Vulnerability-Lookup

CVE-2021-3903 (GCVE-0-2021-3903)

Vulnerability from cvelistv5 – Published: 2021-10-27 21:00 – Updated: 2024-08-03 17:09

Title

Heap-based Buffer Overflow in vim/vim

Summary

vim is vulnerable to Heap-based Buffer Overflow

Severity

7.3 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

@huntrdev

References

7 references

URL	Tags
https://huntr.dev/bounties/35738a4f-55ce-446c-b83…	x_refsource_CONFIRM
https://github.com/vim/vim/commit/777e7c21b7627be…	x_refsource_MISC
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
http://www.openwall.com/lists/oss-security/2022/01/15/1	mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2022…	mailing-listx_refsource_MLIST

Impacted products

1 product

Vendor	Product	Version
vim	vim/vim	Affected: unspecified , < 8.2.3564 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:09:09.620Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43"
          },
          {
            "name": "FEDORA-2021-af135cabe2",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/"
          },
          {
            "name": "FEDORA-2021-a5e55a9e02",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/"
          },
          {
            "name": "FEDORA-2021-b0ac29efb1",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/"
          },
          {
            "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
          },
          {
            "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "vim/vim",
          "vendor": "vim",
          "versions": [
            {
              "lessThan": "8.2.3564",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "vim is vulnerable to Heap-based Buffer Overflow"
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-20T14:06:19.000Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43"
        },
        {
          "name": "FEDORA-2021-af135cabe2",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/"
        },
        {
          "name": "FEDORA-2021-a5e55a9e02",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/"
        },
        {
          "name": "FEDORA-2021-b0ac29efb1",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/"
        },
        {
          "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
        },
        {
          "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html"
        }
      ],
      "source": {
        "advisory": "35738a4f-55ce-446c-b836-2fb0b39625f8",
        "discovery": "EXTERNAL"
      },
      "title": "Heap-based Buffer Overflow in vim/vim",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2021-3903",
          "STATE": "PUBLIC",
          "TITLE": "Heap-based Buffer Overflow in vim/vim"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "vim/vim",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.2.3564"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "vim"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "vim is vulnerable to Heap-based Buffer Overflow"
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-122 Heap-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8",
              "refsource": "CONFIRM",
              "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8"
            },
            {
              "name": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43",
              "refsource": "MISC",
              "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43"
            },
            {
              "name": "FEDORA-2021-af135cabe2",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/"
            },
            {
              "name": "FEDORA-2021-a5e55a9e02",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/"
            },
            {
              "name": "FEDORA-2021-b0ac29efb1",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/"
            },
            {
              "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
            },
            {
              "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html"
            }
          ]
        },
        "source": {
          "advisory": "35738a4f-55ce-446c-b836-2fb0b39625f8",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2021-3903",
    "datePublished": "2021-10-27T21:00:13.000Z",
    "dateReserved": "2021-10-25T00:00:00.000Z",
    "dateUpdated": "2024-08-03T17:09:09.620Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-3903",
      "date": "2026-05-25",
      "epss": "0.00368",
      "percentile": "0.58833"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.2.3564\", \"matchCriteriaId\": \"1AD14F48-9F63-49C3-AB4E-B3AC1B136F50\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A930E247-0B43-43CB-98FF-6CE7B8189835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"vim is vulnerable to Heap-based Buffer Overflow\"}, {\"lang\": \"es\", \"value\": \"vim es vulnerable al desbordamiento del b\\u00fafer en la regi\\u00f3n Heap de la memoria\"}]",
      "id": "CVE-2021-3903",
      "lastModified": "2024-11-21T06:22:44.410",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"security@huntr.dev\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.5}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-10-27T21:15:08.047",
      "references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2022/01/15/1\", \"source\": \"security@huntr.dev\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43\", \"source\": \"security@huntr.dev\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8\", \"source\": \"security@huntr.dev\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html\", \"source\": \"security@huntr.dev\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/\", \"source\": \"security@huntr.dev\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/\", \"source\": \"security@huntr.dev\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/\", \"source\": \"security@huntr.dev\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/01/15/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@huntr.dev",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@huntr.dev\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-122\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-3903\",\"sourceIdentifier\":\"security@huntr.dev\",\"published\":\"2021-10-27T21:15:08.047\",\"lastModified\":\"2024-11-21T06:22:44.410\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"vim is vulnerable to Heap-based Buffer Overflow\"},{\"lang\":\"es\",\"value\":\"vim es vulnerable al desbordamiento del b\u00fafer en la regi\u00f3n Heap de la memoria\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@huntr.dev\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.2.3564\",\"matchCriteriaId\":\"1AD14F48-9F63-49C3-AB4E-B3AC1B136F50\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2022/01/15/1\",\"source\":\"security@huntr.dev\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43\",\"source\":\"security@huntr.dev\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8\",\"source\":\"security@huntr.dev\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html\",\"source\":\"security@huntr.dev\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/\",\"source\":\"security@huntr.dev\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/\",\"source\":\"security@huntr.dev\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/\",\"source\":\"security@huntr.dev\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/01/15/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTFR-2025-AVI-0855

