:vim-data-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'gvim-9.0.0814-17.9.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'vim-9.0.0814-17.9.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'vim-data-9.0.0814-17.9.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'vim-data-common-9.0.0814-17.9.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'gvim-9.0.0814-17.9.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'vim-9.0.0814-17.9.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'vim-data-9.0.0814-17.9.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'vim-data-common-9.0.0814-17.9.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'gvim-9.0.0814-17.9.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'vim-9.0.0814-17.9.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'vim-data-9.0.0814-17.9.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'vim-data-common-9.0.0814-17.9.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gvim / vim / vim-data / vim-data-common');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-18T13:04:23", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-098 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3770, CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136, CVE-2022-0158, CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187, CVE-2021-4192, CVE-2022-0156)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359, CVE-2022-0361, CVE-2022-0407, CVE-2022-0572, CVE-2022-1886, CVE-2022-1942, CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368, CVE-2022-0393, CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408, CVE-2022-0629)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898, CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. (CVE-2022-1160)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. (CVE-2022-1725)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. (CVE-2022-1769)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000, CVE-2022-2129, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286, CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. (CVE-2022-2288)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. (CVE-2022-2522)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. (CVE-2022-2571)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. (CVE-2022-2580)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. (CVE-2022-2581)\n\n - Undefined Behavior for Input to API in GitHub repository vim/vim prior to 9.0.0100. (CVE-2022-2598)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. (CVE-2022-2816)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0213. (CVE-2022-2817)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. (CVE-2022-2819)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218. (CVE-2022-2845)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. (CVE-2022-2849)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0221. (CVE-2022-2862)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. (CVE-2022-2874)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0225. (CVE-2022-2889)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. (CVE-2022-2923)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0246. (CVE-2022-2946)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. (CVE-2022-2980)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0260. (CVE-2022-2982)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0286. (CVE-2022-3016)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0322. (CVE-2022-3037)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)\n\n - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324. (CVE-2022-3705)\n\n - Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command. (CVE-2022-4141)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0882. (CVE-2022-4292)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. (CVE-2023-0049)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-098)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3770", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0128", "CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0392", "CVE-2022-0393", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0554", "CVE-2022-0572", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0696", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1160", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1720", "CVE-2022-1725", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1886", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2288", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345", "CVE-2022-2522", "CVE-2022-2571", "CVE-2022-2580", "CVE-2022-2581", "CVE-2022-2598", "CVE-2022-2816", "CVE-2022-2817", "CVE-2022-2819", "CVE-2022-2845", "CVE-2022-2849", "CVE-2022-2862", "CVE-2022-2874", "CVE-2022-2889", "CVE-2022-2923", "CVE-2022-2946", "CVE-2022-2980", "CVE-2022-2982", "CVE-2022-3016", "CVE-2022-3037", "CVE-2022-3099", "CVE-2022-3134", "CVE-2022-3153", "CVE-2022-3705", "CVE-2022-4141", "CVE-2022-4292", "CVE-2023-0049"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:vim-common", "p-cpe:/a:amazon:linux:vim-common-debuginfo", "p-cpe:/a:amazon:linux:vim-data", "p-cpe:/a:amazon:linux:vim-debuginfo", "p-cpe:/a:amazon:linux:vim-debugsource", "p-cpe:/a:amazon:linux:vim-default-editor", "p-cpe:/a:amazon:linux:vim-enhanced", "p-cpe:/a:amazon:linux:vim-enhanced-debuginfo", "p-cpe:/a:amazon:linux:vim-filesystem", "p-cpe:/a:amazon:linux:vim-minimal", "p-cpe:/a:amazon:linux:vim-minimal-debuginfo", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-098.NASL", "href": "https://www.tenable.com/plugins/nessus/173115", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-098.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173115);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\n \"CVE-2021-3770\",\n \"CVE-2021-3903\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4173\",\n \"CVE-2021-4187\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0128\",\n \"CVE-2022-0156\",\n \"CVE-2022-0158\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0361\",\n \"CVE-2022-0368\",\n \"CVE-2022-0392\",\n \"CVE-2022-0393\",\n \"CVE-2022-0407\",\n \"CVE-2022-0408\",\n \"CVE-2022-0413\",\n \"CVE-2022-0417\",\n \"CVE-2022-0443\",\n \"CVE-2022-0554\",\n \"CVE-2022-0572\",\n \"CVE-2022-0629\",\n \"CVE-2022-0685\",\n \"CVE-2022-0696\",\n \"CVE-2022-0714\",\n \"CVE-2022-0729\",\n \"CVE-2022-0943\",\n \"CVE-2022-1154\",\n \"CVE-2022-1160\",\n \"CVE-2022-1381\",\n \"CVE-2022-1420\",\n \"CVE-2022-1616\",\n \"CVE-2022-1619\",\n \"CVE-2022-1620\",\n \"CVE-2022-1621\",\n \"CVE-2022-1629\",\n \"CVE-2022-1674\",\n \"CVE-2022-1720\",\n \"CVE-2022-1725\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1769\",\n \"CVE-2022-1771\",\n \"CVE-2022-1785\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1886\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1927\",\n \"CVE-2022-1942\",\n \"CVE-2022-1968\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2129\",\n \"CVE-2022-2175\",\n \"CVE-2022-2182\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2231\",\n \"CVE-2022-2257\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2288\",\n \"CVE-2022-2289\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\",\n \"CVE-2022-2522\",\n \"CVE-2022-2571\",\n \"CVE-2022-2580\",\n \"CVE-2022-2581\",\n \"CVE-2022-2598\",\n \"CVE-2022-2816\",\n \"CVE-2022-2817\",\n \"CVE-2022-2819\",\n \"CVE-2022-2845\",\n \"CVE-2022-2849\",\n \"CVE-2022-2862\",\n \"CVE-2022-2874\",\n \"CVE-2022-2889\",\n \"CVE-2022-2923\",\n \"CVE-2022-2946\",\n \"CVE-2022-2980\",\n \"CVE-2022-2982\",\n \"CVE-2022-3016\",\n \"CVE-2022-3037\",\n \"CVE-2022-3099\",\n \"CVE-2022-3134\",\n \"CVE-2022-3153\",\n \"CVE-2022-3705\",\n \"CVE-2022-4141\",\n \"CVE-2022-4292\",\n \"CVE-2023-0049\"\n );\n script_xref(name:\"IAVB\", value:\"2023-B-0018-S\");\n\n script_name(english:\"Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-098)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-098 advisory.\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3770, CVE-2021-3903, CVE-2021-3927,\n CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136, CVE-2022-0158, CVE-2022-0213)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187,\n CVE-2021-4192, CVE-2022-0156)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359,\n CVE-2022-0361, CVE-2022-0407, CVE-2022-0572, CVE-2022-1886, CVE-2022-1942, CVE-2022-2125, CVE-2022-2182,\n CVE-2022-2207)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368, CVE-2022-0393,\n CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408, CVE-2022-0629)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898,\n CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. (CVE-2022-1160)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is\n capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution\n (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution\n (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim\n prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This\n vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution\n (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim\n prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This\n vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. (CVE-2022-1725)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. (CVE-2022-1769)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000,\n CVE-2022-2129, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286,\n CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. (CVE-2022-2288)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. (CVE-2022-2522)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. (CVE-2022-2571)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. (CVE-2022-2580)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. (CVE-2022-2581)\n\n - Undefined Behavior for Input to API in GitHub repository vim/vim prior to 9.0.0100. (CVE-2022-2598)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. (CVE-2022-2816)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0213. (CVE-2022-2817)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. (CVE-2022-2819)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218. (CVE-2022-2845)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. (CVE-2022-2849)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0221. (CVE-2022-2862)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. (CVE-2022-2874)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0225. (CVE-2022-2889)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. (CVE-2022-2923)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0246. (CVE-2022-2946)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. (CVE-2022-2980)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0260. (CVE-2022-2982)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0286. (CVE-2022-3016)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0322. (CVE-2022-3037)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)\n\n - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function\n qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use\n after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this\n issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the\n affected component. The identifier of this vulnerability is VDB-212324. (CVE-2022-3705)\n\n - Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the\n expression used in the RHS of the substitute command. (CVE-2022-4141)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0882. (CVE-2022-4292)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. (CVE-2023-0049)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-098.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3770.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3903.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3927.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3928.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3968.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3973.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3974.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3984.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4019.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4069.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4136.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4166.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4173.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4187.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4192.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4193.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0128.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0156.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0158.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0213.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0261.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0318.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0319.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0351.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0359.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0361.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0368.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0392.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0393.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0407.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0408.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0413.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0417.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0443.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0554.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0572.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0629.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0685.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0696.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0714.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0729.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0943.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1154.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1160.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1381.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1420.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1616.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1619.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1620.