var-202204-0838
Vulnerability from variot
global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution. vim/vim Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32
https://security.gentoo.org/
Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32
Synopsis
Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service.
Background
Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060
Description
Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Vim users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060"
All gVim users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060"
All vim-core users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060"
References
[ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-32
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202204-0838", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "vim", "scope": "lt", "trust": 1.0, "vendor": "vim", "version": "8.2.4763" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "36" }, { "model": "macos", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "13.0" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "35" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "34" }, { "model": "fedora", "scope": null, "trust": 0.8, "vendor": "fedora", "version": null }, { "model": "macos", "scope": null, "trust": 0.8, "vendor": "\u30a2\u30c3\u30d7\u30eb", "version": null }, { "model": "vim", "scope": null, "trust": 0.8, "vendor": "vim", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "db": "NVD", "id": "CVE-2022-1381" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "8.2.4763", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "13.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2022-1381" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gentoo", "sources": [ { "db": "PACKETSTORM", "id": "168124" }, { "db": "PACKETSTORM", "id": "172122" } ], "trust": 0.2 }, "cve": "CVE-2022-1381", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 6.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2022-1381", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-419494", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "HIGH", "attackVector": "LOCAL", "author": "security@huntr.dev", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 1.4, "impactScore": 5.8, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-1381", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2022-1381", "trust": 1.8, "value": "HIGH" }, { "author": "security@huntr.dev", "id": "CVE-2022-1381", "trust": 1.0, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202204-3649", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-419494", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2022-1381", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-419494" }, { "db": "VULMON", "id": "CVE-2022-1381" }, { "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "db": "NVD", "id": "CVE-2022-1381" }, { "db": "NVD", "id": "CVE-2022-1381" }, { "db": "CNNVD", "id": "CNNVD-202204-3649" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution. vim/vim Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202208-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: Vim, gVim: Multiple Vulnerabilities\n Date: August 21, 2022\n Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231\n ID: 202208-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in Vim, the worst of which\ncould result in denial of service. \n\nBackground\n=========\nVim is an efficient, highly configurable improved version of the classic\n\u2018vi\u2019 text editor. gVim is the GUI version of Vim. \n\nAffected packages\n================\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-editors/gvim \u003c 9.0.0060 \u003e= 9.0.0060\n 2 app-editors/vim \u003c 9.0.0060 \u003e= 9.0.0060\n 3 app-editors/vim-core \u003c 9.0.0060 \u003e= 9.0.0060\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in Vim and gVim. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll Vim users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-editors/vim-9.0.0060\"\n\nAll gVim users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-editors/gvim-9.0.0060\"\n\nAll vim-core users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-editors/vim-core-9.0.0060\"\n\nReferences\n=========\n[ 1 ] CVE-2021-3770\n https://nvd.nist.gov/vuln/detail/CVE-2021-3770\n[ 2 ] CVE-2021-3778\n https://nvd.nist.gov/vuln/detail/CVE-2021-3778\n[ 3 ] CVE-2021-3796\n https://nvd.nist.gov/vuln/detail/CVE-2021-3796\n[ 4 ] CVE-2021-3872\n https://nvd.nist.gov/vuln/detail/CVE-2021-3872\n[ 5 ] CVE-2021-3875\n https://nvd.nist.gov/vuln/detail/CVE-2021-3875\n[ 6 ] CVE-2021-3927\n https://nvd.nist.gov/vuln/detail/CVE-2021-3927\n[ 7 ] CVE-2021-3928\n https://nvd.nist.gov/vuln/detail/CVE-2021-3928\n[ 8 ] CVE-2021-3968\n https://nvd.nist.gov/vuln/detail/CVE-2021-3968\n[ 9 ] CVE-2021-3973\n https://nvd.nist.gov/vuln/detail/CVE-2021-3973\n[ 10 ] CVE-2021-3974\n