Vulnerability from certfr_avis - Published: 2025-10-09 - Updated: 2025-10-09

De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS versions 24.4 antérieures à 24.4R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 22.4R3-S8-EVO
Juniper Networks	Junos OS	Junos OS versions 23.4 antérieures à 23.4R2-S5
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S4-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 22.4R3-S8
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S2-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 24.4-EVO antérieures à 24.4R2-EVO
Juniper Networks	Junos Space	Junos Space versions antérieures à 24.1R4
Juniper Networks	Security Director	Security Director Policy Enforcer versions antérieures à 23.1R1 Hotpatch v3
Juniper Networks	Junos Space	Junos Space Security Director versions antérieures à 24.1R4
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S5-EVO
Juniper Networks	Junos OS	Junos OS versions 23.2 antérieures à 23.2R2-S4
Juniper Networks	Junos OS	Junos OS versions 24.2 antérieures à 24.2R2-S1

References

Title

Publication Time

CERTFR-2025-AVI-0855

Vulnerability from certfr_avis - Published: 2025-10-09 - Updated: 2025-10-09

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS versions 24.4 antérieures à 24.4R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 22.4R3-S8-EVO
Juniper Networks	Junos OS	Junos OS versions 23.4 antérieures à 23.4R2-S5
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S4-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 22.4R3-S8
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S2-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 24.4-EVO antérieures à 24.4R2-EVO
Juniper Networks	Junos Space	Junos Space versions antérieures à 24.1R4
Juniper Networks	Security Director	Security Director Policy Enforcer versions antérieures à 23.1R1 Hotpatch v3
Juniper Networks	Junos Space	Junos Space Security Director versions antérieures à 24.1R4
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S5-EVO
Juniper Networks	Junos OS	Junos OS versions 23.2 antérieures à 23.2R2-S4
Juniper Networks	Junos OS	Junos OS versions 24.2 antérieures à 24.2R2-S1

References

Title

Publication Time

alsa-2024:9405

Vulnerability from osv_almalinux

Published

2024-11-12 00:00

Modified

2024-11-18 11:49

Summary

Low: vim security update

Details

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

vim: heap-based buffer overflow vulnerability (CVE-2021-3903)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2024:9405	ADVISORY
	https://access.redhat.com/security/cve/CVE-2021-3903	REPORT
	https://bugzilla.redhat.com/2018558	REPORT
	https://errata.almalinux.org/9/ALSA-2024-9405.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "vim-X11"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:8.2.2637-21.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "vim-common"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:8.2.2637-21.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "vim-enhanced"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:8.2.2637-21.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "vim-filesystem"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:8.2.2637-21.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "vim-minimal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:8.2.2637-21.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Vim (Vi IMproved) is an updated and improved version of the vi editor.  \n\nSecurity Fix(es):  \n\n  * vim: heap-based buffer overflow vulnerability (CVE-2021-3903)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  \n\nAdditional Changes:  \n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.\n",
  "id": "ALSA-2024:9405",
  "modified": "2024-11-18T11:49:53Z",
  "published": "2024-11-12T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2024:9405"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-3903"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2018558"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2024-9405.html"
    }
  ],
  "related": [
    "CVE-2021-3903"
  ],
  "summary": "Low: vim security update"
}