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1621.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1629.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1674.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1720.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1725.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1733.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1735.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1769.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1771.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1785.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1796.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1851.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1886.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1897.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1898.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1927.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1942.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1968.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2000.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2042.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2124.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2125.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2126.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2129.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2175.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2182.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2183.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2206.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2207.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2208.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2210.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2231.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2257.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2264.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2284.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2285.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2286.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2287.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2288.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2289.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2304.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2343.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2344.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2345.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2522.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2571.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2580.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2581.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2598.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2816.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2817.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2819.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2845.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2849.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2862.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2874.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2889.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2923.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2946.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2980.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2982.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3016.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3037.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3099.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3134.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3153.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3705.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-4141.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-4292.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-0049.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update vim --releasever=2023.0.20230222 ' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-default-editor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'vim-common-9.0.1160-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-9.0.1160-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-9.0.1160-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-data-9.0.1160-1.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-9.0.1160-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-9.0.1160-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-9.0.1160-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-default-editor-9.0.1160-1.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-9.0.1160-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-9.0.1160-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-9.0.1160-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-filesystem-9.0.1160-1.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-9.0.1160-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-9.0.1160-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-9.0.1160-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-9.0.1160-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim-common / vim-common-debuginfo / vim-data / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-10T04:59:59", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-155 advisory.\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-20T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : (ALAS2022-2022-155)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3770", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0128", "CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0392", "CVE-2022-0393", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0554", "CVE-2022-0572", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0696", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1160", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1720", "CVE-2022-1725", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1886", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2288", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345", "CVE-2022-2522", "CVE-2022-2571", "CVE-2022-2580", "CVE-2022-2581", "CVE-2022-2598", "CVE-2022-2816", "CVE-2022-2817", "CVE-2022-2819", "CVE-2022-2845", "CVE-2022-2849", "CVE-2022-2862", "CVE-2022-2874", "CVE-2022-2889", "CVE-2022-2923", "CVE-2022-2946", "CVE-2022-2980", "CVE-2022-2982", "CVE-2022-3016", "CVE-2022-3037", "CVE-2022-3099", "CVE-2022-3134", "CVE-2022-3153"], "modified": "2023-10-09T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:vim-common", "p-cpe:/a:amazon:linux:vim-common-debuginfo", "p-cpe:/a:amazon:linux:vim-data", "p-cpe:/a:amazon:linux:vim-debuginfo", "p-cpe:/a:amazon:linux:vim-debugsource", "p-cpe:/a:amazon:linux:vim-default-editor", "p-cpe:/a:amazon:linux:vim-enhanced", "p-cpe:/a:amazon:linux:vim-enhanced-debuginfo", "p-cpe:/a:amazon:linux:vim-filesystem", "p-cpe:/a:amazon:linux:vim-minimal", "p-cpe:/a:amazon:linux:vim-minimal-debuginfo", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-155.NASL", "href": "https://www.tenable.com/plugins/nessus/166352", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-155.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166352);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/09\");\n\n script_cve_id(\n \"CVE-2021-3770\",\n \"CVE-2021-3903\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4173\",\n \"CVE-2021-4187\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0128\",\n \"CVE-2022-0156\",\n \"CVE-2022-0158\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0361\",\n \"CVE-2022-0368\",\n \"CVE-2022-0392\",\n \"CVE-2022-0393\",\n \"CVE-2022-0407\",\n \"CVE-2022-0408\",\n \"CVE-2022-0413\",\n \"CVE-2022-0417\",\n \"CVE-2022-0443\",\n \"CVE-2022-0554\",\n \"CVE-2022-0572\",\n \"CVE-2022-0629\",\n \"CVE-2022-0685\",\n \"CVE-2022-0696\",\n \"CVE-2022-0714\",\n \"CVE-2022-0729\",\n \"CVE-2022-0943\",\n \"CVE-2022-1154\",\n \"CVE-2022-1160\",\n \"CVE-2022-1381\",\n \"CVE-2022-1420\",\n \"CVE-2022-1616\",\n \"CVE-2022-1619\",\n \"CVE-2022-1620\",\n \"CVE-2022-1621\",\n \"CVE-2022-1629\",\n \"CVE-2022-1674\",\n \"CVE-2022-1720\",\n \"CVE-2022-1725\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1769\",\n \"CVE-2022-1771\",\n \"CVE-2022-1785\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1886\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1927\",\n \"CVE-2022-1942\",\n \"CVE-2022-1968\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2129\",\n \"CVE-2022-2175\",\n \"CVE-2022-2182\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2231\",\n \"CVE-2022-2257\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2288\",\n \"CVE-2022-2289\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\",\n \"CVE-2022-2522\",\n \"CVE-2022-2571\",\n \"CVE-2022-2580\",\n \"CVE-2022-2581\",\n \"CVE-2022-2598\",\n \"CVE-2022-2816\",\n \"CVE-2022-2817\",\n \"CVE-2022-2819\",\n \"CVE-2022-2845\",\n \"CVE-2022-2849\",\n \"CVE-2022-2862\",\n \"CVE-2022-2874\",\n \"CVE-2022-2889\",\n \"CVE-2022-2923\",\n \"CVE-2022-2946\",\n \"CVE-2022-2980\",\n \"CVE-2022-2982\",\n \"CVE-2022-3016\",\n \"CVE-2022-3037\",\n \"CVE-2022-3099\",\n \"CVE-2022-3134\",\n \"CVE-2022-3153\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n script_xref(name:\"IAVB\", value:\"2023-B-0016-S\");\n\n script_name(english:\"Amazon Linux 2022 : (ALAS2022-2022-155)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-155 advisory.\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-155.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3099.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3134.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3153.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update vim --releasever=2022.0.20221019' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-default-editor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'vim-common-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-data-9.0.475-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-default-editor-9.0.475-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-filesystem-9.0.475-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim-common / vim-common-debuginfo / vim-data / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntu": [{"lastseen": "2023-12-06T18:40:27", "description": "## Releases\n\n * Ubuntu 21.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * vim \\- Vi IMproved - enhanced vi editor\n\nIt was discovered that vim incorrectly handled parsing of filenames in its \nsearch functionality. If a user was tricked into opening a specially crafted \nfile, an attacker could crash the application, leading to a denial of \nservice. This issue only affected Ubuntu 21.10. (CVE-2021-3973)\n\nIt was discovered that vim incorrectly handled memory when opening and \nsearching the contents of certain files. If a user was tricked into opening \na specially crafted file, an attacker could crash the application, leading to \na denial of service, or possibly achieve code execution with user privileges. \nThis issue only affected Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-3974)\n\nIt was discovered that vim incorrectly handled memory when opening and editing \ncertain files. If a user was tricked into opening a specially crafted file, an \nattacker could crash the application, leading to a denial of service, or \npossibly achieve code execution with user privileges. (CVE-2021-3984)\n\nIt was discovered that vim incorrectly handled memory when opening and editing \ncertain files. If a user was tricked into opening a specially crafted file, an \nattacker could crash the application, leading to a denial of service, or \npossibly achieve code execution with user privileges. (CVE-2021-4019)\n\nIt was discovered that vim incorrectly handled memory when opening and editing \ncertain files. If a user was tricked into opening a specially crafted file, an \nattacker could crash the application, leading to a denial of service, or \npossibly achieve code execution with user privileges.(CVE-2021-4069)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-27T00:00:00", "type": "ubuntu", "title": "Vim vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2022-01-27T00:00:00", "id": "USN-5247-1", "href": "https://ubuntu.com/security/notices/USN-5247-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:35:36", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * vim \\- Vi IMproved - enhanced vi editor\n\nIt was discovered that Vim incorrectly handled parsing of filenames in its \nsearch functionality. If a user were tricked into opening a specially crafted \nfile, an attacker could crash the application, leading to a denial of \nservice. (CVE-2021-3973)\n\nIt was discovered that Vim incorrectly handled memory when opening and \nsearching the contents of certain files. If a user were tricked into opening \na specially crafted file, an attacker could crash the application, leading to \na denial of service, or possibly achieve code execution with user privileges. \n(CVE-2021-3974)\n\nIt was discovered that Vim incorrectly handled memory when opening and editing \ncertain files. If a user were tricked into opening a specially crafted file, \nan attacker could crash the application, leading to a denial of service, or \npossibly achieve code execution with user privileges. (CVE-2021-3984, \nCVE-2021-4019, CVE-2021-4069)\n\nIt was discovered that Vim was using freed memory when dealing with regular \nexpressions inside a visual selection. If a user were tricked into opening a \nspecially crafted file, an attacker could crash the application, leading to a \ndenial of service, or possibly achieve code execution with user privileges. \n(CVE-2021-4192)\n\nIt was discovered that Vim was incorrectly performing read and write \noperations when in visual block mode, going beyond the end of a line and \ncausing a heap buffer overflow. If a user were tricked into opening a \nspecially crafted file, an attacker could crash the application, leading to a \ndenial of service, or possibly achieve code execution with user privileges. \n(CVE-2022-0261, CVE-2022-0318)\n\nIt was discovered that Vim was using freed memory when dealing with regular \nexpressions through its old regular expression engine. If a user were tricked \ninto opening a specially crafted file, an attacker could crash the application, \nleading to a denial of service, or possibly achieve code execution with user \nprivileges. (CVE-2022-1154)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-23T00:00:00", "type": "ubuntu", "title": "Vim vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4192", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-1154"], "modified": "2022-05-23T00:00:00", "id": "USN-5433-1", "href": "https://ubuntu.com/security/notices/USN-5433-1", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cloudlinux": [{"lastseen": "2021-12-15T14:39:09", "description": "- CVE-2021-3974: fix using freed memory with regexp using a mark\n- CVE-2021-3984: fix illegal memory access when C-indenting\n- CVE-2021-3973: fix crash when using CTRL-W f without finding a file name\n- CVE-2021-4019: fix buffer overflow with long help argument\n- CVE-2021-4069: fix using freed memory in open command", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-12-15T14:28:46", "type": "cloudlinux", "title": "Fix of CVE: CVE-2021-3973, CVE-2021-3974, CVE-2021-4019, CVE-2021-3984, CVE-2021-4069", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2021-12-15T14:28:46", "id": "CLSA-2021:1639578526", "href": "https://repo.cloudlinux.com/centos6-els/updateinfo.xml", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cloudfoundry": [{"lastseen": "2023-12-06T16:10:43", "description": "## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 18.04\n\n## Description\n\nIt was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 21.10. (CVE-2021-3973) It was discovered that vim incorrectly handled memory when opening and searching the contents of certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-3974) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. (CVE-2021-3984) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. (CVE-2021-4019) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges.(CVE-2021-4069)\n\nCVEs contained in this USN include: CVE-2021-3973, CVE-2021-3974, CVE-2021-3984, CVE-2021-4019, CVE-2021-4069.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Bionic Stemcells \n * 1.x versions prior to 1.59\n * All other stemcells not listed.\n * cflinuxfs3 \n * All versions prior to 0.273.0\n * CF Deployment \n * All versions prior to 18.0.0\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Bionic Stemcells \n * Upgrade 1.x versions to 1.59 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n * cflinuxfs3 \n * Upgrade all versions to 0.273.0 or greater\n * CF Deployment \n * Upgrade all versions to 18.0.0 or greater\n\n## References\n\n * [USN Notice](<https://ubuntu.com/security/notices/USN-5247-1>)\n * [CVE-2021-3973](<https://ubuntu.com/security/CVE-2021-3973>)\n * [CVE-2021-3974](<https://ubuntu.com/security/CVE-2021-3974>)\n * [CVE-2021-3984](<https://ubuntu.com/security/CVE-2021-3984>)\n * [CVE-2021-4019](<https://ubuntu.com/security/CVE-2021-4019>)\n * [CVE-2021-4069](<https://ubuntu.com/security/CVE-2021-4069>)\n\n## History\n\n2022-03-08: Initial vulnerability report published.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-03-15T00:00:00", "type": "cloudfoundry", "title": "USN-5247-1: Vim vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2022-03-15T00:00:00", "id": "CFOUNDRY:A6F4BC0FC82B203A22875A956C0D0896", "href": "https://www.cloudfoundry.org/blog/usn-5247-1-vim-vulnerabilities/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2023-12-06T15:52:45", "description": "VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-16T01:13:59", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: vim-8.2.3755-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069"], "modified": "2021-12-16T01:13:59", "id": "FEDORA:D632530ED2DB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:52:45", "description": "VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-24T01:21:04", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: vim-8.2.3642-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974"], "modified": "2021-11-24T01:21:04", "id": "FEDORA:26C1731A2FCA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T15:52:45", "description": "VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-04T01:24:08", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: vim-8.2.3717-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4019"], "modified": "2021-12-04T01:24:08", "id": "FEDORA:C2002312DDEA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DRPAI5JVZLI7WHWSBR6NWAPBQAYUQREW/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T15:52:45", "description": "VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-09T01:13:00", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: vim-8.2.3755-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2021-12-09T01:13:00", "id": "FEDORA:A5DE53701292", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/WYB2LLNUFJUKJJ5HYCZ6MV3Z6YX3U5BN/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "photon": [{"lastseen": "2022-01-12T05:39:52", "description": "An update of {'vim'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-08T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2022-3.0-0338", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974"], "modified": "2021-12-08T00:00:00", "id": "PHSA-2022-3.0-0338", "href": "https://github.com/vmware/photon/wiki/Security-Updates-3.0-338", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-12T18:41:29", "description": "Updates of ['vim'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-11T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-0338", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974"], "modified": "2022-01-11T00:00:00", "id": "PHSA-2022-0338", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-338", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:54:49", "description": "Updates of ['vim'] packages of Photon OS have been released.\n", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2021-12-08T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2021-3.0-0338", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2023-34060"], "modified": "2021-12-08T00:00:00", "id": "PHSA-2021-3.0-0338", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-338", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T19:15:07", "description": "Updates of ['vim'] packages of Photon OS have been released.\n", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2021-12-21T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2021-0430", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984", "CVE-2021-4019", "CVE-2023-34060"], "modified": "2021-12-21T00:00:00", "id": "PHSA-2021-0430", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-430", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:53:54", "description": "Updates of ['linux-aws', 'linux-secure', 'vim', 'linux-rt', 'linux', 'linux-esx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-13T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2021-0138", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27820", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-4002"], "modified": "2021-12-13T00:00:00", "id": "PHSA-2021-0138", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-138", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-12T18:53:22", "description": "Updates of ['vim', 'python3-lxml', 'binutils'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-05T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2022-0144", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984", "CVE-2021-4019", "CVE-2021-43818", "CVE-2021-45078"], "modified": "2022-01-05T00:00:00", "id": "PHSA-2022-0144", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-144", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-07T06:33:27", "description": "Updates of ['linux-rt', 'linux-aws', 'linux', 'vim', 'linux-esx', 'linux-secure'] packages of Photon OS have been released.\n", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2021-12-13T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2021-4.0-0138", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27820", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-4002", "CVE-2023-34060"], "modified": "2021-12-13T00:00:00", "id": "PHSA-2021-4.0-0138", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-138", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T06:33:10", "description": "Updates of ['binutils', 'vim', 'python3-lxml'] packages of Photon OS have been released.\n", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2022-01-11T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-4.0-0144", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984", "CVE-2021-4019", "CVE-2021-43818", "CVE-2021-45078", "CVE-2023-34060"], "modified": "2022-01-11T00:00:00", "id": "PHSA-2022-4.0-0144", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-144", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:38:19", "description": "Updates of ['vim'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-05T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-0347", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2022-01-05T00:00:00", "id": "PHSA-2022-0347", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-347", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:53:24", "description": "Updates of ['vim'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-22T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2021-0141", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2021-12-22T00:00:00", "id": "PHSA-2021-0141", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-141", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-12T05:39:43", "description": "An update of {'bluez', 'pkg-config', 'consul', 'httpd', 'vim'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-31T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2022-3.0-0346", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35457", "CVE-2021-27218", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-41229", "CVE-2021-41805", "CVE-2021-44790"], "modified": "2021-12-31T00:00:00", "id": "PHSA-2022-3.0-0346", "href": "https://github.com/vmware/photon/wiki/Security-Updates-3.0-346", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:34:35", "description": "Updates of ['vim'] packages of Photon OS have been released.\n", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2021-12-22T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2021-4.0-0141", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069", "CVE-2023-34060"], "modified": "2021-12-22T00:00:00", "id": "PHSA-2021-4.0-0141", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-141", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:38:35", "description": "Updates of ['bluez', 'consul', 'pkg-config', 'vim', 'httpd'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-31T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2021-0346", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35457", "CVE-2021-27218", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-41229", "CVE-2021-41805", "CVE-2021-44790"], "modified": "2021-12-31T00:00:00", "id": "PHSA-2021-0346", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-346", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T18:54:25", "description": "Updates of ['vim'] packages of Photon OS have been released.\n", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2022-01-05T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-3.0-0347", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069", "CVE-2023-34060"], "modified": "2022-01-05T00:00:00", "id": "PHSA-2022-3.0-0347", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-347", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-07T06:51:59", "description": "Updates of ['httpd', 'bluez', 'vim', 'consul', 'pkg-config'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-26T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2021-3.0-0346", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35457", "CVE-2021-27218", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-41229", "CVE-2021-41805", "CVE-2021-44790", "CVE-2023-34060"], "modified": "2021-12-26T00:00:00", "id": "PHSA-2021-3.0-0346", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-346", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T19:14:25", "description": "Updates of ['vim', 'expat', 'go'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-22T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2022-0445", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973", "CVE-2021-3974", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4192", "CVE-2022-0261", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0392", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0443", "CVE-2022-23772", "CVE-2022-23773", "CVE-2022-23806", "CVE-2022-25314", "CVE-2022-25315", "CVE-2023-34060"], "modified": "2022-02-22T00:00:00", "id": "PHSA-2022-0445", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-445", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "rocky": [{"lastseen": "2022-03-02T15:15:06", "description": "An update for vim is now available for Rocky Linux 8.\nRocky Linux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\nVim (Vi IMproved) is an updated and improved version of the vi editor.\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-02T04:36:58", "type": "rocky", "title": "vim security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984", "CVE-2021-4019"], "modified": "2022-02-02T04:36:58", "id": "RLSA-2022:366", "href": "https://errata.rockylinux.org/RLSA-2022:366", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T17:28:18", "description": "An update is available for vim.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nVim (Vi IMproved) is an updated and improved version of the vi editor.