Lucene search
UbuntuUSN-5836-1HistoryJan 31, 2023 - 12:00 a.m.
Vim vulnerabilities
2023-01-3100:00:00
ubuntu.com
67
vim
vulnerabilities
memory management
ubuntu 16.04 esm
14.04 esm
denial of service
arbitrary code
cve-2022-47024
cve-2023-0049
cve-2023-0054
cve-2023-0288
cve-2023-0433
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.4
Confidence
High
EPSS
0.002
Percentile
53.0%
Releases
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Packages
- vim - Vi IMproved - enhanced vi editor
Details
It was discovered that Vim was not properly performing memory management
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. (CVE-2022-47024, CVE-2023-0049,
CVE-2023-0054, CVE-2023-0288, CVE-2023-0433)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 16.04 | noarch | vim | < 2:7.4.1689-3ubuntu1.5+esm15 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-athena | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-athena-dbgsym | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-athena-py2 | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-athena-py2-dbgsym | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-common | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-common-dbgsym | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-dbgsym | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
| Ubuntu | 16.04 | noarch | vim-doc | < 2:7.4.1689-3ubuntu1.5 | UNKNOWN |
Related
openvas
openvas
Ubuntu: Security Advisory (USN-5836-1)
2023-02-01 00:00:00
openSUSE: Security Advisory for vim (SUSE-SU-2023:0211-1)
2024-03-04 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2023-1796)
2023-05-08 00:00:00
nessus
nessus
Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5836-1)
2023-01-31 00:00:00
EulerOS 2.0 SP11 : vim (EulerOS-SA-2023-1796)
2023-05-08 00:00:00
EulerOS 2.0 SP11 : vim (EulerOS-SA-2023-1774)
2023-05-08 00:00:00
osv
osv
vim vulnerabilities
2023-01-31 16:42:04
vim vulnerabilities
2023-03-20 11:59:48
CVE-2022-47024
2023-01-20 19:15:17
ubuntu
ubuntu
Vim vulnerabilities
2023-03-20 00:00:00
cloudfoundry
cloudfoundry
USN-5963-1: Vim vulnerabilities | Cloud Foundry
2023-04-29 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: vim-9.0.1293-1.fc37
2023-02-13 00:45:18
[SECURITY] Fedora 36 Update: vim-9.0.1307-1.fc36
2023-02-18 01:29:26
[SECURITY] Fedora 36 Update: vim-9.0.1160-1.fc36
2023-01-12 01:35:38
mageia
mageia
Updated vim packages fix security vulnerability
2023-03-02 00:14:31
Updated vim packages fix security vulnerability
2023-01-24 10:58:25
redos
redos
ROS-20230127-02
2023-01-27 00:00:00
ROS-20230112-02
2023-01-12 00:00:00
ROS-20230124-02
2023-01-24 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0529
2023-02-09 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0324
2023-01-31 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0330
2023-02-09 00:00:00
cvelist
cvelist
CVE-2022-47024
2023-01-20 00:00:00
CVE-2023-0054 Out-of-bounds Write in vim/vim
2023-01-04 00:00:00
CVE-2023-0049 Out-of-bounds Read in vim/vim
2023-01-04 00:00:00
rocky
rocky
vim security update
2023-04-06 15:53:31
prion
prion
Null pointer dereference
2023-01-20 19:15:00
Design/Logic Flaw
2023-01-04 19:15:00
Design/Logic Flaw
2023-01-04 16:15:00
almalinux
almalinux
Moderate: vim security update
2023-02-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-02-14 00:43:16
Out-of-bounds Write
2023-02-03 17:08:13
Out-of-bounds Write
2023-02-03 17:08:12
rosalinux
rosalinux
Advisory ROSA-SA-2023-2268
2023-10-22 06:02:22
amazon
amazon
alpinelinux
alpinelinux
ubuntucve
ubuntucve
oraclelinux
oraclelinux
vim security update
2023-02-28 00:00:00
redhat
redhat
(RHSA-2023:0958) Moderate: vim security update
2023-02-28 07:53:04
redhatcve
redhatcve
debiancve
debiancve
nvd
nvd
cve
cve
huntr
huntr
Out-of-bounds Write in function do_string_sub
2023-01-03 13:48:35
Out-of-bounds Read in function build_stl_str_hl
2023-01-03 12:08:28
Heap-based Buffer Overflow in function ml_append_int
2023-01-12 01:56:33
cbl_mariner
cbl_mariner
CVE-2023-0054 affecting package vim 9.0.0982-1
2023-01-29 21:01:58
CVE-2023-0054 affecting package vim for versions less than 9.0.1145-1
2023-01-20 06:36:23
CVE-2023-0049 affecting package vim 9.0.0982-1
2023-01-29 21:01:58
cnvd
cnvd
Binary vulnerability exists in vim (CNVD-2023-09166)
2023-01-05 00:00:00
Binary vulnerability exists in vim (CNVD-2023-09648)
2023-01-05 00:00:00
Binary vulnerability exists in Vim (CNVD-2023-18122)
2023-01-13 00:00:00
cloudlinux
cloudlinux
vim: Fix of CVE-2023-0049
2023-01-27 10:03:50
vim: Fix of CVE-2023-0433
2023-02-02 21:34:22
slackware
slackware
[slackware-security] vim
2023-01-26 00:41:46
[slackware-security] vim
2023-01-05 03:14:23
debian
debian
[SECURITY] [DLA 3453-1] vim security update
2023-06-12 17:41:27
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.4
Confidence
High
EPSS
0.002
Percentile
53.0%
Related for USN-5836-1