Details of VAR-202112-2539

ID

VAR-202112-2539

CVE

CVE-2021-4193

TITLE

vim Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-017215

DESCRIPTION

vim is vulnerable to Out-of-bounds Read. SourceCoster Online Covid Vaccination Scheduler System is an application system of SourceCoster company. Effectively manage COVID-19 vaccinations with reliable vaccine planning and cohort management solutions. There is a cross-site scripting vulnerability in Sourcecodester Online Covid vaccine Scheduler Systemv1. The vulnerability stems from the lack of escaping or filtering of user data in the lid parameter of the software. Attackers can use this vulnerability to execute arbitrary code through the lid parameter of /scheduler/addSchedule.php . An attacker could possibly use this issue to expose sensitive information. (CVE-2022-0319). Solution: OSP 16.2.z Release - OSP Director Operator Containers 4. Bugs fixed (https://bugzilla.redhat.com/): 2025995 - Rebase tech preview on latest upstream v1.2.x branch 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache 2036784 - osp controller (fencing enabled) in downed state after system manual crash test 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: vim security update Advisory ID: RHSA-2022:0366-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0366 Issue date: 2022-02-01 CVE Names: CVE-2021-3872 CVE-2021-3984 CVE-2021-4019 CVE-2021-4192 CVE-2021-4193 ===================================================================== 1. Summary: An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim: heap-based buffer overflow in win_redr_status() in drawscreen.c (CVE-2021-3872) * vim: illegal memory access in find_start_brace() in cindent.c when C-indenting (CVE-2021-3984) * vim: heap-based buffer overflow in find_help_tags() in help.c (CVE-2021-4019) * vim: use-after-free in win_linetabsize() (CVE-2021-4192) * vim: out-of-bound read in getvcol() (CVE-2021-4193) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2016056 - CVE-2021-3872 vim: heap-based buffer overflow in win_redr_status() in drawscreen.c 2028122 - CVE-2021-3984 vim: illegal memory access in find_start_brace() in cindent.c when C-indenting 2028212 - CVE-2021-4019 vim: heap-based buffer overflow in find_help_tags() in help.c 2039685 - CVE-2021-4192 vim: use-after-free in win_linetabsize() 2039687 - CVE-2021-4193 vim: out-of-bound read in getvcol() 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: vim-X11-8.0.1763-16.el8_5.4.aarch64.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm vim-common-8.0.1763-16.el8_5.4.aarch64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm vim-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm vim-debugsource-8.0.1763-16.el8_5.4.aarch64.rpm vim-enhanced-8.0.1763-16.el8_5.4.aarch64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm noarch: vim-filesystem-8.0.1763-16.el8_5.4.noarch.rpm ppc64le: vim-X11-8.0.1763-16.el8_5.4.ppc64le.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm vim-common-8.0.1763-16.el8_5.4.ppc64le.rpm vim-common-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm vim-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm vim-debugsource-8.0.1763-16.el8_5.4.ppc64le.rpm vim-enhanced-8.0.1763-16.el8_5.4.ppc64le.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm s390x: vim-X11-8.0.1763-16.el8_5.4.s390x.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm vim-common-8.0.1763-16.el8_5.4.s390x.rpm vim-common-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm vim-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm vim-debugsource-8.0.1763-16.el8_5.4.s390x.rpm vim-enhanced-8.0.1763-16.el8_5.4.s390x.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm x86_64: vim-X11-8.0.1763-16.el8_5.4.x86_64.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm vim-common-8.0.1763-16.el8_5.4.x86_64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm vim-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm vim-debugsource-8.0.1763-16.el8_5.4.x86_64.rpm vim-enhanced-8.0.1763-16.el8_5.4.x86_64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: vim-8.0.1763-16.el8_5.4.src.rpm aarch64: vim-X11-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm vim-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm vim-debugsource-8.0.1763-16.el8_5.4.aarch64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm vim-minimal-8.0.1763-16.el8_5.4.aarch64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.4.aarch64.rpm ppc64le: vim-X11-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm vim-common-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm vim-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm vim-debugsource-8.0.1763-16.el8_5.4.ppc64le.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm vim-minimal-8.0.1763-16.el8_5.4.ppc64le.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.4.ppc64le.rpm s390x: vim-X11-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm vim-common-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm vim-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm vim-debugsource-8.0.1763-16.el8_5.4.s390x.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm vim-minimal-8.0.1763-16.el8_5.4.s390x.