Vulnerability Name: | CVE-2021-4173 (CCN-216124) | ||||||||||||
Assigned: | 2021-12-25 | ||||||||||||
Published: | 2021-12-25 | ||||||||||||
Updated: | 2022-11-02 | ||||||||||||
Summary: | vim is vulnerable to Use After Free | ||||||||||||
CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 7.0 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)
6.1 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||
Vulnerability Type: | CWE-416 | ||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2021-4173 Source: FULLDISC Type: Mailing List, Third Party Advisory 20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina Source: FULLDISC Type: Mailing List, Third Party Advisory 20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3 Source: FULLDISC Type: Mailing List, Third Party Advisory 20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6 Source: MLIST Type: Mailing List, Third Party Advisory [oss-security] 20220114 Re: 3 new CVE's in vim Source: XF Type: UNKNOWN vim-cve20214173-dos(216124) Source: CCN Type: Vim GIT Repository vim Source: MISC Type: Patch, Third Party Advisory https://github.com/vim/vim/commit/9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04 Source: CONFIRM Type: Exploit, Third Party Advisory https://huntr.dev/bounties/a1b236b9-89fb-4ccf-9689-ba11b471e766 Source: CCN Type: huntr Web site Use After Free in vim/vim Source: FEDORA Type: Third Party Advisory FEDORA-2022-a3d70b50f0 Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2022-48b86d586f Source: GENTOO Type: Third Party Advisory GLSA-202208-32 Source: CCN Type: Apple security document HT213183 About the security content of macOS Monterey 12.3 Source: CCN Type: Apple security document HT213256 About the security content of macOS Big Sur 11.6.6 Source: CCN Type: Apple security document HT213343 About the security content of Security Update 2022-005 Catalina Source: CONFIRM Type: Release Notes, Third Party Advisory https://support.apple.com/kb/HT213183 Source: CONFIRM Type: Third Party Advisory https://support.apple.com/kb/HT213256 Source: CONFIRM Type: Third Party Advisory https://support.apple.com/kb/HT213343 Source: CCN Type: Mend Vulnerability Database CVE-2021-4173 Source: CCN Type: Vim Web site Vim | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
BACK |