BDU:2021-06187

Vulnerability from fstec - Published: 21.11.2021

Title

Уязвимость редактора Vim, связанная с чтением за границами буфера, позволяющая нарушителю выполнить произвольные команды

Description

Уязвимость редактора Vim связанас чтением за границами буфера. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнять произвольные команды с помощью запускать сценария с использованием пареметра -s в командной строке

Severity


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor

ООО «РусБИТех-Астра», ООО «Ред Софт», Сообщество свободного программного обеспечения, АО «Концерн ВНИИНС», ООО «НЦПР»

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), vim, ОС ОН «Стрелец» (запись в едином реестре российских программ №6177), МСВСфера

Software Version

1.6 «Смоленск» (Astra Linux Special Edition), 7.2 Муром (РЕД ОС), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), до 8.2.3564 (vim), 4.7 (Astra Linux Special Edition), до 16.01.2023 (ОС ОН «Стрелец»), 9.5 (МСВСфера)

Possible Mitigations

Использование рекомендаций: Для РедОС: http://repo.red-soft.ru/redos/7.2c/x86_64/updates/ Для Vim: https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43 Для ОС Astra Linux: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16 Для Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47 Для Astra Linux Special Edition для «Эльбрус» 8.1 «Ленинград»: обновить пакет vim до 2:9.0.0242-1.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81 Для ОС ОН «Стрелец»: Обновление программного обеспечения vim до версии 2:8.0.0197-4+deb9u7 Для МСВСфера: https://errata.msvsphere-os.ru/definition/9/INFCSA-2024:9405?lang=ru

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-3903 https://redos.red-soft.ru/updatesec/ https://www.opennet.ru/opennews/art.shtml?num=56200 https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16 https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47 https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81 https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023 https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8 https://errata.msvsphere-os.ru/definition/9/INFCSA-2024:9405?lang=ru

CWE

CWE-125

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb, \u041e\u041e\u041e \u00ab\u041d\u0426\u041f\u0420\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 7.2 \u041c\u0443\u0440\u043e\u043c (\u0420\u0415\u0414 \u041e\u0421), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), \u0434\u043e 8.2.3564 (vim), 4.7 (Astra Linux Special Edition), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb), 9.5 (\u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421:\nhttp://repo.red-soft.ru/redos/7.2c/x86_64/updates/\n\n\u0414\u043b\u044f Vim:\nhttps://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\n\n\u0414\u043b\u044f Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 vim \u0434\u043e 2:9.0.0242-1.astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f vim \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2:8.0.0197-4+deb9u7\n\n\u0414\u043b\u044f \u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430: https://errata.msvsphere-os.ru/definition/9/INFCSA-2024:9405?lang=ru",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "21.11.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "19.11.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.12.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-06187",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-3903",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), vim, \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177), \u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.2 \u041c\u0443\u0440\u043e\u043c  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177), \u041e\u041e\u041e \u00ab\u041d\u0426\u041f\u0420\u00bb \u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430 9.5 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0430 Vim, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-125)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0430 Vim \u0441\u0432\u044f\u0437\u0430\u043d\u0430\u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u0440\u0435\u043c\u0435\u0442\u0440\u0430 -s \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0435",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2021-3903\nhttps://redos.red-soft.ru/updatesec/\nhttps://www.opennet.ru/opennews/art.shtml?num=56200\nhttps://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8\nhttps://errata.msvsphere-os.ru/definition/9/INFCSA-2024:9405?lang=ru",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-125",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}

CNVD-2022-05072

Vulnerability from cnvd - Published: 2022-01-19

Title

Vim缓冲区溢出漏洞（CNVD-2022-05072）

Description

Vim是一款基于UNIX平台的编辑器。 Vim存在缓冲区溢出漏洞，攻击者可利用该漏洞造成拒绝服务或者代码执行漏洞。

Severity

中

Patch Name

Vim缓冲区溢出漏洞（CNVD-2022-05072）的补丁

Patch Description

Vim是一款基于UNIX平台的编辑器。 Vim存在缓冲区溢出漏洞，攻击者可利用该漏洞造成拒绝服务或者代码执行漏洞。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43

