[Git][security-tracker-team/security-tracker][master] Add CVE-2021-3796/vim
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 15 21:15:34 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
31d8f64f by Salvatore Bonaccorso at 2021-09-15T22:15:07+02:00
Add CVE-2021-3796/vim
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -863,7 +863,9 @@ CVE-2021-40865
CVE-2021-3797 (hestiacp is vulnerable to Use of Wrong Operator in String Comparison ...)
TODO: check
CVE-2021-3796 (vim is vulnerable to Use After Free ...)
- TODO: check
+ - vim <unfixed>
+ NOTE: https://huntr.dev/bounties/ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d/
+ NOTE: https://github.com/vim/vim/commit/35a9a00afcb20897d462a766793ff45534810dc3 (v8.2.3428)
CVE-2021-3795 (semver-regex is vulnerable to Inefficient Regular Expression Complexit ...)
TODO: check
CVE-2021-3794 (vuelidate is vulnerable to Inefficient Regular Expression Complexity ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31d8f64fcc58a1f44b7400883298effd8c446a87
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31d8f64fcc58a1f44b7400883298effd8c446a87
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210915/92b79c71/attachment.htm>
More information about the debian-security-tracker-commits
mailing list