vim is vulnerable to Heap-based Buffer Overflow

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-098 advisory.

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3770, CVE-2021-3903, CVE-2021-3927,     CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136, CVE-2022-0158, CVE-2022-0213)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

  - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187,     CVE-2021-4192, CVE-2022-0156)

  - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359,     CVE-2022-0361, CVE-2022-0407, CVE-2022-0572, CVE-2022-1886, CVE-2022-1942, CVE-2022-2125, CVE-2022-2182,     CVE-2022-2207)

  - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)

  - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)

  - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
    (CVE-2022-0351)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368, CVE-2022-0393,     CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)

  - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)

  - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408, CVE-2022-0629)

  - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898,     CVE-2022-1968, CVE-2022-2042)

  - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)

  - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)

  - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)

  - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)

  - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)

  - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)

  - heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. (CVE-2022-1160)

  - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This     vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible     remote execution (CVE-2022-1381)

  - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)

  - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is     capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution     (CVE-2022-1616)

  - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
    This vulnerabilities are capable of crashing software, modify memory, and possible remote execution     (CVE-2022-1619)

  - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim     prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows     attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)

  - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This     vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible     remote execution (CVE-2022-1621)

  - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This     vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution     (CVE-2022-1629)

  - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim     prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows     attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)

  - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This     vulnerability is capable of crashing the software, memory modification, and possible remote execution.
    (CVE-2022-1720)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. (CVE-2022-1725)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)

  - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)

  - Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. (CVE-2022-1769)

  - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)

  - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)

  - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)

  - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000,     CVE-2022-2129, CVE-2022-2210)

  - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286,     CVE-2022-2287)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)

  - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)

  - Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. (CVE-2022-2288)

  - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)

  - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. (CVE-2022-2522)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. (CVE-2022-2571)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. (CVE-2022-2580)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. (CVE-2022-2581)

  - Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100. (CVE-2022-2598)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. (CVE-2022-2816)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0213. (CVE-2022-2817)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. (CVE-2022-2819)

  - Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
    (CVE-2022-2845)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. (CVE-2022-2849)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0221. (CVE-2022-2862)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. (CVE-2022-2874)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0225. (CVE-2022-2889)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. (CVE-2022-2923)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0246. (CVE-2022-2946)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. (CVE-2022-2980)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0260. (CVE-2022-2982)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0286. (CVE-2022-3016)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0322. (CVE-2022-3037)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. (CVE-2022-3520)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0789. (CVE-2022-3591)

  - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function     qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use     after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this     issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the     affected component. The identifier of this vulnerability is VDB-212324. (CVE-2022-3705)

  - Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the     expression used in the RHS of the substitute command. (CVE-2022-4141)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0882. (CVE-2022-4292)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. (CVE-2023-0049)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4619-1 advisory.

  - Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045     allows local users to execute arbitrary code via a Trojan horse Python file in the current working     directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an     erroneous search path for plugin/bike.vim in bicyclerepair. (CVE-2009-0316)

  - vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap'     options, which may result in the execution of arbitrary code if a file with a specially crafted modeline     is opened. (CVE-2016-1248)

  - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group     (which may be different from the group ownership of the original file), which allows local users to obtain     sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned     by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability     than CVE-2017-1000382. (CVE-2017-17087)

  - vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file,     which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
    (CVE-2017-5953)

  - An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if     it does not properly validate values for tree length when reading a corrupted undo file, which may lead to     resultant buffer overflows. (CVE-2017-6349)

  - An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch     8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file,     which may lead to resultant buffer overflows. (CVE-2017-6350)

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875,     CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136,     CVE-2022-0213)

  - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

  - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359,     CVE-2022-0361, CVE-2022-0407, CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)

  - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)

  - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)

  - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
    (CVE-2022-0351)

  - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)

  - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-1898, CVE-2022-1968)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)

  - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This     vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible     remote execution (CVE-2022-1381)

  - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)

  - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is     capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution     (CVE-2022-1616)

  - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
    This vulnerabilities are capable of crashing software, modify memory, and possible remote execution     (CVE-2022-1619)

  - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim     prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows     attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)

  - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This     vulnerability is capable of crashing the software, memory modification, and possible remote execution.
    (CVE-2022-1720)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)

  - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)

  - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)

  - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)

  - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126,     CVE-2022-2183, CVE-2022-2206)

  - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2129,     CVE-2022-2210)

  - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286,     CVE-2022-2287)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)

  - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)

  - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. (CVE-2022-2522)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. (CVE-2022-2571)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. (CVE-2022-2580)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. (CVE-2022-2581)

  - Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100. (CVE-2022-2598)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. (CVE-2022-2816)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0213. (CVE-2022-2817)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. (CVE-2022-2819)

  - Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
    (CVE-2022-2845)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220. (CVE-2022-2849)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0221. (CVE-2022-2862)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. (CVE-2022-2874)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0225. (CVE-2022-2889)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240. (CVE-2022-2923)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0246. (CVE-2022-2946)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259. (CVE-2022-2980)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0260. (CVE-2022-2982)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0286. (CVE-2022-3016)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0322. (CVE-2022-3037)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. (CVE-2022-3234)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0490. (CVE-2022-3235)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. (CVE-2022-3278)

  - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. (CVE-2022-3296)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0579. (CVE-2022-3297)

  - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. (CVE-2022-3324)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0614. (CVE-2022-3352)

  - A vulnerability was found in vim and classified as problematic. Affected by this issue is the function     qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use     after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this     issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the     affected component. The identifier of this vulnerability is VDB-212324. (CVE-2022-3705)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-155 advisory.

  - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)

  - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3053 advisory.

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903)

  - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)

  - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)

  - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This     vulnerability is capable of crashing the software, memory modification, and possible remote execution.
    (CVE-2022-1720)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851, CVE-2022-2126)

  - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-1898, CVE-2022-1968)

  - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-2124)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2102-1 advisory.

  - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group     (which may be different from the group ownership of the original file), which allows local users to obtain     sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned     by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability     than CVE-2017-1000382. (CVE-2017-17087)

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875,     CVE-2021-3903, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136,     CVE-2022-0213)

  - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4192)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

  - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359,     CVE-2022-0361, CVE-2022-0407)

  - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)

  - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)

  - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
    (CVE-2022-0351)

  - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)

  - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-1898)

  - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428. (CVE-2022-0696)

  - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This     vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible     remote execution (CVE-2022-1381)

  - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)

  - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is     capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution     (CVE-2022-1616)

  - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
    This vulnerabilities are capable of crashing software, modify memory, and possible remote execution     (CVE-2022-1619)

  - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim     prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows     attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)

  - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)

  - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)

  - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)

  - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)

  - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)

  - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1851)

  - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897)

  - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3778, CVE-2021-3872, CVE-2021-3875,     CVE-2021-3903, CVE-2021-3927, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019)

  - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903, CVE-2021-3927)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1743 advisory.

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903, CVE-2021-3927, CVE-2021-3968,     CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

  - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187,     CVE-2021-4192)

  - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3875, CVE-2021-3903,     CVE-2021-3927)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1557 advisory.

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903, CVE-2021-3927, CVE-2021-3968,     CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

  - vim is vulnerable to Use After Free (CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187)

  - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

An update of the vim package has been released.

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3903, CVE-2021-3927)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5147-1 advisory.

  - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3872, CVE-2021-3903, CVE-2021-3927)

  - fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group     (which may be different from the group ownership of the original file), which allows local users to obtain     sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned     by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability     than CVE-2017-1000382. (CVE-2017-17087)

  - In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands     via scripting interfaces (e.g., Python, Ruby, or Lua). (CVE-2019-20807)

  - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
173115	Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-098)	Nessus	Amazon Linux Local Security Checks	critical
169350	SUSE SLES12 Security Update : vim (SUSE-SU-2022:4619-1)	Nessus	SuSE Local Security Checks	critical
166352	Amazon Linux 2022 : (ALAS2022-2022-155)	Nessus	Amazon Linux Local Security Checks	critical
162406	Debian DLA-3053-1 : vim - LTS security update	Nessus	Debian Local Security Checks	high
162382	SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:2102-1)	Nessus	SuSE Local Security Checks	critical
159870	EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-1415)	Nessus	Huawei Local Security Checks	high
159837	EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-1389)	Nessus	Huawei Local Security Checks	high
158400	EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1248)	Nessus	Huawei Local Security Checks	high
158366	EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-1260)	Nessus	Huawei Local Security Checks	high
158046	Amazon Linux 2 : vim (ALAS-2022-1743)	Nessus	Amazon Linux Local Security Checks	high
157195	EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1020)	Nessus	Huawei Local Security Checks	high
157185	EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-1040)	Nessus	Huawei Local Security Checks	high
156877	Amazon Linux AMI : vim (ALAS-2022-1557)	Nessus	Amazon Linux Local Security Checks	high
156577	Photon OS 3.0: Vim PHSA-2022-3.0-0344	Nessus	PhotonOS Local Security Checks	high
155351	Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Vim vulnerabilities (USN-5147-1)	Nessus	Ubuntu Local Security Checks	high

Detections

Analytics

CVE-2021-3903

high

Tenable Plugins

critical

critical

critical

high

critical

high

high

high

high

high

high

high

high

high

high