Reference

https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43

Impacted products

Name
Vim Vim

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-3903",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-3903"
    }
  },
  "description": "Vim\u662f\u4e00\u6b3e\u57fa\u4e8eUNIX\u5e73\u53f0\u7684\u7f16\u8f91\u5668\u3002\n\nVim\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u6216\u8005\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-05072",
  "openTime": "2022-01-19",
  "patchDescription": "Vim\u662f\u4e00\u6b3e\u57fa\u4e8eUNIX\u5e73\u53f0\u7684\u7f16\u8f91\u5668\u3002\r\n\r\nVim\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u6216\u8005\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Vim\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2022-05072\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Vim Vim"
  },
  "referenceLink": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43",
  "serverity": "\u4e2d",
  "submitTime": "2021-10-31",
  "title": "Vim\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2022-05072\uff09"
}

FKIE_CVE-2021-3903

Vulnerability from fkie_nvd - Published: 2021-10-27 21:15 - Updated: 2024-11-21 06:22

Severity

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

vim is vulnerable to Heap-based Buffer Overflow

References

URL	Tags
security@huntr.dev	http://www.openwall.com/lists/oss-security/2022/01/15/1	Mailing List, Third Party Advisory
security@huntr.dev	https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43	Patch, Third Party Advisory
security@huntr.dev	https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8	Exploit, Issue Tracking, Patch, Third Party Advisory
security@huntr.dev	https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html	Mailing List, Third Party Advisory
security@huntr.dev	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/
security@huntr.dev	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/
security@huntr.dev	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2022/01/15/1	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8	Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/

Impacted products

Vendor	Product	Version
vim	vim	*
fedoraproject	fedora	33
fedoraproject	fedora	34
fedoraproject	fedora	35
debian	debian_linux	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD14F48-9F63-49C3-AB4E-B3AC1B136F50",
              "versionEndExcluding": "8.2.3564",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "vim is vulnerable to Heap-based Buffer Overflow"
    },
    {
      "lang": "es",
      "value": "vim es vulnerable al desbordamiento del b\u00fafer en la regi\u00f3n Heap de la memoria"
    }
  ],
  "id": "CVE-2021-3903",
  "lastModified": "2024-11-21T06:22:44.410",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.5,
        "source": "security@huntr.dev",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-27T21:15:08.047",
  "references": [
    {
      "source": "security@huntr.dev",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
    },
    {
      "source": "security@huntr.dev",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43"
    },
    {
      "source": "security@huntr.dev",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8"
    },
    {
      "source": "security@huntr.dev",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html"
    },
    {
      "source": "security@huntr.dev",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/"
    },
    {
      "source": "security@huntr.dev",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/"
    },
    {
      "source": "security@huntr.dev",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/"
    }
  ],
  "sourceIdentifier": "security@huntr.dev",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "security@huntr.dev",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

GHSA-XC29-P9XX-C3J9

Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2022-06-21 00:00

Details

vim is vulnerable to Heap-based Buffer Overflow

Severity

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-3903"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-122",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-27T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "vim is vulnerable to Heap-based Buffer Overflow",
  "id": "GHSA-xc29-p9xx-c3j9",
  "modified": "2022-06-21T00:00:46Z",
  "published": "2022-05-24T19:18:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3903"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2021-3903