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.4.s390x.rpm x86_64: vim-X11-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm vim-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm vim-debugsource-8.0.1763-16.el8_5.4.x86_64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm vim-minimal-8.0.1763-16.el8_5.4.x86_64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3872 https://access.redhat.com/security/cve/CVE-2021-3984 https://access.redhat.com/security/cve/CVE-2021-4019 https://access.redhat.com/security/cve/CVE-2021-4192 https://access.redhat.com/security/cve/CVE-2021-4193 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. Summary: Red Hat Advanced Cluster Management for Kubernetes 2.3.6 General Availability release images, which provide security updates and bug fixes. Description: Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/ Security updates: * Nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918) * Nanoid: Information disclosure via valueOf() function (CVE-2021-23566) * Golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565) * Follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155) Bug fixes: * Inform ACM policy is not checking properly the node fields (BZ# 2015588) * ImagePullPolicy is "Always" for multicluster-operators-subscription-rhel8 image (BZ# 2021128) * Traceback blocks reconciliation of helm repository hosted on AWS S3 storage (BZ# 2021576) * RHACM 2.3.6 images (BZ# 2029507) * Console UI enabled SNO UI Options not displayed during cluster creating (BZ# 2030002) * Grc pod restarts for each new GET request to the Governance Policy Page (BZ# 2037351) * Clustersets do not appear in UI (BZ# 2049810) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 2015588 - Inform ACM policy is not checking properly the node fields 2021128 - imagePullPolicy is "Always" for multicluster-operators-subscription-rhel8 image 2021576 - traceback blocks reconciliation of helm repository hosted on AWS S3 storage 2024702 - CVE-2021-3918 nodejs-json-schema: Prototype pollution vulnerability 2029507 - RHACM 2.3.6 images 2030002 - Console UI enabled SNO UI Options not displayed during cluster creating 2030787 - CVE-2021-43565 golang.org/x/crypto: empty plaintext packet causes panic 2037351 - grc pod restarts for each new GET request to the Governance Policy Page 2044556 - CVE-2022-0155 follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor 2049810 - Clustersets do not appear in UI 2050853 - CVE-2021-23566 nanoid: Information disclosure via valueOf() function 5. Solution: For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update: https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html For Red Hat OpenShift Logging 5.3, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1930423 - CVE-2020-28491 jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception 2052539 - CVE-2022-0552 origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409 5. JIRA issues fixed (https://issues.jboss.org/): LOG-2182 - Logging link is not removed when CLO is uninstalled or its instance is removed 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6 macOS Big Sur 11.6.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213256. apache Available for: macOS Big Sur Impact: Multiple issues in apache Description: Multiple issues were addressed by updating apache to version 2.4.53. CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 AppKit Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2022-22665: Lockheed Martin Red Team AppleAVD Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22675: an anonymous researcher AppleGraphicsControl Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative AppleScript Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-26698: Qi Sun of Trend Micro AppleScript Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26697: Qi Sun and Robert Ai of Trend Micro CoreTypes Available for: macOS Big Sur Impact: A malicious application may bypass Gatekeeper checks Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2022-22663: Arsenii Kostromin (0x3c3e) CVMS Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A memory initialization issue was addressed. CVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori CVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori DriverKit Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de) Graphics Drivers Available for: macOS Big Sur Impact: A local user may be able to read kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. CVE-2022-22674: an anonymous researcher Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26720: Liu Long of Ant Security Light-Year Lab Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26770: Liu Long of Ant Security Light-Year Lab Intel Graphics Driver Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26756: Jack Dates of RET2 Systems, Inc Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26769: Antonio Zekic (@antoniozekic) Intel Graphics Driver Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro Zero Day Initiative IOMobileFrameBuffer Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-26768: an anonymous