\n\nSecurity Fix(es):\n\n* vim: heap-based buffer overflow in win_redr_status() in drawscreen.c (CVE-2021-3872)\n\n* vim: illegal memory access in find_start_brace() in cindent.c when C-indenting (CVE-2021-3984)\n\n* vim: heap-based buffer overflow in find_help_tags() in help.c (CVE-2021-4019)\n\n* vim: use-after-free in win_linetabsize() (CVE-2021-4192)\n\n* vim: out-of-bound read in getvcol() (CVE-2021-4193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-01T20:12:46", "type": "rocky", "title": "vim security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2022-02-01T20:12:46", "id": "RLSA-2022:0366", "href": "https://errata.rockylinux.org/RLSA-2022:0366", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2023-12-06T18:34:23", "description": "**Issue Overview:**\n\nvim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3927)\n\nA flaw was found in vim. A possible stack-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3928)\n\nA flaw was found in vim. A possible heap use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3968)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3973)\n\nA flaw was found in vim. A possible use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3974)\n\nA flaw was found in vim. A possible heap-based buffer overflow allows an attacker to input a specially crafted file, leading to a crash or code execution. The highest threat from this vulnerability is confidentiality, integrity, and system availability. (CVE-2021-3984)\n\nA flaw was found in vim. A possible heap-based buffer overflow vulnerability allows an attacker to input a specially crafted file, leading to a crash or code execution. The highest threat from this vulnerability is system availability. (CVE-2021-4019)\n\nvim is vulnerable to Use After Free (CVE-2021-4069)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. (CVE-2021-4136)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. (CVE-2021-4166)\n\nA flaw was found in vim. A possible use after free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. (CVE-2021-4173)\n\nA flaw was found in vim. A possible use after free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. (CVE-2021-4187)\n\nIt was found that vim was vulnerable to use-after-free flaw in win_linetabsize(). Sourcing a specially crafted file in vim could crash the vim process or possibly lead to other undefined behaviors. (CVE-2021-4192)\n\nIt was found that vim was vulnerable to an out-of-bound read flaw in getvcol(). A specially crafted file could be used to, when opened in vim, disclose some of the process's internal memory. (CVE-2021-4193)\n\nReferences to CVE-2021-4192 and CVE-2021-4193 have been added after the original release of this advisory, however those vulnerabilities were fixed by the packages referenced by this advisory's initial release on 2022-01-18.\n\n \n**Affected Packages:** \n\n\nvim\n\n \n**Note:**\n\nThis advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this [FAQ section](<../../faqs.html#clarify-al2-advisories>) for the difference between AL2 Core and AL2 Extras advisories. \n\n \n**Issue Correction:** \nRun _yum update vim_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 vim-common-8.2.4006-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4006-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4006-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-X11-8.2.4006-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4006-1.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 vim-common-8.2.4006-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4006-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4006-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-X11-8.2.4006-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4006-1.amzn2.0.1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 vim-filesystem-8.2.4006-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 vim-data-8.2.4006-1.amzn2.0.1.noarch \n \n src: \n \u00a0\u00a0\u00a0 vim-8.2.4006-1.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 vim-common-8.2.4006-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4006-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4006-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-X11-8.2.4006-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4006-1.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2021-3903](<https://access.redhat.com/security/cve/CVE-2021-3903>), [CVE-2021-3927](<https://access.redhat.com/security/cve/CVE-2021-3927>), [CVE-2021-3928](<https://access.redhat.com/security/cve/CVE-2021-3928>), [CVE-2021-3968](<https://access.redhat.com/security/cve/CVE-2021-3968>), [CVE-2021-3973](<https://access.redhat.com/security/cve/CVE-2021-3973>), [CVE-2021-3974](<https://access.redhat.com/security/cve/CVE-2021-3974>), [CVE-2021-3984](<https://access.redhat.com/security/cve/CVE-2021-3984>), [CVE-2021-4019](<https://access.redhat.com/security/cve/CVE-2021-4019>), [CVE-2021-4069](<https://access.redhat.com/security/cve/CVE-2021-4069>), [CVE-2021-4136](<https://access.redhat.com/security/cve/CVE-2021-4136>), [CVE-2021-4166](<https://access.redhat.com/security/cve/CVE-2021-4166>), [CVE-2021-4173](<https://access.redhat.com/security/cve/CVE-2021-4173>), [CVE-2021-4187](<https://access.redhat.com/security/cve/CVE-2021-4187>), [CVE-2021-4192](<https://access.redhat.com/security/cve/CVE-2021-4192>), [CVE-2021-4193](<https://access.redhat.com/security/cve/CVE-2021-4193>)\n\nMitre: [CVE-2021-3903](<https://vulners.com/cve/CVE-2021-3903>), [CVE-2021-3927](<https://vulners.com/cve/CVE-2021-3927>), [CVE-2021-3928](<https://vulners.com/cve/CVE-2021-3928>), [CVE-2021-3968](<https://vulners.com/cve/CVE-2021-3968>), [CVE-2021-3973](<https://vulners.com/cve/CVE-2021-3973>), [CVE-2021-3974](<https://vulners.com/cve/CVE-2021-3974>), [CVE-2021-3984](<https://vulners.com/cve/CVE-2021-3984>), [CVE-2021-4019](<https://vulners.com/cve/CVE-2021-4019>), [CVE-2021-4069](<https://vulners.com/cve/CVE-2021-4069>), [CVE-2021-4136](<https://vulners.com/cve/CVE-2021-4136>), [CVE-2021-4166](<https://vulners.com/cve/CVE-2021-4166>), [CVE-2021-4173](<https://vulners.com/cve/CVE-2021-4173>), [CVE-2021-4187](<https://vulners.com/cve/CVE-2021-4187>), [CVE-2021-4192](<https://vulners.com/cve/CVE-2021-4192>), [CVE-2021-4193](<https://vulners.com/cve/CVE-2021-4193>)\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-18T21:38:00", "type": "amazon", "title": "Medium: vim", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2022-02-11T22:12:00", "id": "ALAS2-2022-1743", "href": "https://alas.aws.amazon.com/AL2/ALAS-2022-1743.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T17:40:48", "description": "**Issue Overview:**\n\nvim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3927)\n\nA flaw was found in vim. A possible stack-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3928)\n\nA flaw was found in vim. A possible heap use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3968)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3973)\n\nA flaw was found in vim. A possible use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3974)\n\nA flaw was found in vim. A possible heap-based buffer overflow allows an attacker to input a specially crafted file, leading to a crash or code execution. The highest threat from this vulnerability is confidentiality, integrity, and system availability. (CVE-2021-3984)\n\nA flaw was found in vim. A possible heap-based buffer overflow vulnerability allows an attacker to input a specially crafted file, leading to a crash or code execution. The highest threat from this vulnerability is system availability. (CVE-2021-4019)\n\nvim is vulnerable to Use After Free (CVE-2021-4069)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. (CVE-2021-4136)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. (CVE-2021-4166)\n\nA flaw was found in vim. A possible use after free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. (CVE-2021-4173)\n\nA flaw was found in vim. A possible use after free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. (CVE-2021-4187)\n\nIt was found that vim was vulnerable to use-after-free flaw in win_linetabsize(). Sourcing a specially crafted file in vim could crash the vim process or possibly lead to other undefined behaviors. (CVE-2021-4192)\n\nIt was found that vim was vulnerable to an out-of-bound read flaw in getvcol(). A specially crafted file could be used to, when opened in vim, disclose some of the process's internal memory. (CVE-2021-4193)\n\nReferences to CVE-2021-4192 and CVE-2021-4193 have been added after the original release of this advisory, however those vulnerabilities were fixed by the packages referenced by this advisory's initial release on 2022-01-18.\n\n \n**Affected Packages:** \n\n\nvim\n\n \n**Issue Correction:** \nRun _yum update vim_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4006-1.1.amzn1.i686 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4006-1.1.amzn1.i686 \n \u00a0\u00a0\u00a0 vim-common-8.2.4006-1.1.amzn1.i686 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4006-1.1.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 vim-data-8.2.4006-1.1.amzn1.noarch \n \u00a0\u00a0\u00a0 vim-filesystem-8.2.4006-1.1.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 vim-8.2.4006-1.1.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4006-1.1.amzn1.x86_64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4006-1.1.amzn1.x86_64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4006-1.1.amzn1.x86_64 \n \u00a0\u00a0\u00a0 vim-common-8.2.4006-1.1.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2021-3903](<https://access.redhat.com/security/cve/CVE-2021-3903>), [CVE-2021-3927](<https://access.redhat.com/security/cve/CVE-2021-3927>), [CVE-2021-3928](<https://access.redhat.com/security/cve/CVE-2021-3928>), [CVE-2021-3968](<https://access.redhat.com/security/cve/CVE-2021-3968>), [CVE-2021-3973](<https://access.redhat.com/security/cve/CVE-2021-3973>), [CVE-2021-3974](<https://access.redhat.com/security/cve/CVE-2021-3974>), [CVE-2021-3984](<https://access.redhat.com/security/cve/CVE-2021-3984>), [CVE-2021-4019](<https://access.redhat.com/security/cve/CVE-2021-4019>), [CVE-2021-4069](<https://access.redhat.com/security/cve/CVE-2021-4069>), [CVE-2021-4136](<https://access.redhat.com/security/cve/CVE-2021-4136>), [CVE-2021-4166](<https://access.redhat.com/security/cve/CVE-2021-4166>), [CVE-2021-4173](<https://access.redhat.com/security/cve/CVE-2021-4173>), [CVE-2021-4187](<https://access.redhat.com/security/cve/CVE-2021-4187>), [CVE-2021-4192](<https://access.redhat.com/security/cve/CVE-2021-4192>), [CVE-2021-4193](<https://access.redhat.com/security/cve/CVE-2021-4193>)\n\nMitre: [CVE-2021-3903](<https://vulners.com/cve/CVE-2021-3903>), [CVE-2021-3927](<https://vulners.com/cve/CVE-2021-3927>), [CVE-2021-3928](<https://vulners.com/cve/CVE-2021-3928>), [CVE-2021-3968](<https://vulners.com/cve/CVE-2021-3968>), [CVE-2021-3973](<https://vulners.com/cve/CVE-2021-3973>), [CVE-2021-3974](<https://vulners.com/cve/CVE-2021-3974>), [CVE-2021-3984](<https://vulners.com/cve/CVE-2021-3984>), [CVE-2021-4019](<https://vulners.com/cve/CVE-2021-4019>), [CVE-2021-4069](<https://vulners.com/cve/CVE-2021-4069>), [CVE-2021-4136](<https://vulners.com/cve/CVE-2021-4136>), [CVE-2021-4166](<https://vulners.com/cve/CVE-2021-4166>), [CVE-2021-4173](<https://vulners.com/cve/CVE-2021-4173>), [CVE-2021-4187](<https://vulners.com/cve/CVE-2021-4187>), [CVE-2021-4192](<https://vulners.com/cve/CVE-2021-4192>), [CVE-2021-4193](<https://vulners.com/cve/CVE-2021-4193>)\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-18T20:12:00", "type": "amazon", "title": "Medium: vim", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2022-02-11T22:13:00", "id": "ALAS-2022-1557", "href": "https://alas.aws.amazon.com/ALAS-2022-1557.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-08T17:31:30", "description": "**Issue Overview:**\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3778)\n\nA use-after-free vulnerability in vim could allow an attacker to input a specially crafted file leading to memory corruption and a potentially exploitable crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3796)\n\nAn out-of-bounds write flaw was found in vim's drawscreen.c win_redr_status() function. This flaw allows an attacker to trick a user to open a crafted file with specific arguments in vim, triggering an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, and system availability. (CVE-2021-3872)\n\nThere's an out-of-bounds read flaw in Vim's ex_docmd.c. An attacker who is capable of tricking a user into opening a specially crafted file could trigger an out-of-bounds read on a memmove operation, potentially causing an impact to application availability. (CVE-2021-3875)\n\nA flaw was found in vim. A possible heap use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3968)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3973)\n\nA flaw was found in vim. A possible use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3974)\n\n \n**Affected Packages:** \n\n\nvim\n\n \n**Issue Correction:** \nRun _yum update vim_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 vim-common-8.2.3642-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.3642-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.3642-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-X11-8.2.3642-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.3642-1.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 vim-common-8.2.3642-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.3642-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.3642-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-X11-8.2.3642-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.3642-1.amzn2.0.1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 vim-filesystem-8.2.3642-1.amzn2.0.1.noarch \n \n src: \n \u00a0\u00a0\u00a0 vim-8.2.3642-1.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 vim-common-8.2.3642-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.3642-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.3642-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-X11-8.2.3642-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.3642-1.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2021-3778](<https://access.redhat.com/security/cve/CVE-2021-3778>), [CVE-2021-3796](<https://access.redhat.com/security/cve/CVE-2021-3796>), [CVE-2021-3872](<https://access.redhat.com/security/cve/CVE-2021-3872>), [CVE-2021-3875](<https://access.redhat.com/security/cve/CVE-2021-3875>), [CVE-2021-3968](<https://access.redhat.com/security/cve/CVE-2021-3968>), [CVE-2021-3973](<https://access.redhat.com/security/cve/CVE-2021-3973>), [CVE-2021-3974](<https://access.redhat.com/security/cve/CVE-2021-3974>)\n\nMitre: [CVE-2021-3778](<https://vulners.com/cve/CVE-2021-3778>), [CVE-2021-3796](<https://vulners.com/cve/CVE-2021-3796>), [CVE-2021-3872](<https://vulners.com/cve/CVE-2021-3872>), [CVE-2021-3875](<https://vulners.com/cve/CVE-2021-3875>), [CVE-2021-3968](<https://vulners.com/cve/CVE-2021-3968>), [CVE-2021-3973](<https://vulners.com/cve/CVE-2021-3973>), [CVE-2021-3974](<https://vulners.com/cve/CVE-2021-3974>)\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-08T16:27:00", "type": "amazon", "title": "Medium: vim", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974"], "modified": "2021-12-09T00:42:00", "id": "ALAS2-2021-1728", "href": "https://alas.aws.amazon.com/AL2/ALAS-2021-1728.