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

vim is vulnerable to Heap-based Buffer Overflow

Aliases

CVE-2021-3903

Aliases

CVE-2021-3903

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-3903",
    "description": "vim is vulnerable to Heap-based Buffer Overflow",
    "id": "GSD-2021-3903",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-3903.html",
      "https://ubuntu.com/security/CVE-2021-3903",
      "https://advisories.mageia.org/CVE-2021-3903.html",
      "https://security.archlinux.org/CVE-2021-3903",
      "https://alas.aws.amazon.com/cve/html/CVE-2021-3903.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-3903"
      ],
      "details": "vim is vulnerable to Heap-based Buffer Overflow",
      "id": "GSD-2021-3903",
      "modified": "2023-12-13T01:23:35.219634Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@huntr.dev",
        "ID": "CVE-2021-3903",
        "STATE": "PUBLIC",
        "TITLE": "Heap-based Buffer Overflow in vim/vim"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "vim/vim",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "8.2.3564"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "vim"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "vim is vulnerable to Heap-based Buffer Overflow"
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-122 Heap-based Buffer Overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8",
            "refsource": "CONFIRM",
            "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8"
          },
          {
            "name": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43",
            "refsource": "MISC",
            "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43"
          },
          {
            "name": "FEDORA-2021-af135cabe2",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/"
          },
          {
            "name": "FEDORA-2021-a5e55a9e02",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/"
          },
          {
            "name": "FEDORA-2021-b0ac29efb1",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/"
          },
          {
            "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
          },
          {
            "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html"
          }
        ]
      },
      "source": {
        "advisory": "35738a4f-55ce-446c-b836-2fb0b39625f8",
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.2.3564",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2021-3903"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "vim is vulnerable to Heap-based Buffer Overflow"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-122"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43"
            },
            {
              "name": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8"
            },
            {
              "name": "FEDORA-2021-a5e55a9e02",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/"
            },
            {
              "name": "FEDORA-2021-af135cabe2",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/"
            },
            {
              "name": "FEDORA-2021-b0ac29efb1",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/"
            },
            {
              "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1"
            },
            {
              "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-01-20T02:03Z",
      "publishedDate": "2021-10-27T21:15Z"
    }
  }
}

MSRC_CVE-2021-3903

Vulnerability from csaf_microsoft - Published: 2021-10-02 00:00 - Updated: 2021-11-03 00:00

Summary

Heap-based Buffer Overflow in vim/vim

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2021-3903

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 18971-16820		—

Known affected 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 16820-1		—	Vendor Fix fix

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2021/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2021/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2021-3903 Heap-based Buffer Overflow in vim/vim - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-3903.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Heap-based Buffer Overflow in vim/vim",
    "tracking": {
      "current_release_date": "2021-11-03T00:00:00.000Z",
      "generator": {
        "date": "2025-10-19T22:16:00.457Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2021-3903",
      "initial_release_date": "2021-10-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2021-11-03T00:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1.0",
                "product": {
                  "name": "CBL Mariner 1.0",
                  "product_id": "16820"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccm1 vim 8.2.3564-2",
                "product": {
                  "name": "\u003ccm1 vim 8.2.3564-2",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cm1 vim 8.2.3564-2",
                "product": {
                  "name": "cm1 vim 8.2.3564-2",
                  "product_id": "18971"
                }
              }
            ],
            "category": "product_name",
            "name": "vim"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccm1 vim 8.2.3564-2 as a component of CBL Mariner 1.0",
          "product_id": "16820-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cm1 vim 8.2.3564-2 as a component of CBL Mariner 1.0",
          "product_id": "18971-16820"
        },
        "product_reference": "18971",
        "relates_to_product_reference": "16820"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-3903",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "general",
          "text": "@huntrdev",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "18971-16820"
        ],
        "known_affected": [
          "16820-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-3903 Heap-based Buffer Overflow in vim/vim - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-3903.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2021-11-03T00:00:00.000Z",
          "details": "8.2.3564-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "16820-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 7.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "16820-1"
          ]
        }
      ],
      "title": "Heap-based Buffer Overflow in vim/vim"
    }
  ]
}

RHSA-2024:9405

Vulnerability from csaf_redhat - Published: 2024-11-12 09:06 - Updated: 2026-03-18 02:44

Summary

Red Hat Security Advisory: vim security update

Severity

Low

Notes

Topic: An update for vim is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim: heap-based buffer overflow vulnerability (CVE-2021-3903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2021-3903

vim is vulnerable to Heap-based Buffer Overflow

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Fixed 84 products

Product	Version	Remediation
Unresolved product id: AppStream-9.5.0.GA:vim-2:8.2.2637-21.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-2:8.2.2637-21.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x	—	Vendor Fix fix Workaround
Unresolved product id: BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Low