researcher Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-26714: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs (@starlabs_sg) Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-26757: Ned Williamson of Google Project Zero LaunchServices Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with additional permissions checks. CVE-2022-26767: Wojciech Reguła (@_r3ggi) of SecuRing LaunchServices Available for: macOS Big Sur Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions on third-party applications. CVE-2022-26706: Arsenii Kostromin (0x3c3e) libresolv Available for: macOS Big Sur Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-26776: Zubair Ashraf of Crowdstrike, Max Shavrick (@_mxms) of the Google Security Team LibreSSL Available for: macOS Big Sur Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2022-0778 libxml2 Available for: macOS Big Sur Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2022-23308 OpenSSL Available for: macOS Big Sur Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: This issue was addressed with improved checks. CVE-2022-0778 PackageKit Available for: macOS Big Sur Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed by removing the vulnerable code. CVE-2022-26712: Mickey Jin (@patch1t) Printing Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code. CVE-2022-26746: @gorelics Security Available for: macOS Big Sur Impact: A malicious app may be able to bypass signature validation Description: A certificate parsing issue was addressed with improved checks. CVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de) SMB Available for: macOS Big Sur Impact: An application may be able to gain elevated privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26718: Peter Nguyễn Vũ Hoàng of STAR Labs SMB Available for: macOS Big Sur Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26723: Felix Poulin-Belanger SMB Available for: macOS Big Sur Impact: An application may be able to gain elevated privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26715: Peter Nguyễn Vũ Hoàng of STAR Labs SoftwareUpdate Available for: macOS Big Sur Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements. CVE-2022-26728: Mickey Jin (@patch1t) TCC Available for: macOS Big Sur Impact: An app may be able to capture a user's screen Description: This issue was addressed with improved checks. CVE-2022-26726: an anonymous researcher Tcl Available for: macOS Big Sur Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization. CVE-2022-26755: Arsenii Kostromin (0x3c3e) Vim Available for: macOS Big Sur Impact: Multiple issues in Vim Description: Multiple issues were addressed by updating Vim. CVE-2021-4136 CVE-2021-4166 CVE-2021-4173 CVE-2021-4187 CVE-2021-4192 CVE-2021-4193 CVE-2021-46059 CVE-2022-0128 WebKit Available for: macOS Big Sur Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript Description: A validation issue was addressed with improved input sanitization. CVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com) Wi-Fi Available for: macOS Big Sur Impact: A malicious application may disclose restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2022-26745: an anonymous researcher Wi-Fi Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2022-26761: Wang Yu of Cyberserval zip Available for: macOS Big Sur Impact: Processing a maliciously crafted file may lead to a denial of service Description: A denial of service issue was addressed with improved state handling. CVE-2022-0530 zlib Available for: macOS Big Sur Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2018-25032: Tavis Ormandy zsh Available for: macOS Big Sur Impact: A remote attacker may be able to cause arbitrary code execution Description: This issue was addressed by updating to zsh version 5.8.1. CVE-2021-45444 Additional recognition Bluetooth We would like to acknowledge Jann Horn of Project Zero for their assistance. macOS Big Sur 11.6.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TUACgkQeC9qKD1p rhgJBg/9HpPp6P2OtFdYHigfaoga/3szMAjXC650MlC2rF1lXyTRVsO54eupz4er K8Iud3+YnDVTUKkadftWt2XdxAADGtfEFhJW584RtnWjeli+XtGEjQ8jD1/MNPJW qtnrOh2pYG9SxolKDofhiecbYxIGppRKSDRFl0/3VGFed2FIpiRDunlttHBEhHu/ vZVSFzMrNbGvhju+ZCdwFLKXOgB851aRSeo9Xkt63tSGiee7rLmVAINyFbbPwcVP yXwMvn0TNodCBn0wBWD0+iQ3UXIDIYSPaM1Z0BQxVraEhK3Owro3JKgqNbWswMvj SY0KUulbAPs3aOeyz1BI70npYA3+Qwd+bk2hxbzbU/AxvxCrsEk04QfxLYqvj0mR VZYPcup2KAAkiTeekQ5X739r8NAyaaI+bp7FllFv/Z2jVW9kGgNIFr46R05MD9NF aC1JAZtJ4VWbMEGHnHAMrOgdGaHpryvzl2BjUXRgW27vIq5uF5YiNcpjS2BezTFc R2ojiMNRB33Y44LlH7Zv3gHm4bE3+NzcGeWvBzwOsHznk9Jiv6x2eBUxkttMlPyO zymQMONQN3bktSMT8JnmJ8rlEgISONd7NeTEzuhlGIWaWNAFmmBoPnBiPk+yC3n4 d22yFs6DLp2pJ+0zOWmTcqt1xYng05Jwj4F0KT49w0TO9Up79+o= =rtPl -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. gVim is the GUI version of Vim. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060 Description ========== Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Vim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060" All gVim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060" All vim-core users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060" References ========= [ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 2.34