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T18:34:48", "description": "**Issue Overview:**\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3778)\n\nA use-after-free vulnerability in vim could allow an attacker to input a specially crafted file leading to memory corruption and a potentially exploitable crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-3796)\n\nAn out-of-bounds write flaw was found in vim's drawscreen.c win_redr_status() function. This flaw allows an attacker to trick a user to open a crafted file with specific arguments in vim, triggering an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, and system availability. (CVE-2021-3872)\n\nThere's an out-of-bounds read flaw in Vim's ex_docmd.c. An attacker who is capable of tricking a user into opening a specially crafted file could trigger an out-of-bounds read on a memmove operation, potentially causing an impact to application availability. (CVE-2021-3875)\n\nA flaw was found in vim. A possible heap use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3968)\n\nA flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3973)\n\nA flaw was found in vim. A possible use-after-free vulnerability could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to system availability. (CVE-2021-3974)\n\n \n**Affected Packages:** \n\n\nvim\n\n \n**Note:**\n\nThis advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this [FAQ section](<../../faqs.html#clarify-al2-advisories>) for the difference between AL2 Core and AL2 Extras advisories. \n\n \n**Issue Correction:** \nRun _yum update vim_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 vim-common-8.2.3642-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.3642-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.3642-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-X11-8.2.3642-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.3642-1.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 vim-common-8.2.3642-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.3642-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.3642-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-X11-8.2.3642-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.3642-1.amzn2.0.1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 vim-filesystem-8.2.3642-1.amzn2.0.1.noarch \n \n src: \n \u00a0\u00a0\u00a0 vim-8.2.3642-1.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 vim-common-8.2.3642-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.3642-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.3642-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-X11-8.2.3642-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.3642-1.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2021-3778](<https://access.redhat.com/security/cve/CVE-2021-3778>), [CVE-2021-3796](<https://access.redhat.com/security/cve/CVE-2021-3796>), [CVE-2021-3872](<https://access.redhat.com/security/cve/CVE-2021-3872>), [CVE-2021-3875](<https://access.redhat.com/security/cve/CVE-2021-3875>), [CVE-2021-3968](<https://access.redhat.com/security/cve/CVE-2021-3968>), [CVE-2021-3973](<https://access.redhat.com/security/cve/CVE-2021-3973>), [CVE-2021-3974](<https://access.redhat.com/security/cve/CVE-2021-3974>)\n\nMitre: [CVE-2021-3778](<https://vulners.com/cve/CVE-2021-3778>), [CVE-2021-3796](<https://vulners.com/cve/CVE-2021-3796>), [CVE-2021-3872](<https://vulners.com/cve/CVE-2021-3872>), [CVE-2021-3875](<https://vulners.com/cve/CVE-2021-3875>), [CVE-2021-3968](<https://vulners.com/cve/CVE-2021-3968>), [CVE-2021-3973](<https://vulners.com/cve/CVE-2021-3973>), [CVE-2021-3974](<https://vulners.com/cve/CVE-2021-3974>)\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-08T16:27:00", "type": "amazon", "title": "Medium: vim", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974"], "modified": "2023-02-17T00:13:00", "id": "ALAS-2021-1728", "href": "https://alas.aws.amazon.com/AL2/ALAS-2021-1728.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "huntr": [{"lastseen": "2023-10-31T17:08:57", "description": "\n**Description**\n\nGreetings, \n\nA Heap-based Buffer Overflow issue was discovered in Vim.\n\nThe POC file is reduced to the absolute minimum to reproduce the problem.\nPlease see sanitizer output and the \"trimmed\" POC file link below.\n\n**System info**\nOS version : Ubuntu 20.04.2 LTS + Clang 12 with ASan\nVim Version : master(58ef8a3) - Fri Nov 12 11:25:11 2021 +0000\n\n**Steps to reproduce:**\n\n1. \n\n```\ngit clone https://github.com/vim/vim\n```\n\n2. \n\n```\nLD=lld-12 AS=llvm-as-12 AR=llvm-ar-12 RANLIB=llvm-ranlib-12 CC=clang-12 CXX=clang++-12 CFLAGS=\"-fsanitize=address\" CXXFLAGS=\"-fsanitize=address\" LDFLAGS=\"-ldl -fsanitize=address\" ./configure --with-features=huge --enable-gui=none && make\n```\n\n3. Download POC from [This URL](https://drive.google.com/file/d/1x6SoQ4-aH7DHGELXe1LQHp0Pdf_yXTNw)\n\n```\n./vim -u NONE -X -Z -e -s -S POC -c :qa!\n```\nSanitizer output:\n\n```\n=================================================================\n==135716==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000012900 at pc 0x000000accc0e bp 0x7fffe33c6730 sp 0x7fffe33c6728\nREAD of size 1 at 0x621000012900 thread T0\n #0 0xaccc0d in grab_file_name /src/fuzzer11/triage_yeni/vim/src/findfile.c:1947:27\n #1 0x19b3220 in do_window /src/fuzzer11/triage_yeni/vim/src/window.c:522:9\n #2 0xe845de in normal_cmd /src/fuzzer11/triage_yeni/vim/src/normal.c:1099:5\n #3 0x9aefb4 in exec_normal /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c\n #4 0x9ad0aa in exec_normal_cmd /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:8548:5\n #5 0x9ad0aa in ex_normal /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:8466:6\n #6 0x94ff7b in do_one_cmd /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:2614:2\n #7 0x94ff7b in do_cmdline /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:1000:17\n #8 0x5064ee in apply_autocmds_group /src/fuzzer11/triage_yeni/vim/src/autocmd.c:2153:2\n #9 0x50da64 in apply_autocmds /src/fuzzer11/triage_yeni/vim/src/autocmd.c:1651:12\n #10 0x52a0f5 in buf_freeall /src/fuzzer11/triage_yeni/vim/src/buffer.c:802:6\n #11 0x531471 in buflist_new /src/fuzzer11/triage_yeni/vim/src/buffer.c:2103:2\n #12 0x55c374 in buflist_add /src/fuzzer11/triage_yeni/vim/src/buffer.c:3515:11\n #13 0x4d88c7 in alist_add /src/fuzzer11/triage_yeni/vim/src/arglist.c:206:6\n #14 0x4d88c7 in alist_set /src/fuzzer11/triage_yeni/vim/src/arglist.c:173:6\n #15 0x4dbf91 in do_arglist /src/fuzzer11/triage_yeni/vim/src/arglist.c:484:6\n #16 0x4e1aba in ex_next /src/fuzzer11/triage_yeni/vim/src/arglist.c:751:10\n #17 0x94ff7b in do_one_cmd /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:2614:2\n #18 0x94ff7b in do_cmdline /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:1000:17\n #19 0x136cde4 in do_source /src/fuzzer11/triage_yeni/vim/src/scriptfile.c:1406:5\n #20 0x13699e1 in cmd_source /src/fuzzer11/triage_yeni/vim/src/scriptfile.c:971:14\n #21 0x13699e1 in ex_source /src/fuzzer11/triage_yeni/vim/src/scriptfile.c:997:2\n #22 0x94ff7b in do_one_cmd /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:2614:2\n #23 0x94ff7b in do_cmdline /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:1000:17\n #24 0x1bcecfc in exe_commands /src/fuzzer11/triage_yeni/vim/src/main.c:3081:2\n #25 0x1bcecfc in vim_main2 /src/fuzzer11/triage_yeni/vim/src/main.c:773:2\n #26 0x1bc5a8f in main /src/fuzzer11/triage_yeni/vim/src/main.c:425:12\n #27 0x7f9daa6ad0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)\n #28 0x41f64d in _start (/src/fuzzer11/triage_yeni/vim/src/vim+0x41f64d)\n\n0x621000012900 is located 0 bytes to the right of 4096-byte region [0x621000011900,0x621000012900)\nallocated by thread T0 here:\n #0 0x49a8ad in malloc (/src/fuzzer11/triage_yeni/vim/src/vim+0x49a8ad)\n #1 0x4cc2cb in lalloc /src/fuzzer11/triage_yeni/vim/src/alloc.c:244:11\n\nSUMMARY: AddressSanitizer: heap-buffer-overflow /src/fuzzer11/triage_yeni/vim/src/findfile.c:1947:27 in grab_file_name\nShadow bytes around the buggy address:\n 0x0c427fffa4d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c427fffa4e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c427fffa4f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c427fffa500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c427fffa510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n=>0x0c427fffa520:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa530: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa540: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa550: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa560: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa570: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07 \n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n Shadow gap: cc\n==135716==ABORTING\n```\n\n\n**References:**\n\nCWE-122: Heap-based Buffer Overflow - https://cwe.mitre.org/data/definitions/122.html\n\nThis vulnerability is capable of crashing software, bypass protection mechanism, modify of memory, and successful exploitation may lead to code execution\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-12T21:47:32", "type": "huntr", "title": "Heap-based Buffer Overflow in vim/vim", "bulletinFamily": "bugbounty", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973"], "modified": "2021-11-17T17:57:07", "id": "CE6E8609-77C6-4E17-B9FC-A2E5ABED052E", "href": "https://www.huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-10-31T17:08:49", "description": "\u270d\ufe0f Description\n\nWhen fuzzing vim commit `021ef351c` (works with latest build and latest commit `04b7b4b` per this time of this report) [v8.2.3728]([https://github.com/vim/vim/releases/tag/v8.2.3728](https://github.com/vim/vim/releases/tag/v8.2.3728)), I discovered a use after free. This crash triggered with only clang 10 and ASan. And I'm testing with clang 13 it doesn't crash so I assume this crash doesn't happen in clang >= 11\n\n# Proof of Concept\n\nHere is the minimized poc\n\n```bash\n)/\\v/\no/\\%')\n```\n\nHow to build\n\n```bash\nLD=lld AS=llvm-as AR=llvm-ar RANLIB=llvm-ranlib CC=clang CXX=clang++ CFLAGS=\"-fsanitize=address\" CXXFLAGS=\"-fsanitize=address\" LDFLAGS=\"-ldl -fsanitize=address\" ./configure --with-features=huge --enable-gui=none\nmake -j$(nproc)\n```\n\nProof of Concept\n\nRun crafted file with this command\n\n`./vim -u NONE -X -Z -e -s -S poc_utf_ptr2char -c :qa!`\n\nASan stack trace:\n\n```bash\naldo@vps:~/vim/src$ ASAN_OPTIONS=symbolize=1 ASAN_SYMBOLIZER_PATH=/usr/bin/llvm-symbolizer ./vim -u NONE -X -Z -e -s -S poc_utf_ptr2char -c :qa!\n=================================================================\n==3190301==ERROR: AddressSanitizer: heap-use-after-free on address 0x602000006631 at pc 0x000000988ebb bp 0x7fffffff5e40 sp 0x7fffffff5e38\nREAD of size 1 at 0x602000006631 thread T0\n #0 0x988eba in utf_ptr2char /root/vim/src/mbyte.c:1788:9\n #1 0xc6be7b in nfa_regmatch /root/vim/src/./regexp_nfa.c:5850:13\n #2 0xc69168 in nfa_regtry /root/vim/src/./regexp_nfa.c:7245:14\n #3 0xc67219 in nfa_regexec_both /root/vim/src/./regexp_nfa.c:7440:14\n #4 0xbebd1a in nfa_regexec_nl /root/vim/src/./regexp_nfa.c:7620:12\n #5 0xbe848f in vim_regexec_string /root/vim/src/regexp.c:2798:14\n #6 0xbe8c6c in vim_regexec /root/vim/src/regexp.c:2864:12\n #7 0x7abf73 in ex_open /root/vim/src/ex_docmd.c:6882:10\n #8 0x7714d4 in do_one_cmd /root/vim/src/ex_docmd.c:2578:2\n #9 0x760d76 in do_cmdline /root/vim/src/ex_docmd.c:1000:17\n #10 0xd0d016 in do_source /root/vim/src/scriptfile.c:1420:5\n #11 0xd09ca8 in cmd_source /root/vim/src/scriptfile.c:985:14\n #12 0xd0991a in ex_source /root/vim/src/scriptfile.c:1011:2\n #13 0x7714d4 in do_one_cmd /root/vim/src/ex_docmd.c:2578:2\n #14 0x760d76 in do_cmdline /root/vim/src/ex_docmd.c:1000:17\n #15 0x76502d in do_cmdline_cmd /root/vim/src/ex_docmd.c:594:12\n #16 0x120ac05 in exe_commands /root/vim/src/main.c:3080:2\n #17 0x1206f3f in vim_main2 /root/vim/src/main.c:774:2\n #18 0x11fd74c in main /root/vim/src/main.c:426:12\n #19 0x7ffff78260b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16\n #20 0x41fe7d in _start (/root/vim/src/vim+0x41fe7d)\n\n0x602000006631 is located 1 bytes inside of 2-byte region [0x602000006630,0x602000006632)\nfreed by thread T0 here:\n #0 0x49833d in free (/root/vim/src/vim+0x49833d)\n #1 0x4c89e9 in vim_free /root/vim/src/alloc.c:615:2\n #2 0x9a3660 in ml_flush_line /root/vim/src/memline.c:4060:2\n #3 0x9b6004 in ml_get_buf /root/vim/src/memline.c:2647:2\n #4 0x9b2b42 in ml_get /root/vim/src/memline.c:2563:12\n #5 0x9f43ca in dec /root/vim/src/misc2.c:424:6\n #6 0x9f46ae in decl /root/vim/src/misc2.c:443:14\n #7 0xf10009 in findsent /root/vim/src/textobject.c:80:10\n #8 0x963e52 in getmark_buf_fnum /root/vim/src/mark.c:363:6\n #9 0x9635f8 in getmark_buf /root/vim/src/mark.c:293:12\n #10 0xc764cb in nfa_regmatch /root/vim/src/./regexp_nfa.c:6838:16\n #11 0xc69168 in nfa_regtry /root/vim/src/./regexp_nfa.c:7245:14\n #12 0xc67219 in nfa_regexec_both /root/vim/src/./regexp_nfa.c:7440:14\n #13 0xbebd1a in nfa_regexec_nl /root/vim/src/./regexp_nfa.c:7620:12\n #14 0xbe848f in vim_regexec_string /root/vim/src/regexp.c:2798:14\n #15 0xbe8c6c in vim_regexec /root/vim/src/regexp.c:2864:12\n #16 0x7abf73 in ex_open /root/vim/src/ex_docmd.c:6882:10\n #17 0x7714d4 in do_one_cmd /root/vim/src/ex_docmd.c:2578:2\n #18 0x760d76 in do_cmdline /root/vim/src/ex_docmd.c:1000:17\n #19 0xd0d016 in do_source /root/vim/src/scriptfile.c:1420:5\n #20 0xd09ca8 in cmd_source /root/vim/src/scriptfile.c:985:14\n #21 0xd0991a in ex_source /root/vim/src/scriptfile.c:1011:2\n #22 0x7714d4 in do_one_cmd /root/vim/src/ex_docmd.c:2578:2\n #23 0x760d76 in do_cmdline /root/vim/src/ex_docmd.c:1000:17\n #24 0x76502d in do_cmdline_cmd /root/vim/src/ex_docmd.c:594:12\n #25 0x120ac05 in exe_commands /root/vim/src/main.c:3080:2\n #26 0x1206f3f in vim_main2 /root/vim/src/main.c:774:2\n #27 0x11fd74c in main /root/vim/src/main.c:426:12\n #28 0x7ffff78260b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16\n\npreviously allocated by thread T0 here:\n #0 0x4985bd in malloc (/root/vim/src/vim+0x4985bd)\n #1 0x4c825d in lalloc /root/vim/src/alloc.c:244:11\n #2 