https://nvd.nist.gov/vuln/detail/CVE-2021-3974\n[ 11 ] CVE-2021-3984\n https://nvd.nist.gov/vuln/detail/CVE-2021-3984\n[ 12 ] CVE-2021-4019\n https://nvd.nist.gov/vuln/detail/CVE-2021-4019\n[ 13 ] CVE-2021-4069\n https://nvd.nist.gov/vuln/detail/CVE-2021-4069\n[ 14 ] CVE-2021-4136\n https://nvd.nist.gov/vuln/detail/CVE-2021-4136\n[ 15 ] CVE-2021-4166\n https://nvd.nist.gov/vuln/detail/CVE-2021-4166\n[ 16 ] CVE-2021-4173\n https://nvd.nist.gov/vuln/detail/CVE-2021-4173\n[ 17 ] CVE-2021-4187\n https://nvd.nist.gov/vuln/detail/CVE-2021-4187\n[ 18 ] CVE-2021-4192\n https://nvd.nist.gov/vuln/detail/CVE-2021-4192\n[ 19 ] CVE-2021-4193\n https://nvd.nist.gov/vuln/detail/CVE-2021-4193\n[ 20 ] CVE-2021-46059\n https://nvd.nist.gov/vuln/detail/CVE-2021-46059\n[ 21 ] CVE-2022-0128\n https://nvd.nist.gov/vuln/detail/CVE-2022-0128\n[ 22 ] CVE-2022-0156\n https://nvd.nist.gov/vuln/detail/CVE-2022-0156\n[ 23 ] CVE-2022-0158\n https://nvd.nist.gov/vuln/detail/CVE-2022-0158\n[ 24 ] CVE-2022-0213\n https://nvd.nist.gov/vuln/detail/CVE-2022-0213\n[ 25 ] CVE-2022-0261\n https://nvd.nist.gov/vuln/detail/CVE-2022-0261\n[ 26 ] CVE-2022-0318\n https://nvd.nist.gov/vuln/detail/CVE-2022-0318\n[ 27 ] CVE-2022-0319\n https://nvd.nist.gov/vuln/detail/CVE-2022-0319\n[ 28 ] CVE-2022-0351\n https://nvd.nist.gov/vuln/detail/CVE-2022-0351\n[ 29 ] CVE-2022-0359\n https://nvd.nist.gov/vuln/detail/CVE-2022-0359\n[ 30 ] CVE-2022-0361\n https://nvd.nist.gov/vuln/detail/CVE-2022-0361\n[ 31 ] CVE-2022-0368\n https://nvd.nist.gov/vuln/detail/CVE-2022-0368\n[ 32 ] CVE-2022-0392\n https://nvd.nist.gov/vuln/detail/CVE-2022-0392\n[ 33 ] CVE-2022-0393\n https://nvd.nist.gov/vuln/detail/CVE-2022-0393\n[ 34 ] CVE-2022-0407\n https://nvd.nist.gov/vuln/detail/CVE-2022-0407\n[ 35 ] CVE-2022-0408\n https://nvd.nist.gov/vuln/detail/CVE-2022-0408\n[ 36 ] CVE-2022-0413\n https://nvd.nist.gov/vuln/detail/CVE-2022-0413\n[ 37 ] CVE-2022-0417\n https://nvd.nist.gov/vuln/detail/CVE-2022-0417\n[ 38 ] CVE-2022-0443\n https://nvd.nist.gov/vuln/detail/CVE-2022-0443\n[ 39 ] CVE-2022-0554\n https://nvd.nist.gov/vuln/detail/CVE-2022-0554\n[ 40 ] CVE-2022-0629\n https://nvd.nist.gov/vuln/detail/CVE-2022-0629\n[ 41 ] CVE-2022-0685\n https://nvd.nist.gov/vuln/detail/CVE-2022-0685\n[ 42 ] CVE-2022-0714\n https://nvd.nist.gov/vuln/detail/CVE-2022-0714\n[ 43 ] CVE-2022-0729\n https://nvd.nist.gov/vuln/detail/CVE-2022-0729\n[ 44 ] CVE-2022-0943\n https://nvd.nist.gov/vuln/detail/CVE-2022-0943\n[ 45 ] CVE-2022-1154\n https://nvd.nist.gov/vuln/detail/CVE-2022-1154\n[ 46 ] CVE-2022-1160\n https://nvd.nist.gov/vuln/detail/CVE-2022-1160\n[ 47 ] CVE-2022-1381\n https://nvd.nist.gov/vuln/detail/CVE-2022-1381\n[ 48 ] CVE-2022-1420\n https://nvd.nist.gov/vuln/detail/CVE-2022-1420\n[ 49 ] CVE-2022-1616\n https://nvd.nist.gov/vuln/detail/CVE-2022-1616\n[ 50 ] CVE-2022-1619\n https://nvd.nist.gov/vuln/detail/CVE-2022-1619\n[ 51 ] CVE-2022-1620\n https://nvd.nist.gov/vuln/detail/CVE-2022-1620\n[ 52 ] CVE-2022-1621\n https://nvd.nist.gov/vuln/detail/CVE-2022-1621\n[ 53 ] CVE-2022-1629\n https://nvd.nist.gov/vuln/detail/CVE-2022-1629\n[ 54 ] CVE-2022-1674\n https://nvd.nist.gov/vuln/detail/CVE-2022-1674\n[ 55 ] CVE-2022-1720\n https://nvd.nist.gov/vuln/detail/CVE-2022-1720\n[ 56 ] CVE-2022-1733\n https://nvd.nist.gov/vuln/detail/CVE-2022-1733\n[ 57 ] CVE-2022-1735\n https://nvd.nist.gov/vuln/detail/CVE-2022-1735\n[ 58 ] CVE-2022-1769\n https://nvd.nist.gov/vuln/detail/CVE-2022-1769\n[ 59 ] CVE-2022-1771\n https://nvd.nist.gov/vuln/detail/CVE-2022-1771\n[ 60 ] CVE-2022-1785\n https://nvd.nist.gov/vuln/detail/CVE-2022-1785\n[ 61 ] CVE-2022-1796\n https://nvd.nist.gov/vuln/detail/CVE-2022-1796\n[ 62 ] CVE-2022-1851\n https://nvd.nist.gov/vuln/detail/CVE-2022-1851\n[ 63 ] CVE-2022-1886\n https://nvd.nist.gov/vuln/detail/CVE-2022-1886\n[ 64 ] CVE-2022-1897\n https://nvd.nist.gov/vuln/detail/CVE-2022-1897\n[ 65 ] CVE-2022-1898\n https://nvd.nist.gov/vuln/detail/CVE-2022-1898\n[ 66 ] CVE-2022-1927\n https://nvd.nist.gov/vuln/detail/CVE-2022-1927\n[ 67 ] CVE-2022-1942\n https://nvd.nist.gov/vuln/detail/CVE-2022-1942\n[ 68 ] CVE-2022-1968\n https://nvd.nist.gov/vuln/detail/CVE-2022-1968\n[ 69 ] CVE-2022-2000\n https://nvd.nist.gov/vuln/detail/CVE-2022-2000\n[ 70 ] CVE-2022-2042\n https://nvd.nist.gov/vuln/detail/CVE-2022-2042\n[ 71 ] CVE-2022-2124\n https://nvd.nist.gov/vuln/detail/CVE-2022-2124\n[ 72 ] CVE-2022-2125\n https://nvd.nist.gov/vuln/detail/CVE-2022-2125\n[ 73 ] CVE-2022-2126\n https://nvd.nist.gov/vuln/detail/CVE-2022-2126\n[ 74 ] CVE-2022-2129\n https://nvd.nist.gov/vuln/detail/CVE-2022-2129\n[ 75 ] CVE-2022-2175\n https://nvd.nist.gov/vuln/detail/CVE-2022-2175\n[ 76 ] CVE-2022-2182\n https://nvd.nist.gov/vuln/detail/CVE-2022-2182\n[ 77 ] CVE-2022-2183\n https://nvd.nist.gov/vuln/detail/CVE-2022-2183\n[ 78 ] CVE-2022-2206\n https://nvd.nist.gov/vuln/detail/CVE-2022-2206\n[ 79 ] CVE-2022-2207\n https://nvd.nist.gov/vuln/detail/CVE-2022-2207\n[ 80 ] CVE-2022-2208\n https://nvd.nist.gov/vuln/detail/CVE-2022-2208\n[ 81 ] CVE-2022-2210\n https://nvd.nist.gov/vuln/detail/CVE-2022-2210\n[ 82 ] CVE-2022-2231\n https://nvd.nist.gov/vuln/detail/CVE-2022-2231\n[ 83 ] CVE-2022-2257\n https://nvd.nist.gov/vuln/detail/CVE-2022-2257\n[ 84 ] CVE-2022-2264\n https://nvd.nist.gov/vuln/detail/CVE-2022-2264\n[ 85 ] CVE-2022-2284\n https://nvd.nist.gov/vuln/detail/CVE-2022-2284\n[ 86 ] CVE-2022-2285\n https://nvd.nist.gov/vuln/detail/CVE-2022-2285\n[ 87 ] CVE-2022-2286\n https://nvd.nist.gov/vuln/detail/CVE-2022-2286\n[ 88 ] CVE-2022-2287\n https://nvd.nist.gov/vuln/detail/CVE-2022-2287\n[ 89 ] CVE-2022-2288\n https://nvd.nist.gov/vuln/detail/CVE-2022-2288\n[ 90 ] CVE-2022-2289\n https://nvd.nist.gov/vuln/detail/CVE-2022-2289\n[ 91 ] CVE-2022-2304\n https://nvd.nist.gov/vuln/detail/CVE-2022-2304\n[ 92 ] CVE-2022-2343\n https://nvd.nist.gov/vuln/detail/CVE-2022-2343\n[ 93 ] CVE-2022-2344\n https://nvd.nist.gov/vuln/detail/CVE-2022-2344\n[ 94 ] CVE-2022-2345\n https://nvd.nist.gov/vuln/detail/CVE-2022-2345\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202208-32\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2022-1381" }, { "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "db": "VULHUB", "id": "VHN-419494" }, { "db": "VULMON", "id": "CVE-2022-1381" }, { "db": "PACKETSTORM", "id": "168124" }, { "db": "PACKETSTORM", "id": "172122" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-1381", "trust": 3.6 }, { "db": "JVNDB", "id": "JVNDB-2022-009751", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2023.0019", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.5300", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.3002", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022052018", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022062022", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022061208", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202204-3649", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-419494", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2022-1381", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "168124", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "172122", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-419494" }, { "db": "VULMON", "id": "CVE-2022-1381" }, { "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "db": "PACKETSTORM", "id": "168124" }, { "db": "PACKETSTORM", "id": "172122" }, { "db": "NVD", "id": "CVE-2022-1381" }, { "db": "CNNVD", "id": "CNNVD-202204-3649" } ] }, "id": "VAR-202204-0838", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-419494" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:36:06.558000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "\"\u00a0in\u00a0Ex\u00a0mode Apple Apple\u00a0Security\u00a0Updates", "trust": 0.8, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kvpzve2cie2ngchzdmehpbwn3lk2uqaa/" }, { "title": "vim Buffer error vulnerability fix", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=190687" }, { "title": "Red Hat: ", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2022-1381" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-1381" }, { "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "db": "CNNVD", "id": "CNNVD-202204-3649" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-122", "trust": 1.1 }, { "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-419494" }, { "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "db": "NVD", "id": "CVE-2022-1381" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://huntr.dev/bounties/55f9c0e8-c221-48b6-a00e-bdcaebaba4a4" }, { "trust": 2.5, "url": "http://seclists.org/fulldisclosure/2022/oct/28" }, { "trust": 2.5, "url": "http://seclists.org/fulldisclosure/2022/oct/41" }, { "trust": 1.8, "url": "https://security.gentoo.org/glsa/202208-32" }, { "trust": 1.8, "url": "https://github.com/vim/vim/commit/f50808ed135ab973296bca515ae4029b321afe47" }, { "trust": 1.7, "url": "https://support.apple.com/kb/ht213488" }, { "trust": 1.7, "url": "https://security.gentoo.org/glsa/202305-16" }, { "trust": 1.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1381" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/kvpzve2cie2ngchzdmehpbwn3lk2uqaa/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/x6e457nyoirwbjhkb7on44uy5avtg4hu/" }, { "trust": 0.8, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kvpzve2cie2ngchzdmehpbwn3lk2uqaa/" }, { "trust": 0.8, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/x6e457nyoirwbjhkb7on44uy5avtg4hu/" }, { "trust": 0.7, "url": "https://access.redhat.com/security/cve/cve-2022-1381" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.0019" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022062022" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/vim-buffer-overflow-via-skip-range-38137" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.5300" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3002" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-1381/" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022061208" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022052018" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2129" }, { "trust": 