Lucene search
Veracode Vulnerability DatabaseVERACODE:36410HistoryJul 18, 2022 - 11:52 p.m.
Denial Of Service (DoS)
2022-07-1823:52:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.001 Low
EPSS
Percentile
42.3%
vim is vulnerable to denial of service. The vulnerabilty is in spell_dump_compl fucntion in `spell.c’ where an attacker can crash the application through the stack-based buffer overflow.
References
github.com/vim/vim/commit/54e5fed6d27b747ff152cdb6edfb72ff60e70939
huntr.dev/bounties/eb7402f3-025a-402f-97a7-c38700d9548a
lists.debian.org/debian-lts-announce/2022/11/msg00009.html
lists.fedoraproject.org/archives/list/[email protected]/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/
lists.fedoraproject.org/archives/list/[email protected]/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/
secdb.alpinelinux.org/edge/main.yaml
security.gentoo.org/glsa/202208-32
security.gentoo.org/glsa/202305-16
Related
cbl_mariner
cbl_mariner
CVE-2022-2304 affecting package vim for versions less than 9.0.0050-2
2022-08-03 21:15:04
CVE-2022-2304 affecting package vim 8.2.5172-1
2022-08-12 16:45:08
osv
osv
CVE-2022-2304
2022-07-05 13:15:00
vim vulnerabilities
2022-11-14 19:34:02
vim vulnerabilities
2023-04-04 08:58:38
prion
prion
Stack overflow
2022-07-05 13:15:00
cnvd
cnvd
Vim Buffer Overflow Vulnerability (CNVD-2022-68101)
2022-07-07 00:00:00
cve
cve
CVE-2022-2304
2022-07-05 13:15:08
cvelist
cvelist
CVE-2022-2304 Stack-based Buffer Overflow in vim/vim
2022-07-05 00:00:00
huntr
huntr
Stack-based Buffer Overflow in function spell_dump_compl
2022-06-29 08:50:34
nessus
nessus
CBL Mariner 2.0 Security Update: vim (CVE-2022-2304)
2023-03-20 00:00:00
Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5723-1)
2022-11-15 00:00:00
EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-2451)
2022-10-08 00:00:00
ubuntucve
ubuntucve
CVE-2022-2304
2022-07-05 00:00:00
debiancve
debiancve
CVE-2022-2304
2022-07-05 13:15:08
redhatcve
redhatcve
CVE-2022-2304
2022-07-06 08:35:58
alpinelinux
alpinelinux
CVE-2022-2304
2022-07-05 13:15:08
nvd
nvd
CVE-2022-2304
2022-07-05 13:15:08
cloudlinux
cloudlinux
Fixed CVEs in vim: CVE-2022-2289, CVE-2022-2304
2022-07-26 16:42:23
openvas
openvas
Ubuntu: Security Advisory (USN-5723-1)
2022-11-15 00:00:00
Fedora: Security Advisory for vim (FEDORA-2022-b06fbea2c7)
2022-07-15 00:00:00
Fedora: Security Advisory for vim (FEDORA-2022-9d7a58e376)
2022-07-22 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: vim-9.0.049-1.fc36
2022-07-14 01:49:09
[SECURITY] Fedora 35 Update: vim-9.0.049-1.fc35
2022-07-21 17:10:23
ubuntu
ubuntu
Vim vulnerabilities
2022-11-14 00:00:00
Vim vulnerabilities
2023-04-04 00:00:00
cloudfoundry
cloudfoundry
USN-5995-1: Vim vulnerabilities | Cloud Foundry
2023-04-24 00:00:00
debian
debian
[SECURITY] [DLA 3182-1] vim security update
2022-11-08 14:54:53
suse
suse
Security update for vim (important)
2022-09-09 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0380
2023-04-25 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0568
2023-04-19 00:00:00
mageia
mageia
Updated vim packages fix security vulnerability
2022-11-19 01:50:51
gentoo
gentoo
Vim, gVim: Multiple Vulnerabilities
2023-05-03 00:00:00
Vim, gVim: Multiple Vulnerabilities
2022-08-21 00:00:00
avleonov
avleonov