sources: NVD: CVE-2021-4193 // JVNDB: JVNDB-2021-017215 // VULHUB: VHN-410614 // VULMON: CVE-2021-4193 // PACKETSTORM: 166308 // PACKETSTORM: 165813 // PACKETSTORM: 166204 // PACKETSTORM: 166179 // PACKETSTORM: 167188 // PACKETSTORM: 168124

AFFECTED PRODUCTS

vendor:	vim	model:	vim	scope:	lt	version:	8.2.3950	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	12.3	Trust: 1.0
vendor:	apple	model:	macos	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.6.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	-	version:	-	Trust: 0.8
vendor:	vim	model:	vim	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-017215 // NVD: CVE-2021-4193

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-4193
value:	MEDIUM
Trust: 1.0
security@huntr.dev:	CVE-2021-4193
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-4193
value:	MEDIUM
Trust: 0.8
VULHUB:	VHN-410614
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-4193
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-4193
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-410614
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

security@huntr.dev:	CVE-2021-4193
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2021-4193
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-410614 // VULMON: CVE-2021-4193 // JVNDB: JVNDB-2021-017215 // NVD: CVE-2021-4193 // NVD: CVE-2021-4193

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.1
problemtype:	Out-of-bounds read (CWE-125) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-410614 // JVNDB: JVNDB-2021-017215 // NVD: CVE-2021-4193

TYPE

overflow

Trust: 0.1

sources: PACKETSTORM: 165813

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-410614

PATCH

title:	HT213343	url:	https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html	Trust: 0.8
title:	Red Hat: Important: Red Hat OpenShift GitOps security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220476 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: vim security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220366 - Security Advisory	Trust: 0.1
title:	Red Hat: CVE-2021-4193	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-4193	Trust: 0.1
title:	Red Hat: Moderate: OpenShift Logging bug fix and security update (5.3.5)	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220721 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: USN-5458-1: Vim vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5458-1	Trust: 0.1
title:	Red Hat: Important: Red Hat Advanced Cluster Management 2.3.6 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220595 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Single Sign-On 7.4.10 on OpenJ9 for OpenShift image security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220445 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Single Sign-On 7.4.10 on OpenJDK for OpenShift image security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220444 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Red Hat Advanced Cluster Management 2.4.2 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220735 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Release of containers for OSP 16.2 director operator tech preview	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220842 - Security Advisory	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2022-1557	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1557	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.2.11 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220856 - Security Advisory	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2022-1743	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1743	Trust: 0.1
title:	Amazon Linux 2022: ALAS2022-2022-014	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-014	Trust: 0.1
title:	Apple: macOS Monterey 12.3	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=f1105c4a20da11497b610b14a1668180	Trust: 0.1
title:	Apple: Security Update 2022-005 Catalina	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=b71ee1a3b689c178ee5a5bc823295063	Trust: 0.1

