Base Score

HIGH8

CVE-2021-3968

vim is vulnerable to Heap-based Buffer Overflow

VectorNETWORK

Published Bysecurity@huntr.dev

Published DateNov 19, 2021, 12:15

Weakness Type (CWE):CWE-122

CVSS Metrics

Base Score

Vector String

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH

References

http://www.openwall.com/lists/oss-security/2022/01/15/1
https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69
https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/
https://security.gentoo.org/glsa/202208-32

Base Score

HIGH8

Weakness Type (CWE):CWE-122

CVSS Metrics

Base Score

Vector String

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH