[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2021-4019/vim

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 1 20:40:08 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
31365bb9 by Salvatore Bonaccorso at 2021-12-01T21:39:10+01:00
Add CVE-2021-4019/vim

- - - - -
85dc4958 by Salvatore Bonaccorso at 2021-12-01T21:39:34+01:00
Add CVE-2021-3984/vim

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -761,7 +761,9 @@ CVE-2021-4020 (janus-gateway is vulnerable to Improper Neutralization of Input D
 	NOTE: https://github.com/meetecho/janus-gateway/commit/ba166e9adebfe5343f826c6a9e02299d35414ffd
 	NOTE: Issues only in janus-demos built from src:janus
 CVE-2021-4019 (vim is vulnerable to Heap-based Buffer Overflow ...)
-	TODO: check
+	- vim <unfixed>
+	NOTE: https://huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92
+	NOTE: https://github.com/vim/vim/commit/bd228fd097b41a798f90944b5d1245eddd484142 (v8.2.3669)
 CVE-2021-44220
 	RESERVED
 CVE-2021-44219 (Gin-Vue-Admin before 2.4.6 mishandles a SQL database. ...)
@@ -1209,7 +1211,9 @@ CVE-2021-44041
 CVE-2021-3985 (kimai2 is vulnerable to Improper Neutralization of Input During Web Pa ...)
 	NOT-FOR-US: kimai2
 CVE-2021-3984 (vim is vulnerable to Heap-based Buffer Overflow ...)
-	TODO: check
+	- vim <unfixed>
+	NOTE: https://huntr.dev/bounties/b114b5a2-18e2-49f0-b350-15994d71426a
+	NOTE: https://github.com/vim/vim/commit/2de9b7c7c8791da8853a9a7ca9c467867465b655 (v8.2.3625)
 CVE-2021-3983 (kimai2 is vulnerable to Improper Neutralization of Input During Web Pa ...)
 	NOT-FOR-US: kimai2
 CVE-2022-21742



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8e61b25b7c272dd2be30ca68e1cabadf2c5d5396...85dc49588eaf5fe18d0207a49df20dfd9e4cf078

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8e61b25b7c272dd2be30ca68e1cabadf2c5d5396...85dc49588eaf5fe18d0207a49df20dfd9e4cf078
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211201/fbaac2bd/attachment.htm>


More information about the debian-security-tracker-commits mailing list