sources: VULMON: CVE-2021-4193 // JVNDB: JVNDB-2021-017215

EXTERNAL IDS

db:	NVD	id:	CVE-2021-4193	Trust: 3.4
db:	OPENWALL	id:	OSS-SECURITY/2022/01/15/1	Trust: 1.2
db:	JVNDB	id:	JVNDB-2021-017215	Trust: 0.8
db:	PACKETSTORM	id:	165813	Trust: 0.2
db:	PACKETSTORM	id:	166179	Trust: 0.2
db:	PACKETSTORM	id:	167188	Trust: 0.2
db:	PACKETSTORM	id:	166204	Trust: 0.2
db:	PACKETSTORM	id:	166199	Trust: 0.1
db:	PACKETSTORM	id:	165930	Trust: 0.1
db:	PACKETSTORM	id:	165902	Trust: 0.1
db:	PACKETSTORM	id:	165917	Trust: 0.1
db:	PACKETSTORM	id:	167368	Trust: 0.1
db:	PACKETSTORM	id:	167789	Trust: 0.1
db:	PACKETSTORM	id:	166319	Trust: 0.1
db:	CNVD	id:	CNVD-2022-09304	Trust: 0.1
db:	VULHUB	id:	VHN-410614	Trust: 0.1
db:	VULMON	id:	CVE-2021-4193	Trust: 0.1
db:	PACKETSTORM	id:	166308	Trust: 0.1
db:	PACKETSTORM	id:	168124	Trust: 0.1

sources: VULHUB: VHN-410614 // VULMON: CVE-2021-4193 // JVNDB: JVNDB-2021-017215 // PACKETSTORM: 166308 // PACKETSTORM: 165813 // PACKETSTORM: 166204 // PACKETSTORM: 166179 // PACKETSTORM: 167188 // PACKETSTORM: 168124 // NVD: CVE-2021-4193

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2021-4193	Trust: 1.3
url:	https://support.apple.com/kb/ht213183	Trust: 1.2
url:	https://support.apple.com/kb/ht213256	Trust: 1.2
url:	https://support.apple.com/kb/ht213343	Trust: 1.2
url:	https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0	Trust: 1.2
url:	http://seclists.org/fulldisclosure/2022/mar/29	Trust: 1.2
url:	http://seclists.org/fulldisclosure/2022/may/35	Trust: 1.2
url:	http://seclists.org/fulldisclosure/2022/jul/14	Trust: 1.2
url:	https://security.gentoo.org/glsa/202208-32	Trust: 1.2
url:	https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b	Trust: 1.2
url:	https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html	Trust: 1.2
url:	http://www.openwall.com/lists/oss-security/2022/01/15/1	Trust: 1.2
url:	https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3fh2j57gda2wmbs6j56f6qqra6bxqqfz/	Trust: 1.0
url:	https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4192	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-3984	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-4193	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-3872	Trust: 0.4
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.4
url:	https://access.redhat.com/security/team/contact/	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-4019	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2021-4192	Trust: 0.4
url:	https://bugzilla.redhat.com/):	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3872	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4019	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3984	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3521	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-4122	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-3521	Trust: 0.3
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3fh2j57gda2wmbs6j56f6qqra6bxqqfz/	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-42574	Trust: 0.2
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3712	Trust: 0.2
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4122	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-46059	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0128	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4187	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4173	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4136	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4166	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/125.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0476	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5458-1	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17595	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-19603	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3445	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33560	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13435	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19603	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-35942	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14155	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16135	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3200	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20231	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22925	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17594	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20232	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-28153	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5827	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24370	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3572	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27645	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12762	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-36086	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-13750	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-18218	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-44716	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13750	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20232	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13751	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3426	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3572	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20838	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22898	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-18218	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0842	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22876	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3580	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-27645	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33574	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20231	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-13435	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3426	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12762	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-14155	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-5827	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-16135	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28153	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-36084	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24370	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17595	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17594	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3800	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20838	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-36087	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22925	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3200	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3445	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22898	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33574	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-36085	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-13751	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22876	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33560	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0366	Trust: 0.1
url:	https://access.redhat.com/security/team/key/	Trust: 0.1
url:	https://access.redhat.com/articles/11258	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4034	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0155	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4034	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20321	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-42739	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3918	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4155	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-25704	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-43565	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-20612	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-42739	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23566	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0185	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3918	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-43565	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25704	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-42574	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0185	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4155	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36322	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-20612	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-20617	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20321	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0595	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3712	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23566	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-20617	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0155	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36322	Trust: 0.1
url:	https://issues.jboss.org/):	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0552	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0721	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0552	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-28491	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-28491	Trust: 0.1
url:	https://support.apple.com/downloads/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22721	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-23308	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22589	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22663	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-44790	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22674	Trust: 0.1
url:	https://support.apple.com/ht213256.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0530	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-44224	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26698	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26697	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0778	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-45444	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25032	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22675	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22720	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26706	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22665	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26712	Trust: 0.1
url:	https://support.apple.com/en-us/ht201222.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0361	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2129	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0261	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0413	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0943	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1927	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3796	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2175	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0408	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2286	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2126	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1886	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1771	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1851	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2000	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2287	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0158	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1674	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0417	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1968	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1621	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0318	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2284	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2288	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0392	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2345	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2257	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1154	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0368	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0443	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2124	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2343	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1381	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1735	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0714	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2125	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3778	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1733	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2207	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0629	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1629	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0393	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2183	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0156	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4069	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1616	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2264	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3927	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1619	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0685	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2304	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1620	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0319	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1898	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3974	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2344	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0351	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3928	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3968	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1785	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0213	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1796	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0729	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2206	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1720	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3770	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1769	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1897	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2289	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0359	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3973	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1420	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2042	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2182	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1160	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2231	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2285	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2208	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1942	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2210	Trust: 0.1