References

9 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:9405	self
https://docs.redhat.com/en/documentation/red_hat_…	external
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2018558	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2021-3903	self
https://bugzilla.redhat.com/show_bug.cgi?id=2018558	external
https://www.cve.org/CVERecord?id=CVE-2021-3903	external
https://nvd.nist.gov/vuln/detail/CVE-2021-3903	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for vim is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Vim (Vi IMproved) is an updated and improved version of the vi editor.\n\nSecurity Fix(es):\n\n* vim: heap-based buffer overflow vulnerability (CVE-2021-3903)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:9405",
        "url": "https://access.redhat.com/errata/RHSA-2024:9405"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index",
        "url": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#low",
        "url": "https://access.redhat.com/security/updates/classification/#low"
      },
      {
        "category": "external",
        "summary": "2018558",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018558"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9405.json"
      }
    ],
    "title": "Red Hat Security Advisory: vim security update",
    "tracking": {
      "current_release_date": "2026-03-18T02:44:06+00:00",
      "generator": {
        "date": "2026-03-18T02:44:06+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.3"
        }
      },
      "id": "RHSA-2024:9405",
      "initial_release_date": "2024-11-12T09:06:26+00:00",
      "revision_history": [
        {
          "date": "2024-11-12T09:06:26+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-11-12T09:06:26+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-03-18T02:44:06+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.5.0.GA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                  "product_id": "BaseOS-9.5.0.GA",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vim-2:8.2.2637-21.el9.src",
                "product": {
                  "name": "vim-2:8.2.2637-21.el9.src",
                  "product_id": "vim-2:8.2.2637-21.el9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim@8.2.2637-21.el9?arch=src\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vim-filesystem-2:8.2.2637-21.el9.noarch",
                "product": {
                  "name": "vim-filesystem-2:8.2.2637-21.el9.noarch",
                  "product_id": "vim-filesystem-2:8.2.2637-21.el9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-filesystem@8.2.2637-21.el9?arch=noarch\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vim-minimal-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-minimal-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-minimal-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-minimal@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-debugsource-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-debugsource-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-debugsource-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-debugsource@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-X11-debuginfo@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-common-debuginfo@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-debuginfo-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-debuginfo@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-enhanced-debuginfo@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-minimal-debuginfo@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-X11-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-X11-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-X11-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-X11@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-common-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-common-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-common-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-common@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-enhanced-2:8.2.2637-21.el9.aarch64",
                "product": {
                  "name": "vim-enhanced-2:8.2.2637-21.el9.aarch64",
                  "product_id": "vim-enhanced-2:8.2.2637-21.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-enhanced@8.2.2637-21.el9?arch=aarch64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vim-minimal-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-minimal-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-minimal-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-minimal@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-debugsource-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-debugsource-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-debugsource-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-debugsource@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-X11-debuginfo@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-common-debuginfo@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-debuginfo@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-enhanced-debuginfo@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-minimal-debuginfo@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-X11-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-X11-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-X11-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-X11@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-common-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-common-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-common-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-common@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-enhanced-2:8.2.2637-21.el9.ppc64le",
                "product": {
                  "name": "vim-enhanced-2:8.2.2637-21.el9.ppc64le",
                  "product_id": "vim-enhanced-2:8.2.2637-21.el9.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-enhanced@8.2.2637-21.el9?arch=ppc64le\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vim-minimal-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-minimal-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-minimal-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-minimal@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-debugsource-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-debugsource-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-debugsource-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-debugsource@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-X11-debuginfo@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-common-debuginfo@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-debuginfo-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-debuginfo@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-enhanced-debuginfo@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-minimal-debuginfo@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-X11-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-X11-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-X11-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-X11@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-common-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-common-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-common-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-common@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-enhanced-2:8.2.2637-21.el9.x86_64",
                "product": {
                  "name": "vim-enhanced-2:8.2.2637-21.el9.x86_64",
                  "product_id": "vim-enhanced-2:8.2.2637-21.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-enhanced@8.2.2637-21.el9?arch=x86_64\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vim-minimal-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-minimal-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-minimal-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-minimal@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-debugsource-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-debugsource-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-debugsource-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-debugsource@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-X11-debuginfo@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-common-debuginfo@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-debuginfo-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-debuginfo@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-enhanced-debuginfo@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-minimal-debuginfo@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-X11-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-X11-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-X11-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-X11@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-common-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-common-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-common-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-common@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "vim-enhanced-2:8.2.2637-21.el9.s390x",
                "product": {
                  "name": "vim-enhanced-2:8.2.2637-21.el9.s390x",
