logo
DATABASE RESOURCES PRICING ABOUT US

Debian DLA-2947-1 : vim - LTS security update

Description

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2947 advisory. - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3927, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2022-0213) - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928) - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4192) - vim is vulnerable to Out-of-bounds Read (CVE-2021-4193) - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319) - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0359, CVE-2022-0361) - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368) - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408) - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554) - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685) - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714) - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related