0x4c8173 in alloc /root/vim/src/alloc.c:151:12\n #3 0xe1d594 in vim_strnsave /root/vim/src/strings.c:44:9\n #4 0x9b71fd in ml_replace_len /root/vim/src/memline.c:3437:13\n #5 0x9b6fa3 in ml_replace /root/vim/src/memline.c:3400:12\n #6 0x74f068 in ex_substitute /root/vim/src/ex_cmds.c:4654:4\n #7 0x7714d4 in do_one_cmd /root/vim/src/ex_docmd.c:2578:2\n #8 0x760d76 in do_cmdline /root/vim/src/ex_docmd.c:1000:17\n #9 0xd0d016 in do_source /root/vim/src/scriptfile.c:1420:5\n #10 0xd09ca8 in cmd_source /root/vim/src/scriptfile.c:985:14\n #11 0xd0991a in ex_source /root/vim/src/scriptfile.c:1011:2\n #12 0x7714d4 in do_one_cmd /root/vim/src/ex_docmd.c:2578:2\n #13 0x760d76 in do_cmdline /root/vim/src/ex_docmd.c:1000:17\n #14 0x76502d in do_cmdline_cmd /root/vim/src/ex_docmd.c:594:12\n #15 0x120ac05 in exe_commands /root/vim/src/main.c:3080:2\n #16 0x1206f3f in vim_main2 /root/vim/src/main.c:774:2\n #17 0x11fd74c in main /root/vim/src/main.c:426:12\n #18 0x7ffff78260b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16\n\nSUMMARY: AddressSanitizer: heap-use-after-free /root/vim/src/mbyte.c:1788:9 in utf_ptr2char\nShadow bytes around the buggy address:\n 0x0c047fff8c70: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa\n 0x0c047fff8c80: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa\n 0x0c047fff8c90: fa fa fd fa fa fa 00 00 fa fa 00 00 fa fa 05 fa\n 0x0c047fff8ca0: fa fa fd fa fa fa 03 fa fa fa 03 fa fa fa 03 fa\n 0x0c047fff8cb0: fa fa fd fa fa fa 03 fa fa fa fd fa fa fa 00 00\n=>0x0c047fff8cc0: fa fa 01 fa fa fa[fd]fa fa fa fd fd fa fa 00 03\n 0x0c047fff8cd0: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd\n 0x0c047fff8ce0: fa fa fd fd fa fa fd fd fa fa fd fa fa fa 00 03\n 0x0c047fff8cf0: fa fa fd fd fa fa 00 02 fa fa 05 fa fa fa fa fa\n 0x0c047fff8d00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c047fff8d10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07\n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n Shadow gap: cc\n==3190301==ABORTING\n```\n\n# \ud83d\udca5 Impact\n\nThis vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-03T22:41:35", "type": "huntr", "title": "None in vim/vim", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2021-12-05T11:54:57", "id": "0EFD6D23-2259-4081-9FF1-3ADE26907D74", "href": "https://www.huntr.dev/bounties/0efd6d23-2259-4081-9ff1-3ade26907d74/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-10-31T17:08:56", "description": "**Description**\n\nGreetings, \n\nA Use After Free issue was discovered in Vim.\n\nThe POC file is reduced to the absolute minimum to reproduce the problem.\nPlease see sanitizer output and the \"trimmed\" POC file link below.\n\n**System info**\nOS version : Ubuntu 20.04.2 LTS + Clang 12 with ASan\nVim Version : master(3c5904d) - Sun Oct 24 14:50:07 2021 +0100 \n\n**Steps to reproduce:**\n\n1. \n\n```\ngit clone https://github.com/vim/vim\n```\n\n2. \n\n```\nLD=lld-12 AS=llvm-as-12 AR=llvm-ar-12 RANLIB=llvm-ranlib-12 CC=clang-12 CXX=clang++-12 CFLAGS=\"-fsanitize=address\" CXXFLAGS=\"-fsanitize=address\" LDFLAGS=\"-ldl -fsanitize=address\" ./configure --with-features=huge --enable-gui=none && make\n```\n\n3. Download POC from [This URL](https://drive.google.com/file/d/1tLvFhCDTP1q1vZKLBY70YNSe0AOo8qyC)\n\n```\n./vim -u NONE -X -Z -e -s -S POC -c :qa!\n```\n\n\nSanitizer output:\n\n```\n=================================================================\n==126137==ERROR: AddressSanitizer: heap-use-after-free on address 0x602000006dd1 at pc 0x00000121b06b bp 0x7fff1d7d60b0 sp 0x7fff1d7d60a8\nREAD of size 1 at 0x602000006dd1 thread T0\n #0 0x121b06a in nfa_regmatch /src/fuzzer11/triage_yeni/vim/src/./regexp_nfa.c:5855:13\n #1 0x11f4062 in nfa_regtry /src/fuzzer11/triage_yeni/vim/src/./regexp_nfa.c:7237:14\n #2 0x11f4062 in nfa_regexec_both /src/fuzzer11/triage_yeni/vim/src/./regexp_nfa.c:7432:14\n #3 0x113f156 in vim_regexec_multi /src/fuzzer11/triage_yeni/vim/src/regexp.c:2915:14\n #4 0x9163de in ex_substitute /src/fuzzer11/triage_yeni/vim/src/ex_cmds.c:3999:11\n #5 0x94ff7b in do_one_cmd /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:2614:2\n #6 0x94ff7b in do_cmdline /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:1000:17\n #7 0x136cde4 in do_source /src/fuzzer11/triage_yeni/vim/src/scriptfile.c:1406:5\n #8 0x13699e1 in cmd_source /src/fuzzer11/triage_yeni/vim/src/scriptfile.c:971:14\n #9 0x13699e1 in ex_source /src/fuzzer11/triage_yeni/vim/src/scriptfile.c:997:2\n #10 0x94ff7b in do_one_cmd /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:2614:2\n #11 0x94ff7b in do_cmdline /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:1000:17\n #12 0x1bcecfc in exe_commands /src/fuzzer11/triage_yeni/vim/src/main.c:3081:2\n #13 0x1bcecfc in vim_main2 /src/fuzzer11/triage_yeni/vim/src/main.c:773:2\n #14 0x1bc5a8f in main /src/fuzzer11/triage_yeni/vim/src/main.c:425:12\n #15 0x7fc9c677c0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)\n #16 0x41f64d in _start (/src/fuzzer11/triage_yeni/vim/src/vim+0x41f64d)\n\n0x602000006dd1 is located 1 bytes inside of 10-byte region [0x602000006dd0,0x602000006dda)\nfreed by thread T0 here:\n #0 0x49a642 in free (/src/fuzzer11/triage_yeni/vim/src/vim+0x49a642)\n #1 0xd5ee9f in ml_flush_line /src/fuzzer11/triage_yeni/vim/src/memline.c:4059:2\n\npreviously allocated by thread T0 here:\n #0 0x49a8ad in malloc (/src/fuzzer11/triage_yeni/vim/src/vim+0x49a8ad)\n #1 0x4cc2cb in lalloc /src/fuzzer11/triage_yeni/vim/src/alloc.c:244:11\n\nSUMMARY: AddressSanitizer: heap-use-after-free /src/fuzzer11/triage_yeni/vim/src/./regexp_nfa.c:5855:13 in nfa_regmatch\nShadow bytes around the buggy address:\n 0x0c047fff8d60: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd\n 0x0c047fff8d70: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd\n 0x0c047fff8d80: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd\n 0x0c047fff8d90: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd\n 0x0c047fff8da0: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd\n=>0x0c047fff8db0: fa fa fd fd fa fa fd fd fa fa[fd]fd fa fa 00 05\n 0x0c047fff8dc0: fa fa 02 fa fa fa 00 03 fa fa fd fa fa fa fd fa\n 0x0c047fff8dd0: fa fa 00 03 fa fa 00 03 fa fa 01 fa fa fa 05 fa\n 0x0c047fff8de0: fa fa 05 fa fa fa 05 fa fa fa 01 fa fa fa fa fa\n 0x0c047fff8df0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c047fff8e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07 \n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n Shadow gap: cc\n==126137==ABORTING\n```\n\n**References:**\n\nCWE-416: Use After Free - https://cwe.mitre.org/data/definitions/416.html\n\nThis vulnerability is capable of crashing software, bypass protection mechanism, modify of memory, and successful exploitation may lead to code execution\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-24T22:44:39", "type": "huntr", "title": "None in vim/vim", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3974"], "modified": "2021-11-17T18:18:36", "id": "E402CB2C-8EC4-4828-A692-C95F8E0DE6D4", "href": "https://www.huntr.dev/bounties/e402cb2c-8ec4-4828-a692-c95f8e0de6d4/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-10-31T17:08:53", "description": "\u270d\ufe0f Description\n\nWhen fuzzing vim commit `3c19b5050` (works with latest build and latest commit `65259b5c6` per this time of this report) [v8.2.3635]([https://github.com/vim/vim/releases/tag/v8.2.3635](https://github.com/vim/vim/releases/tag/v8.2.3635)) with clang 12 and ASan, I discovered a heap buffer overflow.\n\n# Proof of Concept\n\nHere is the poc download link\n\n```bash\nhttps://drive.google.com/file/d/16KrhAQ_Feps6uhQGwuc_l8KETMz0eTyz/view?usp=sharing\n```\n\nHow to build\n\n```bash\nLD=lld AS=llvm-as AR=llvm-ar RANLIB=llvm-ranlib CC=clang CXX=clang++ CFLAGS=\"-fsanitize=address\" CXXFLAGS=\"-fsanitize=address\" LDFLAGS=\"-ldl -fsanitize=address\" ./configure --with-features=huge --enable-gui=none\nmake -j2\n```\n\nProof of Concept\n\nRun crafted file with this command\n\n`./vim -u NONE -X -Z -e -s -S pocBO_min -c :qa!`\n\nASan stack trace:\n\n```bash\naldo@vps:~/vim-8.2.3635/src$ ASAN_OPTIONS=symbolize=1 ASAN_SYMBOLIZER_PATH=/usr/bin/llvm-symbolizer ./vim -u NONE -X -Z -e -s -S pocBO_min -c :qa!\n=================================================================\n==2485525==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x619000000e81 at pc 0x000000486718 bp 0x7ffffffefd60 sp 0x7ffffffef520\nWRITE of size 1023 at 0x619000000e81 thread T0\n #0 0x486717 in strcpy (/home/aldo/vim/src/vim+0x486717)\n #1 0xc80184 in find_help_tags /home/aldo/vim/src/help.c:426:6\n #2 0xc7b823 in ex_help /home/aldo/vim/src/help.c:88:9\n #3 0xa06f9d in do_one_cmd /home/aldo/vim/src/ex_docmd.c:2614:2\n #4 0x9eabea in do_cmdline /home/aldo/vim/src/ex_docmd.c:1000:17\n #5 0x1592d2d in do_source /home/aldo/vim/src/scriptfile.c:1406:5\n #6 0x158dd61 in cmd_source /home/aldo/vim/src/scriptfile.c:971:14\n #7 0x158d66e in ex_source /home/aldo/vim/src/scriptfile.c:997:2\n #8 0xa06f9d in do_one_cmd /home/aldo/vim/src/ex_docmd.c:2614:2\n #9 0x9eabea in do_cmdline /home/aldo/vim/src/ex_docmd.c:1000:17\n #10 0x9f1fd1 in do_cmdline_cmd /home/aldo/vim/src/ex_docmd.c:594:12\n #11 0x1f239a1 in exe_commands /home/aldo/vim/src/main.c:3081:2\n #12 0x1f1cd23 in vim_main2 /home/aldo/vim/src/main.c:773:2\n #13 0x1f081ed in main /home/aldo/vim/src/main.c:425:12\n #14 0x7ffff78260b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16\n #15 0x41fe2d in _start (/home/aldo/vim/src/vim+0x41fe2d)\n\n0x619000000e81 is located 0 bytes to the right of 1025-byte region [0x619000000a80,0x619000000e81)\nallocated by thread T0 here:\n #0 0x49aced in malloc (/home/aldo/vim/src/vim+0x49aced)\n #1 0x4cc661 in lalloc /home/aldo/vim/src/alloc.c:244:11\n #2 0x4cc4ba in alloc /home/aldo/vim/src/alloc.c:151:12\n #3 0x1f08292 in common_init /home/aldo/vim/src/main.c:910:19\n #4 0x1f068bb in main /home/aldo/vim/src/main.c:179:5\n #5 0x7ffff78260b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16\n\nSUMMARY: AddressSanitizer: heap-buffer-overflow (/home/aldo/vim/src/vim+0x486717) in strcpy\nShadow bytes around the buggy address:\n 0x0c327fff8180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c327fff8190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c327fff81a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c327fff81b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c327fff81c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n=>0x0c327fff81d0:[01]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c327fff81e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c327fff81f0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd\n 0x0c327fff8200: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd\n 0x0c327fff8210: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd\n 0x0c327fff8220: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07\n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n Shadow gap: cc\n==2485525==ABORTING\n```\n\n# \ud83d\udca5 Impact\n\nThis vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-23T22:16:23", "type": "huntr", "title": "Heap-based Buffer Overflow in vim/vim", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4019"], "modified": "2021-11-25T10:46:07", "id": "D8798584-A6C9-4619-B18F-001B9A6FCA92", "href": "https://www.huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-10-31T17:08:56", "description": "**Description**\n\nGreetings, \n\nA Heap-based Buffer Overflow issue was discovered in Vim.\n\nThe POC file is reduced to the absolute minimum to reproduce the problem.\nPlease see sanitizer output and the \"trimmed\" POC file link below.\n\n**System info**\nOS version : Ubuntu 20.04.2 LTS + Clang 12 with ASan\nVim Version : master(3cad470) - Thu Nov 18 15:37:29 2021 +0000 \n\n**Steps to reproduce:**\n\n1. \n\n```\ngit clone https://github.com/vim/vim\n```\n\n2. \n\n```\nLD=lld-12 AS=llvm-as-12 AR=llvm-ar-12 RANLIB=llvm-ranlib-12 CC=clang-12 CXX=clang++-12 CFLAGS=\"-fsanitize=address\" CXXFLAGS=\"-fsanitize=address\" LDFLAGS=\"-ldl -fsanitize=address\" ./configure --with-features=huge --enable-gui=none && make\n```\n\n3. Download POC from [This URL](https://drive.google.com/file/d/13rU6pvWzYk7H9ncxWSfVxEv9ppdeHhe2/)\n\n```\n./vim -u NONE -X -Z -e -s -S POC -c :qa!\n```\nSanitizer output:\n```\n\n=================================================================\n==135953==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000012918 at pc 0x00000139d8cd bp 0x7ffd76bc2330 sp 0x7ffd76bc2328\nREAD of size 1 at 0x621000012918 thread T0\n #0 0x139d8cc in findmatchlimit /src/fuzzer11/triage_yeni/vim/src/search.c:2590:6\n #1 0x60e8c5 in find_start_brace /src/fuzzer11/triage_yeni/vim/src/cindent.c:1646:22\n #2 0x5c1385 in get_c_indent /src/fuzzer11/triage_yeni/vim/src/cindent.c:2317:24\n #3 0xc0c7b8 in op_reindent /src/fuzzer11/triage_yeni/vim/src/indent.c:1060:12\n #4 0xf389b7 in do_pending_operator /src/fuzzer11/triage_yeni/vim/src/ops.c\n #5 0xe84da1 in normal_cmd /src/fuzzer11/triage_yeni/vim/src/normal.c:1125:2\n #6 0x9aefb4 in exec_normal /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c\n #7 0x9ad0aa in exec_normal_cmd /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:8548:5\n #8 0x9ad0aa in ex_normal /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:8466:6\n #9 0x94ff7b in do_one_cmd /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:2614:2\n #10 0x94ff7b in do_cmdline /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:1000:17\n #11 0x136cde4 in do_source /src/fuzzer11/triage_yeni/vim/src/scriptfile.c:1406:5\n #12 0x13699e1 in cmd_source /src/fuzzer11/triage_yeni/vim/src/scriptfile.c:971:14\n #13 0x13699e1 in ex_source /src/fuzzer11/triage_yeni/vim/src/scriptfile.c:997:2\n #14 0x94ff7b in do_one_cmd /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:2614:2\n #15 0x94ff7b in do_cmdline /src/fuzzer11/triage_yeni/vim/src/ex_docmd.c:1000:17\n #16 0x1bcecfc in exe_commands /src/fuzzer11/triage_yeni/vim/src/main.c:3081:2\n #17 0x1bcecfc in vim_main2 /src/fuzzer11/triage_yeni/vim/src/main.c:773:2\n #18 0x1bc5a8f in main /src/fuzzer11/triage_yeni/vim/src/main.c:425:12\n #19 0x7f43168c50b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)\n #20 0x41f64d in _start (/src/fuzzer11/triage_yeni/vim/src/vim+0x41f64d)\n\n0x621000012918 is located 24 bytes to the right of 4096-byte region [0x621000011900,0x621000012900)\nallocated by thread T0 here:\n #0 0x49a8ad in malloc (/src/fuzzer11/triage_yeni/vim/src/vim+0x49a8ad)\n #1 0x4cc2cb in lalloc /src/fuzzer11/triage_yeni/vim/src/alloc.c:244:11\n\nSUMMARY: AddressSanitizer: heap-buffer-overflow /src/fuzzer11/triage_yeni/vim/src/search.c:2590:6 in findmatchlimit\nShadow bytes around the buggy address:\n 0x0c427fffa4d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c427fffa4e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c427fffa4f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c427fffa500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c427fffa510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n=>0x0c427fffa520: fa fa fa[fa]fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa530: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa540: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa550: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa560: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c427fffa570: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07 \n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n Shadow gap: cc\n==135953==ABORTING\n```\n\n\n**References:**\n\nCWE-122: Heap-based Buffer Overflow - https://cwe.mitre.org/data/definitions/122.html\n\nThis vulnerability is capable of crashing software, bypass protection mechanism, modify of memory, and successful exploitation may lead to code execution", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-18T17:49:08", "type": "huntr", "title": "Heap-based Buffer Overflow in vim/vim", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984"], "modified": "2021-11-19T19:39:40", "id": "B114B5A2-18E2-49F0-B350-15994D71426A", "href": "https://www.huntr.dev/bounties/b114b5a2-18e2-49f0-b350-15994d71426a/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cnvd": [{"lastseen": "2022-11-05T07:04:09", "description": "Vim is a UNIX-based editor, and a buffer overflow vulnerability exists in Vim, which stems from the product's failure to properly determine memory boundaries and can be exploited by attackers to cause a buffer overflow.