                  "product_id": "vim-enhanced-2:8.2.2637-21.el9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/vim-enhanced@8.2.2637-21.el9?arch=s390x\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-2:8.2.2637-21.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-2:8.2.2637-21.el9.src"
        },
        "product_reference": "vim-2:8.2.2637-21.el9.src",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-X11-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-X11-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-X11-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-X11-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-common-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-common-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-common-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-common-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debugsource-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-debugsource-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debugsource-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-debugsource-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debugsource-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-debugsource-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debugsource-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-debugsource-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-enhanced-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-enhanced-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-enhanced-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-enhanced-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-filesystem-2:8.2.2637-21.el9.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch"
        },
        "product_reference": "vim-filesystem-2:8.2.2637-21.el9.noarch",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-minimal-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-minimal-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-minimal-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-minimal-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-2:8.2.2637-21.el9.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-2:8.2.2637-21.el9.src"
        },
        "product_reference": "vim-2:8.2.2637-21.el9.src",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-X11-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-X11-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-X11-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-X11-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-common-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-common-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-common-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-common-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-common-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debugsource-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-debugsource-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debugsource-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-debugsource-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debugsource-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-debugsource-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-debugsource-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-debugsource-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-enhanced-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-enhanced-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-enhanced-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-enhanced-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-filesystem-2:8.2.2637-21.el9.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch"
        },
        "product_reference": "vim-filesystem-2:8.2.2637-21.el9.noarch",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-minimal-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-minimal-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-minimal-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-minimal-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64"
        },
        "product_reference": "vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le"
        },
        "product_reference": "vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x"
        },
        "product_reference": "vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64"
        },
        "product_reference": "vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64",
        "relates_to_product_reference": "BaseOS-9.5.0.GA"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-3903",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2021-10-27T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2018558"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "vim is vulnerable to Heap-based Buffer Overflow",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "vim: heap-based buffer overflow vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is marked as Low Impact because it requires a user to run an untrusted/malicious Vim script using the `-s` option at the command line. Untrusted Vim scripts should never be run as they can already execute arbitrary shell commands. The security issue raised by this flaw would be no worse than what is already possible when running untrusted Vim scripts.\n\nVim as shipped in Red Hat Enterprise Linux 8 is not affected by this flaw. The flaw is out of support scope for Red Hat Enterprise Linux 6 and 7.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.5.0.GA:vim-2:8.2.2637-21.el9.src",
          "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64",
          "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
          "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64",
          "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
          "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64",
          "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64",
          "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64",
          "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
          "AppStream-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch",
          "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64",
          "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
          "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
          "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-2:8.2.2637-21.el9.src",
          "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch",
          "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64",
          "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
          "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
          "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
          "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-3903"
        },
        {
          "category": "external",
          "summary": "RHBZ#2018558",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018558"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3903",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-3903"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3903",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3903"
        }
      ],
      "release_date": "2021-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-11-12T09:06:26+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.5.0.GA:vim-2:8.2.2637-21.el9.src",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-2:8.2.2637-21.el9.src",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:9405"
        },
        {
          "category": "workaround",
          "details": "Do not run untrusted vim scripts with -s {scriptin} as it is never safe to do so.",
          "product_ids": [
            "AppStream-9.5.0.GA:vim-2:8.2.2637-21.el9.src",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-2:8.2.2637-21.el9.src",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.5.0.GA:vim-2:8.2.2637-21.el9.src",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
            "AppStream-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-2:8.2.2637-21.el9.src",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-X11-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-X11-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-common-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-common-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-debugsource-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-enhanced-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-enhanced-debuginfo-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-filesystem-2:8.2.2637-21.el9.noarch",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-minimal-2:8.2.2637-21.el9.x86_64",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.aarch64",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.ppc64le",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.s390x",
            "BaseOS-9.5.0.GA:vim-minimal-debuginfo-2:8.2.2637-21.el9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "vim: heap-based buffer overflow vulnerability"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-3903 (GCVE-0-2021-3903)

Solutions

Solutions

Vulnerability from osv_almalinux

Tags

Sightings

Nomenclature