CREDITS

Red Hat

Trust: 0.4

sources: PACKETSTORM: 166308 // PACKETSTORM: 165813 // PACKETSTORM: 166204 // PACKETSTORM: 166179

SOURCES

db:	VULHUB	id:	VHN-410614
db:	VULMON	id:	CVE-2021-4193
db:	JVNDB	id:	JVNDB-2021-017215
db:	PACKETSTORM	id:	166308
db:	PACKETSTORM	id:	165813
db:	PACKETSTORM	id:	166204
db:	PACKETSTORM	id:	166179
db:	PACKETSTORM	id:	167188
db:	PACKETSTORM	id:	168124
db:	NVD	id:	CVE-2021-4193

LAST UPDATE DATE

2024-11-20T20:34:41.173000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-410614	date:	2022-11-09T00:00:00
db:	VULMON	id:	CVE-2021-4193	date:	2022-07-22T00:00:00
db:	JVNDB	id:	JVNDB-2021-017215	date:	2023-01-10T06:08:00
db:	NVD	id:	CVE-2021-4193	date:	2023-11-07T03:40:20.307

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-410614	date:	2021-12-31T00:00:00
db:	VULMON	id:	CVE-2021-4193	date:	2021-12-31T00:00:00
db:	JVNDB	id:	JVNDB-2021-017215	date:	2023-01-10T00:00:00
db:	PACKETSTORM	id:	166308	date:	2022-03-15T15:41:45
db:	PACKETSTORM	id:	165813	date:	2022-02-02T16:48:00
db:	PACKETSTORM	id:	166204	date:	2022-03-04T16:17:56
db:	PACKETSTORM	id:	166179	date:	2022-03-02T16:50:31
db:	PACKETSTORM	id:	167188	date:	2022-05-17T16:59:42
db:	PACKETSTORM	id:	168124	date:	2022-08-22T16:01:59
db:	NVD	id:	CVE-2021-4193	date:	2021-12-31T16:15:07.747