Lucene search
CloudLinuxCLSA-2022:1653006752HistoryMay 20, 2022 - 12:32 a.m.
Fixed CVEs in vim: CVE-2022-1620, CVE-2022-1616, CVE-2022-1629, CVE-2022-1621, CVE-2022-1619
2022-05-2000:32:32
repo.cloudlinux.com
57
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.01 Low
EPSS
Percentile
84.0%
- CVE-2022-1619: fix going before the command line start with latin1 encoding
- CVE-2022-1620: fix NULL pointer dereference when using invalig regexp
- CVE-2022-1621: fix to avoid adding invalid bytes with :spellgood
- CVE-2022-1629: fix reading past end of line if ended with trailing backslash
- CVE-2022-1616: fix buffer overflow with invalid command with composing chars
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Centos | 6 | x86_64 | vim-enhanced | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els12.src.rpm |
| Centos | 6 | x86_64 | vim-minimal | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els12.src.rpm |
| Centos | 6 | x86_64 | vim-filesystem | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els12.src.rpm |
| Centos | 6 | x86_64 | vim-common | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els12.src.rpm |
| Centos | 6 | x86_64 | vim-x11 | < 7.4.629 | vim-7.4.629-5.2.el6.tuxcare.els12.src.rpm |
Related
fedora
fedora
[SECURITY] Fedora 34 Update: vim-8.2.4927-1.fc34
2022-05-18 01:25:20
[SECURITY] Fedora 36 Update: vim-8.2.4927-1.fc36
2022-05-11 01:22:58
[SECURITY] Fedora 35 Update: vim-8.2.4927-1.fc35
2022-05-11 01:27:18
openvas
openvas
Fedora: Security Advisory for vim (FEDORA-2022-8df66cdbef)
2022-05-18 00:00:00
Fedora: Security Advisory for vim (FEDORA-2022-e92c3ce170)
2022-05-12 00:00:00
Fedora: Security Advisory for vim (FEDORA-2022-f0db3943d9)
2022-05-12 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0397
2022-05-26 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0397
2022-05-26 00:00:00
Critical Photon OS Security Update - PHSA-2022-0189
2022-05-27 00:00:00
nessus
nessus
EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-2123)
2022-07-14 00:00:00
EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2173)
2022-07-29 00:00:00
EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-2014)
2022-07-08 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package vim version 4:8.2.5019-alt1
2022-06-02 00:00:00
Security fix for the ALT Linux 10 package vim version 4:8.2.5019-alt1
2022-05-31 00:00:00
cloudfoundry
cloudfoundry
USN-5613-1: Vim vulnerabilities | Cloud Foundry
2022-09-29 00:00:00
osv
osv
vim vulnerabilities
2022-09-15 11:04:50
Moderate: vim security update
2022-06-30 00:00:00
Moderate: vim security update
2022-06-28 10:52:18
oraclelinux
oraclelinux
vim security update
2022-07-01 00:00:00
vim security update
2022-06-30 00:00:00
almalinux
almalinux
Moderate: vim security update
2022-06-30 00:00:00
Moderate: vim security update
2022-07-01 00:00:00
ubuntu
ubuntu
Vim vulnerabilities
2022-09-15 00:00:00
Vim regression
2022-09-19 00:00:00
Vim vulnerabilities
2022-06-06 00:00:00
redhat
redhat
(RHSA-2022:5319) Moderate: vim security update
2022-06-28 10:52:18
(RHSA-2022:5242) Moderate: vim security update
2022-06-28 08:27:06
(RHSA-2022:5704) Moderate: ACS 3.71 enhancement and security update
2022-07-25 21:38:29
redos
redos
ROS-20220516-11
2022-05-16 00:00:00
ROS-20220525-01
2022-05-25 00:00:00
rocky
rocky
vim security update
2022-06-28 10:52:18
ubuntucve
ubuntucve
cve
cve
nvd
nvd
redhatcve
redhatcve
alpinelinux
alpinelinux
prion
prion
Buffer overflow
2022-05-10 14:15:00
Design/Logic Flaw
2022-05-07 19:15:00
Heap overflow
2022-05-08 10:15:00
cbl_mariner
cbl_mariner
CVE-2022-1629 affecting package vim 8.2.4774-1
2022-06-15 17:03:10
CVE-2022-1621 affecting package vim 8.2.4774-1
2022-06-15 17:03:10
CVE-2022-1620 affecting package vim 8.2.4774-1
2022-06-15 17:03:10
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-1629
2022-11-03 18:21:37
debian
debian
[SECURITY] [DLA 3011-1] vim security update
2022-05-16 19:42:09
[SECURITY] [DLA 3204-1] vim security update
2022-11-24 09:17:54
debiancve
debiancve
huntr
huntr
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729
2022-04-28 02:42:11
Buffer Over-read in function find_next_quote
2022-05-08 04:01:59
Use after free in append_command
2022-04-28 20:53:58
cvelist
cvelist
CVE-2022-1620 NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in vim/vim
2022-05-08 00:00:00
CVE-2022-1616 Use after free in append_command in vim/vim
2022-05-07 00:00:00
CVE-2022-1629 Buffer Over-read in function find_next_quote in vim/vim
2022-05-10 00:00:00
veracode
veracode
Use-After-Free
2022-05-30 15:13:24
Out-of-bounds Read
2022-05-20 08:42:46
Denial Of Service (DoS)
2022-05-20 08:45:16
rosalinux
rosalinux
Advisory ROSA-SA-2023-2215
2023-08-15 09:26:16
mageia
mageia
Updated vim packages fix security vulnerability
2022-05-25 21:46:18
amazon
amazon
Medium: vim
2022-07-19 01:26:00
Medium: vim
2022-07-28 20:41:00
suse
suse
Security update for vim (important)
2022-06-16 00:00:00
gentoo
gentoo
Vim, gVim: Multiple Vulnerabilities
2023-05-03 00:00:00
Vim, gVim: Multiple Vulnerabilities
2022-08-21 00:00:00
apple
apple
About the security content of macOS Ventura 13
2022-10-24 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.01 Low
EPSS
Percentile
84.0%
Related for CLSA-2022:1653006752