Lucene search
UbuntuUSN-5498-1HistoryJun 30, 2022 - 12:00 a.m.
Vim vulnerabilities
2022-06-3000:00:00
ubuntu.com
83
vim
ubuntu
memory handling
arbitrary code
security flaw
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0.003
Percentile
66.8%
Releases
- Ubuntu 16.04 ESM
Packages
- vim - Vi IMproved - enhanced vi editor
Details
It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 16.04 | noarch | vim | < 2:7.4.1689-3ubuntu1.5+esm8 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-athena | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-athena-dbgsym | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-athena-py2 | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-athena-py2-dbgsym | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-common | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-common-dbgsym | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-dbgsym | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-doc | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
Related
openvas
openvas
Ubuntu: Security Advisory (USN-5498-1)
2022-08-26 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-2237)
2022-08-18 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-2263)
2022-08-18 00:00:00
osv
osv
vim vulnerabilities
2022-06-30 14:54:40
CVE-2022-1851
2022-05-25 13:15:00
CVE-2022-1629
2022-05-10 14:15:00
nessus
nessus
Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5498-1)
2022-06-30 00:00:00
Photon OS 3.0: Vim PHSA-2022-3.0-0404
2024-07-24 00:00:00
Photon OS 4.0: Vim PHSA-2022-4.0-0199
2024-07-23 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0404
2022-06-12 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0404
2022-06-12 00:00:00
Critical Photon OS Security Update - PHSA-2022-0487
2022-06-20 00:00:00
cloudlinux
cloudlinux
Fixed CVEs in vim: CVE-2022-1785, CVE-2022-1796
2022-06-06 15:31:35
Fixed CVEs in vim: CVE-2022-1735, CVE-2022-1733
2022-05-30 17:53:05
redos
redos
ROS-20220525-01
2022-05-25 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: vim-8.2.5046-1.fc34
2022-06-05 01:34:26
[SECURITY] Fedora 36 Update: vim-8.2.5046-1.fc36
2022-06-02 01:34:59
[SECURITY] Fedora 35 Update: vim-8.2.5052-1.fc35
2022-06-07 01:48:25
alpinelinux
alpinelinux
cbl_mariner
cbl_mariner
CVE-2022-1629 affecting package vim 8.2.4774-1
2022-06-15 17:03:10
CVE-2022-1851 affecting package vim 8.2.4774-1
2022-06-15 17:03:10
CVE-2022-1851 affecting package vim for versions less than 8.2.5064-1
2022-06-26 03:29:39
prion
prion
Buffer overflow
2022-05-10 14:15:00
Design/Logic Flaw
2022-05-19 16:15:00
Design/Logic Flaw
2022-05-25 13:15:00
redhatcve
redhatcve
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-1629
2022-11-03 18:21:37
cve
cve
huntr
huntr
Out-of-bounds read in function gchar_cursor
2022-05-23 04:14:40
Buffer Over-read in function find_next_quote
2022-05-08 04:01:59
Use After Free in function find_pattern_in_path
2022-05-25 08:51:17
ubuntucve
ubuntucve
veracode
veracode
Out-of-Bounds Read
2022-06-14 10:42:06
Out-of-bounds Write
2022-08-09 13:37:17
Use-After-Free
2022-06-14 13:42:37
debiancve
debiancve
nvd
nvd
altlinux
altlinux
Security fix for the ALT Linux 9 package vim version 4:8.2.5019-alt1
2022-06-02 00:00:00
Security fix for the ALT Linux 10 package vim version 4:8.2.5019-alt1
2022-05-31 00:00:00
cvelist
cvelist
CVE-2022-1851 Out-of-bounds Read in vim/vim
2022-05-25 00:00:00
CVE-2022-1898 Use After Free in vim/vim
2022-05-27 00:00:00
CVE-2022-1733 Heap-based Buffer Overflow in vim/vim
2022-05-17 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2215
2023-08-15 09:26:16
ubuntu
ubuntu
Vim vulnerabilities
2023-04-04 00:00:00
cloudfoundry
cloudfoundry
USN-5995-1: Vim vulnerabilities | Cloud Foundry
2023-04-24 00:00:00
cnvd
cnvd
Vim Resource Management Error Vulnerability (CNVD-2022-20100)
2022-03-09 00:00:00
mageia
mageia
Updated vim packages fix security vulnerability
2022-06-09 23:49:47
oraclelinux
oraclelinux
vim security update
2022-07-01 00:00:00
vim security update
2022-08-10 00:00:00
vim security update
2022-08-05 00:00:00
almalinux
almalinux
Moderate: vim security update
2022-06-30 00:00:00
Moderate: vim security update
2022-08-09 00:00:00
Moderate: vim security update
2022-08-03 00:00:00
redhat
redhat
(RHSA-2022:5319) Moderate: vim security update
2022-06-28 10:52:18
(RHSA-2022:5942) Moderate: vim security update
2022-08-09 09:32:59
rocky
rocky
vim security update
2022-06-28 10:52:18
vim security update
2022-08-02 06:59:03
vim security update
2022-08-09 09:32:59
amazon
amazon
Medium: vim
2022-07-19 01:26:00
Medium: vim
2022-07-28 20:41:00
debian
debian
[SECURITY] [DLA 3053-1] vim security update
2022-06-20 12:11:57
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0.003
Percentile
66.8%
Related for USN-5498-1