0.2, "url": "https://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1927" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2175" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2286" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2126" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1886" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1771" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1851" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2000" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2287" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1674" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1968" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1621" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2284" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2288" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2345" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2257" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1154" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2124" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2343" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1735" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2125" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1733" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2207" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1629" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2183" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1616" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2264" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1619" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2304" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1620" }, { "trust": 0.2, "url": "https://bugs.gentoo.org." }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1898" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2344" }, { "trust": 0.2, "url": "https://security.gentoo.org/" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1785" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1796" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2206" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1720" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1769" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1897" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2289" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1420" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2042" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2182" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1160" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2231" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2285" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2208" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1942" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2210" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/787.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0361" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0261" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0413" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0943" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3796" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0408" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0158" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0417" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0407" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0318" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0392" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0368" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0128" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0554" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0443" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0714" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4193" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3778" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3984" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0629" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0393" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0156" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4069" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4166" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3927" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0685" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0319" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3974" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0351" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3928" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4019" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3968" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0213" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0729" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-46059" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3770" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0359" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3973" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4187" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4173" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3872" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3875" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4192" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4136" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2845" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2816" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2862" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3256" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3296" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3153" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3705" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3235" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2889" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0051" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2923" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2982" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3520" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-4293" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3099" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2874" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3016" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3278" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-47024" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0054" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-4141" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2819" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2946" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-0049" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2849" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3324" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2980" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2817" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2522" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3591" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-4292" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3134" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3297" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3352" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3491" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1725" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-3234" } ], "sources": [ { "db": "VULHUB", "id": "VHN-419494" }, { "db": "VULMON", "id": "CVE-2022-1381" }, { "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "db": "PACKETSTORM", "id": "168124" }, { "db": "PACKETSTORM", "id": "172122" }, { "db": "NVD", "id": "CVE-2022-1381" }, { "db": "CNNVD", "id": "CNNVD-202204-3649" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-419494" }, { "db": "VULMON", "id": "CVE-2022-1381" }, { "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "db": "PACKETSTORM", "id": "168124" }, { "db": "PACKETSTORM", "id": "172122" }, { "db": "NVD", "id": "CVE-2022-1381" }, { "db": "CNNVD", "id": "CNNVD-202204-3649" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-04-18T00:00:00", "db": "VULHUB", "id": "VHN-419494" }, { "date": "2022-04-18T00:00:00", "db": "VULMON", "id": "CVE-2022-1381" }, { "date": "2023-08-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "date": "2022-08-22T16:01:59", "db": "PACKETSTORM", "id": "168124" }, { "date": "2023-05-03T15:29:00", "db": "PACKETSTORM", "id": "172122" }, { "date": "2022-04-18T01:15:10.183000", "db": "NVD", "id": "CVE-2022-1381" }, { "date": "2022-04-18T00:00:00", "db": "CNNVD", "id": "CNNVD-202204-3649" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-11-04T00:00:00", "db": "VULHUB", "id": "VHN-419494" }, { "date": "2022-04-30T00:00:00", "db": "VULMON", "id": "CVE-2022-1381" }, { "date": "2023-08-08T06:27:00", "db": "JVNDB", "id": "JVNDB-2022-009751" }, { "date": "2023-11-07T03:41:54.423000", "db": "NVD", "id": "CVE-2022-1381" }, { "date": "2023-05-04T00:00:00", "db": "CNNVD", "id": "CNNVD-202204-3649" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202204-3649" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "vim/vim\u00a0 Out-of-bounds write vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-009751" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202204-3649" } ], "trust": 0.6 } }