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-24T00:00:00", "type": "cnvd", "title": "Vim Buffer Overflow Vulnerability (CNVD-2022-05069)", "bulletinFamily": "cnvd", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973"], "modified": "2022-01-19T00:00:00", "id": "CNVD-2022-05069", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-05069", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-05T07:04:38", "description": "Vim is a UNIX-based editor, and a resource management error vulnerability exists in Vim, which stems from the product's failure to determine the validity of resources and can be exploited by attackers to cause abnormal operations.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-24T00:00:00", "type": "cnvd", "title": "Vim Resource Management Error Vulnerability (CNVD-2022-05068)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3974"], "modified": "2022-01-19T00:00:00", "id": "CNVD-2022-05068", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-05068", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T07:09:42", "description": "Vim is a UNIX-based editor. vim is vulnerable to a memory mis-reference vulnerability in the ex_open() function in src/ex_docmd.c, which could be exploited to cause a denial of service or code execution.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-12T00:00:00", "type": "cnvd", "title": "Vim memory mis-reference vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2022-01-14T00:00:00", "id": "CNVD-2022-03908", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-03908", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T07:04:36", "description": "Vim is a UNIX-based editor, and a security vulnerability exists in Vim that can be exploited by attackers to perform buffer overflow attacks.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-02T00:00:00", "type": "cnvd", "title": "Vim has an unspecified vulnerability (CNVD-2022-05066)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4019"], "modified": "2022-01-19T00:00:00", "id": "CNVD-2022-05066", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-05066", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T07:04:29", "description": "Vim is a UNIX-based editor, and a security vulnerability exists in Vim that can be exploited by attackers to perform buffer overflow attacks.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-02T00:00:00", "type": "cnvd", "title": "Vim has an unspecified vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984"], "modified": "2022-01-19T00:00:00", "id": "CNVD-2022-05067", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-05067", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2022-11-10T12:49:46", "description": "vim is vulnerable to remote code execution. The vulnerability exists due to a use-after-free allowing an attacker to execute malicious code in the system.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-15T22:11:12", "type": "veracode", "title": "Remote Code Execution (RCE)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3974"], "modified": "2022-11-09T06:40:08", "id": "VERACODE:33712", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33712/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-10-25T00:33:50", "description": "vim.so is vulnerable to heap-based buffer overflow. The lack of sanitization causes a heap-based buffer overflow which could result in an application crash. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-15T22:10:54", "type": "veracode", "title": "Heap-based Buffer Overflow", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973"], "modified": "2022-08-29T20:14:49", "id": "VERACODE:33711", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33711/summary", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-10T12:50:08", "description": "vim is vulnerable to Heap-based Buffer Overflow. The vulnerability exists due to the lack of sanitization of the `help.c`causes a heap-based buffer overflow which could result in an application crash. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-23T00:19:12", "type": "veracode", "title": "Heap-Based Buffer Overflow", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4019"], "modified": "2022-11-09T06:40:08", "id": "VERACODE:33822", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33822/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-10T12:49:45", "description": "vim is vulnerable to use after free. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-22T23:39:38", "type": "veracode", "title": "Use After Free", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2022-11-09T06:40:02", "id": "VERACODE:33821", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33821/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-10T12:49:46", "description": "vim is vulnerable to denial of service. The vulnerability exists due to a heap-based Buffer Overflow allowing an attacker to crash the system. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-15T21:52:58", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984"], "modified": "2022-11-09T06:40:06", "id": "VERACODE:33708", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33708/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-12-06T15:48:46", "description": "vim is vulnerable to Use After Free", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-19T11:15:00", "type": "cve", "title": "CVE-2021-3974", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3974"], "modified": "2023-11-07T03:38:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:34", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2021-3974", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3974", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:48:43", "description": "vim is vulnerable to Heap-based Buffer Overflow", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-19T12:15:00", "type": "cve", "title": "CVE-2021-3973", "cwe": ["CWE-122"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973"], "modified": "2023-11-07T03:38:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:34", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2021-3973", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3973", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:51:13", "description": "vim is vulnerable to Heap-based Buffer Overflow", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-01T10:15:00", "type": "cve", "title": "CVE-2021-4019", "cwe": ["CWE-122"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4019"], "modified": "2023-11-07T03:40:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:34", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2021-4019", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4019", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:53:12", "description": "vim is vulnerable to Use After Free", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-06T12:15:00", "type": "cve", "title": "CVE-2021-4069", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2023-11-07T03:40:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:34", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2021-4069", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4069", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:49:21", "description": "vim is vulnerable to Heap-based Buffer Overflow", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-01T11:15:00", "type": "cve", "title": "CVE-2021-3984", "cwe": ["CWE-122"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984"], "modified": "2023-11-07T03:38:00", "cpe": ["cpe:/o:fedoraproject:fedora:34", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2021-3984", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3984", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2023-12-05T13:48:26", "description": "vim is vulnerable to Use After Free\n\n#### Bugs\n\n * <https://huntr.dev/bounties/e402cb2c-8ec4-4828-a692-c95f8e0de6d4>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-19T00:00:00", "type": "ubuntucve", "title": "CVE-2021-3974", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3974"], "modified": "2021-11-19T00:00:00", "id": "UB:CVE-2021-3974", "href": "https://ubuntu.com/security/CVE-2021-3974", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-05T13:48:25", "description": "vim is vulnerable to Heap-based Buffer Overflow\n\n#### Bugs\n\n * <https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-19T00:00:00", "type": "ubuntucve", "title": "CVE-2021-3973", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973"], "modified": "2021-11-19T00:00:00", "id": "UB:CVE-2021-3973", "href": "https://ubuntu.com/security/CVE-2021-3973", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-05T13:48:04", "description": "vim is vulnerable to Use After Free\n\n#### Bugs\n\n * <https://huntr.dev/bounties/0efd6d23-2259-4081-9ff1-3ade26907d74>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-06T00:00:00", "type": "ubuntucve", "title": "CVE-2021-4069", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2021-12-06T00:00:00", "id": "UB:CVE-2021-4069", "href": "https://ubuntu.com/security/CVE-2021-4069", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-05T13:48:08", "description": "vim is vulnerable to Heap-based Buffer Overflow\n\n#### Bugs\n\n * <https://huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[rayveldkamp](<https://launchpad.net/~rayveldkamp>) | in focal and earlier vulnerable function from src/help.c is in src/ex_cmds.c.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-01T00:00:00", "type": "ubuntucve", "title": "CVE-2021-4019", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4019"], "modified": "2021-12-01T00:00:00", "id": "UB:CVE-2021-4019", "href": "https://ubuntu.com/security/CVE-2021-4019", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-05T13:48:08", "description": "vim is vulnerable to Heap-based Buffer Overflow\n\n#### Bugs\n\n * <https://huntr.dev/bounties/b114b5a2-18e2-49f0-b350-15994d71426a>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[rayveldkamp](<https://launchpad.net/~rayveldkamp>) | for bionic and earlier, the vulnerable function in src/cindent.c is in src/misc1.c.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-01T00:00:00", "type": "ubuntucve", "title": "CVE-2021-3984", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984"], "modified": "2021-12-01T00:00:00", "id": "UB:CVE-2021-3984", "href": "https://ubuntu.com/security/CVE-2021-3984", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cbl_mariner": [{"lastseen": "2023-12-06T20:20:25", "description": "CVE-2021-3974 affecting package vim 8.2.3582-1. An upgraded version of the package is available that resolves this issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-17T20:09:33", "type": "cbl_mariner", "title": "CVE-2021-3974 affecting package vim 8.2.3582-1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3974"], "modified": "2021-12-17T20:09:33", "id": "CBLMARINER:6235", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:20:29", "description": "CVE-2021-3974 affecting package vim 8.2.3582-1. An upgraded version of the package is available that resolves this issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-04-09T06:51:50", "type": "cbl_mariner", "title": "CVE-2021-3974 affecting package vim 8.2.3582-1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3974"], "modified": "2022-04-09T06:51:50", "id": "CBLMARINER:6947", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:20:29", "description": "CVE-2021-3973 affecting package vim 8.2.3582-1. An upgraded version of the package is available that resolves this issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-04-09T06:51:50", "type": "cbl_mariner", "title": "CVE-2021-3973 affecting package vim 8.2.3582-1", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973"], "modified": "2022-04-09T06:51:50", "id": "CBLMARINER:6946", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T20:20:25", "description": "CVE-2021-3973 affecting package vim 8.2.3582-1. An upgraded version of the package is available that resolves this issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-17T20:09:33", "type": "cbl_mariner", "title": "CVE-2021-3973 affecting package vim 8.2.3582-1", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3973"], "modified": "2021-12-17T20:09:33", "id": "CBLMARINER:6234", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T20:20:25", "description": "CVE-2021-4019 affecting package vim 8.2.3668-4. A patched version of the package is available.