Lucene search
Veracode Vulnerability DatabaseVERACODE:34176HistoryFeb 14, 2022 - 1:59 a.m.
Information Disclosure
2022-02-1401:59:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.001 Low
EPSS
Percentile
41.1%
vim is vulnerable to information disclosure. The vulnerability exists due to a use after free in :lopen and :bwipe allowing an attacker to use the buffer that has already been freed.
References
github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461
huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51
lists.debian.org/debian-lts-announce/2022/05/msg00022.html
lists.debian.org/debian-lts-announce/2022/11/msg00009.html
lists.fedoraproject.org/archives/list/[email protected]/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
lists.fedoraproject.org/archives/list/[email protected]/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
secdb.alpinelinux.org/edge/main.yaml
security.gentoo.org/glsa/202208-32
Related
debiancve
debiancve
CVE-2022-0443
2022-02-02 21:15:07
cbl_mariner
cbl_mariner
CVE-2022-0443 affecting package vim for versions less than 8.2.4743-1
2022-04-26 20:17:05
CVE-2022-0443 affecting package vim 8.2.4151-1
2022-02-25 01:45:45
cvelist
cvelist
CVE-2022-0443 Use After Free in vim/vim
2022-02-02 00:00:00
prion
prion
Design/Logic Flaw
2022-02-02 21:15:00
huntr
huntr
None in vim/vim
2022-01-31 11:25:01
nvd
nvd
CVE-2022-0443
2022-02-02 21:15:07
cve
cve
CVE-2022-0443
2022-02-02 21:15:07
redhatcve
redhatcve
CVE-2022-0443
2022-02-03 14:07:05
osv
osv
CVE-2022-0443
2022-02-02 21:15:00
vim vulnerabilities
2022-06-02 12:21:05
vim - security update
2022-05-16 00:00:00
cnvd
cnvd
vim resource management error vulnerability (CNVD-2022-09246)
2022-02-08 00:00:00
alpinelinux
alpinelinux
CVE-2022-0443
2022-02-02 21:15:07
ubuntucve
ubuntucve
CVE-2022-0443
2022-02-02 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0363
2022-02-16 00:00:00
Important Photon OS Security Update - PHSA-2022-0156
2022-02-21 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0363
2022-02-18 00:00:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2022-0413, CVE-2022-0417, CVE-2022-0408, CVE-2022-0443
2022-02-21 17:56:22
fedora
fedora
[SECURITY] Fedora 35 Update: vim-8.2.4314-1.fc35
2022-02-11 01:24:10
[SECURITY] Fedora 34 Update: vim-8.2.4460-1.fc34
2022-02-25 17:03:47
openvas
openvas
Fedora: Security Advisory for vim (FEDORA-2022-da2fb07efb)
2022-02-11 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-1918)
2022-06-17 00:00:00
Ubuntu: Security Advisory (USN-5458-1)
2022-08-26 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-1918)
2022-06-17 00:00:00
Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5458-1)
2022-06-02 00:00:00
Debian DLA-3011-1 : vim - LTS security update
2022-05-17 00:00:00
debian
debian
[SECURITY] [DLA 3011-1] vim security update
2022-05-16 19:42:09
[SECURITY] [DLA 3182-1] vim security update
2022-11-08 14:54:53
ubuntu
ubuntu
Vim vulnerabilities
2022-06-02 00:00:00
Vim vulnerabilities
2023-04-19 00:00:00
amazon
amazon
Medium: vim
2022-04-04 23:48:00
Medium: vim
2022-05-31 23:50:00
cloudfoundry
cloudfoundry
USN-6026-1: Vim vulnerabilities | Cloud Foundry
2023-04-24 00:00:00
mageia
mageia
Updated vim packages fix security vulnerability
2022-05-25 21:46:18
gentoo
gentoo
Vim, gVim: Multiple Vulnerabilities
2022-08-21 00:00:00
avleonov
avleonov