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-20T16:12:19", "type": "cbl_mariner", "title": "CVE-2021-4019 affecting package vim 8.2.3668-4", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4019"], "modified": "2021-12-20T16:12:19", "id": "CBLMARINER:6290", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:20:29", "description": "CVE-2021-4069 affecting package vim 8.2.3582-1. An upgraded version of the package is available that resolves this issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-04-09T06:51:50", "type": "cbl_mariner", "title": "CVE-2021-4069 affecting package vim 8.2.3582-1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2022-04-09T06:51:50", "id": "CBLMARINER:6950", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:20:25", "description": "CVE-2021-4069 affecting package vim 8.2.3668-4. A patched version of the package is available.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-20T16:12:19", "type": "cbl_mariner", "title": "CVE-2021-4069 affecting package vim 8.2.3668-4", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4069"], "modified": "2021-12-20T16:12:19", "id": "CBLMARINER:6297", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:20:29", "description": "CVE-2021-4019 affecting package vim 8.2.3582-1. An upgraded version of the package is available that resolves this issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-04-09T06:51:50", "type": "cbl_mariner", "title": "CVE-2021-4019 affecting package vim 8.2.3582-1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4019"], "modified": "2022-04-09T06:51:50", "id": "CBLMARINER:6949", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:20:25", "description": "CVE-2021-3984 affecting package vim 8.2.3582-1. An upgraded version of the package is available that resolves this issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-17T20:09:33", "type": "cbl_mariner", "title": "CVE-2021-3984 affecting package vim 8.2.3582-1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984"], "modified": "2021-12-17T20:09:33", "id": "CBLMARINER:6289", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:20:29", "description": "CVE-2021-3984 affecting package vim 8.2.3582-1. An upgraded version of the package is available that resolves this issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-04-09T06:51:50", "type": "cbl_mariner", "title": "CVE-2021-3984 affecting package vim 8.2.3582-1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3984"], "modified": "2022-04-09T06:51:50", "id": "CBLMARINER:6948", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "almalinux": [{"lastseen": "2023-12-06T17:27:28", "description": "Vim (Vi IMproved) is an updated and improved version of the vi editor.\n\nSecurity Fix(es):\n\n* vim: heap-based buffer overflow in win_redr_status() in drawscreen.c (CVE-2021-3872)\n\n* vim: illegal memory access in find_start_brace() in cindent.c when C-indenting (CVE-2021-3984)\n\n* vim: heap-based buffer overflow in find_help_tags() in help.c (CVE-2021-4019)\n\n* vim: use-after-free in win_linetabsize() (CVE-2021-4192)\n\n* vim: out-of-bound read in getvcol() (CVE-2021-4193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-01T20:12:46", "type": "almalinux", "title": "Moderate: vim security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2022-02-02T11:55:08", "id": "ALSA-2022:0366", "href": "https://errata.almalinux.org/8/ALSA-2022-0366.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2023-12-06T20:41:26", "description": "Vim (Vi IMproved) is an updated and improved version of the vi editor.\n\nSecurity Fix(es):\n\n* vim: heap-based buffer overflow in win_redr_status() in drawscreen.c (CVE-2021-3872)\n\n* vim: illegal memory access in find_start_brace() in cindent.c when C-indenting (CVE-2021-3984)\n\n* vim: heap-based buffer overflow in find_help_tags() in help.c (CVE-2021-4019)\n\n* vim: use-after-free in win_linetabsize() (CVE-2021-4192)\n\n* vim: out-of-bound read in getvcol() (CVE-2021-4193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-01T20:12:46", "type": "redhat", "title": "(RHSA-2022:0366) Moderate: vim security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4192", "CVE-2021-4193"], "modified": "2022-02-01T20:19:10", "id": "RHSA-2022:0366", "href": "https://access.redhat.com/errata/RHSA-2022:0366", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:41:26", "description": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-08T22:00:22", "type": "redhat", "title": "(RHSA-2022:0476) Important: Red Hat OpenShift GitOps security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3521", "CVE-2021-3712", "CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4122", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-24348"], "modified": "2022-02-08T22:00:39", "id": "RHSA-2022:0476", "href": "https://access.redhat.com/errata/RHSA-2022:0476", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:41:26", "description": "OpenShift Logging bug fix and security update (5.3.5)\n\nSecurity Fix(es):\n\n* jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception (CVE-2020-28491)\n\n* origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409 (CVE-2022-0552)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-03-01T14:01:24", "type": "redhat", "title": "(RHSA-2022:0721) Moderate: OpenShift Logging bug fix and security update (5.3.5)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28491", "CVE-2021-21409", "CVE-2021-3521", "CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4122", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0552"], "modified": "2022-03-01T14:01:38", "id": "RHSA-2022:0721", "href": "https://access.redhat.com/errata/RHSA-2022:0721", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:41:26", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console\u2014with security policy built in.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.\n\nThis advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/\n\nSecurity updates:\n\n* Nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* Nanoid: Information disclosure via valueOf() function (CVE-2021-23566)\n\n* Golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n\n* Follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)\n\nBug fixes:\n\n* Inform ACM policy is not checking properly the node fields (BZ# 2015588)\n\n* ImagePullPolicy is \"Always\" for multicluster-operators-subscription-rhel8 image (BZ# 2021128)\n\n* Traceback blocks reconciliation of helm repository hosted on AWS S3 storage (BZ# 2021576)\n\n* RHACM 2.3.6 images (BZ# 2029507)\n\n* Console UI enabled SNO UI Options not displayed during cluster creating (BZ# 2030002)\n\n* Grc pod restarts for each new GET request to the Governance Policy Page (BZ# 2037351)\n\n* Clustersets do not appear in UI (BZ# 2049810)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-22T13:33:53", "type": "redhat", "title": "(RHSA-2022:0595) Important: Red Hat Advanced Cluster Management 2.3.6 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25704", "CVE-2020-36322", "CVE-2021-20321", "CVE-2021-23566", "CVE-2021-3521", "CVE-2021-3712", "CVE-2021-3872", "CVE-2021-3918", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4034", "CVE-2021-4122", "CVE-2021-4155", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-42574", "CVE-2021-42739", "CVE-2021-43565", "CVE-2022-0155", "CVE-2022-0185", "CVE-2022-20612", "CVE-2022-20617"], "modified": "2022-03-04T00:06:50", "id": "RHSA-2022:0595", "href": "https://access.redhat.com/errata/RHSA-2022:0595", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:41:26", "description": "Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services.\n\nThis erratum releases a new image for Red Hat Single Sign-On 7.4.10 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-07T13:32:05", "type": "redhat", "title": "(RHSA-2022:0444) Moderate: Red Hat Single Sign-On 7.4.10 on OpenJDK for OpenShift image security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3521", "CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4104", "CVE-2021-4122", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-21248", "CVE-2022-21282", "CVE-2022-21283", "CVE-2022-21293", "CVE-2022-21294", "CVE-2022-21296", "CVE-2022-21299", "CVE-2022-21305", "CVE-2022-21340", "CVE-2022-21341", "CVE-2022-21360", "CVE-2022-21365", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-07T13:33:17", "id": "RHSA-2022:0444", "href": "https://access.redhat.com/errata/RHSA-2022:0444", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T20:41:26", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console\u2014with security policy built in.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.\n\nThis advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/\n\nSecurity updates:\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* containerd: Unprivileged pod may bind mount any privileged regular file on disk (CVE-2021-43816)\n\n* minio-go: user privilege escalation in AddUser() admin API (CVE-2021-43858)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* fastify-static: open redirect via an URL with double slash followed by a domain (CVE-2021-22963) \n\n* moby: `docker cp` allows unexpected chmod of host file (CVE-2021-41089)\n\n* moby: data directory contains subdirectories with insufficiently restricted permissions, which could lead to directory traversal (CVE-2021-41091)\n\n* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n\n* node-fetch: Exposure of Sensitive Information to an Unauthorized Actor (CVE-2022-0235)\n\n* nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450)\n\nBug fixes:\n\n* Trying to create a new cluster on vSphere and no feedback, stuck in \"creating\" (Bugzilla #1937078)\n\n* The hyperlink of *ks cluster node cannot be opened when I want to check the node (Bugzilla #2028100)\n\n* Unable to make SSH connection to a Bitbucket server (Bugzilla #2028196)\n\n* RHACM cannot deploy Helm Charts with version numbers starting with letters (e.g. v1.6.1) (Bugzilla #2028931)\n\n* RHACM 2.4.2 images (Bugzilla #2029506)\n\n* Git Application still appears in Application Table and Resources are Still Seen in Advanced Configuration Upon Deletion after Upgrade from 2.4.0 (Bugzilla #2030005)\n\n* Namespace left orphaned after destroying the cluster (Bugzilla #2030379)\n\n* The results filtered through the filter contain some data that should not be present in cluster page (Bugzilla #2034198)\n\n* Git over ssh doesn't use custom port set in url (Bugzilla #2036057)\n\n* The value of name label changed from clusterclaim name to cluster name (Bugzilla #2042223)\n\n* ACM configuration policies do not handle Limitrange or Quotas values (Bugzilla #2042545)\n\n* Cluster addons do not appear after upgrade from ACM 2.3.5 to ACM 2.3.6 (Bugzilla #2050847)\n\n* The azure government regions were not list in the region drop down list when creating the cluster (Bugzilla #2051797)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-03T01:33:59", "type": "redhat", "title": "(RHSA-2022:0735) Important: Red Hat Advanced Cluster Management 2.4.2 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22963", "CVE-2021-3521", "CVE-2021-3712", "CVE-2021-3807", "CVE-2021-3872", "CVE-2021-3918", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4034", "CVE-2021-41089", "CVE-2021-41091", "CVE-2021-4122", "CVE-2021-4155", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-42574", "CVE-2021-43565", "CVE-2021-43816", "CVE-2021-43858", "CVE-2022-0185", "CVE-2022-0235", "CVE-2022-24407", "CVE-2022-24450"], "modified": "2022-08-17T07:48:36", "id": "RHSA-2022:0735", "href": "https://access.redhat.com/errata/RHSA-2022:0735", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T20:41:26", "description": "Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services.\n\nThis erratum releases a new image for Red Hat Single Sign-On 7.4.10 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-07T13:32:11", "type": "redhat", "title": "(RHSA-2022:0445) Moderate: Red Hat Single Sign-On 7.4.10 on OpenJ9 for OpenShift image security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3521", "CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4104", "CVE-2021-4122", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-21248", "CVE-2022-21282", "CVE-2022-21283", "CVE-2022-21293", "CVE-2022-21294", "CVE-2022-21296", "CVE-2022-21299", "CVE-2022-21305", "CVE-2022-21340", "CVE-2022-21341", "CVE-2022-21360", "CVE-2022-21365", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-07T13:33:33", "id": "RHSA-2022:0445", "href": "https://access.redhat.com/errata/RHSA-2022:0445", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T20:41:26", "description": "Release osp-director-operator images\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-14T09:17:24", "type": "redhat", "title": "(RHSA-2022:0842) Important: Release of containers for OSP 16.2 director operator tech preview", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3521", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-3800", "CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4122", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-42574", "CVE-2021-44716", "CVE-2022-24407"], "modified": "2022-03-14T09:17:56", "id": "RHSA-2022:0842", "href": "https://access.redhat.com/errata/RHSA-2022:0842", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T20:41:26", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.2.11 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments.\n\nClusters and applications are all visible and managed from a single console \u2014 with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide security fixes, bug fixes and container upgrades. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/\n\nSecurity updates:\n\n* object-path: Type confusion vulnerability can lead to a bypass of CVE-2020-15256 (CVE-2021-23434)\n\n* follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)\n\nRelated bugs: \n\n* RHACM 2.2.11 images (Bugzilla #2029508)\n\n* ClusterImageSet has 4.5 which is not supported in ACM 2.2.10 (Bugzilla #2030859)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-14T12:22:55", "type": "redhat", "title": "(RHSA-2022:0856) Moderate: Red Hat Advanced Cluster Management 2.2.11 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-0465", "CVE-2020-0466", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-15256", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-25709", "CVE-2020-25710", "CVE-2021-0920", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-23434", "CVE-2021-25214", &quo