Lucene search
Veracode Vulnerability DatabaseVERACODE:36701HistoryAug 12, 2022 - 11:30 p.m.
Out-of-Bounds Read
2022-08-1223:30:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
23
0.001 Low
EPSS
Percentile
45.9%
vim is vulnerable to out-of-bound reads. Vulnerability exists in the msg_outtrans_special function in message.c to cause an out-of-bounds read that can crash the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| vim:sid | eq | 2:8.2.2434-3 | |
| vim:sid | eq | 2:8.2.1913-1+b2 | |
| vim:sid | eq | 2:8.2.2434-3 | |
| vim:sid | eq | 2:8.2.1913-1+b2 |
References
github.com/vim/vim/commit/083692d598139228e101b8c521aaef7bcf256e9a
huntr.dev/bounties/ca581f80-03ba-472a-b820-78f7fd05fe89
lists.fedoraproject.org/archives/list/[email protected]/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/
lists.fedoraproject.org/archives/list/[email protected]/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/
security-tracker.debian.org/tracker/CVE-2022-2257
security.gentoo.org/glsa/202208-32
security.gentoo.org/glsa/202305-16
Related
cbl_mariner
cbl_mariner
CVE-2022-2257 affecting package vim for versions less than 9.0.0050-2
2022-08-03 21:15:04
CVE-2022-2257 affecting package vim 8.2.5172-1
2022-08-12 16:45:08
nessus
nessus
EulerOS 2.0 SP5 : vim (EulerOS-SA-2022-2714)
2022-11-04 00:00:00
CBL Mariner 2.0 Security Update: vim (CVE-2022-2257)
2023-03-20 00:00:00
EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2703)
2022-11-02 00:00:00
cnvd
cnvd
Vim Buffer Overflow Vulnerability (CNVD-2022-68095)
2022-07-04 00:00:00
huntr
huntr
Out-of-bound read in function msg_outtrans_special
2022-06-28 00:59:19
cve
cve
CVE-2022-2257
2022-06-30 21:15:10
alpinelinux
alpinelinux
CVE-2022-2257
2022-06-30 21:15:10
nvd
nvd
CVE-2022-2257
2022-06-30 21:15:10
cvelist
cvelist
CVE-2022-2257 Out-of-bounds Read in vim/vim
2022-06-30 00:00:00
redhatcve
redhatcve
CVE-2022-2257
2022-07-01 14:36:13
prion
prion
Design/Logic Flaw
2022-06-30 21:15:00
openvas
openvas
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-2714)
2022-11-04 00:00:00
Fedora: Security Advisory for vim (FEDORA-2022-b06fbea2c7)
2022-07-15 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-2949)
2022-12-30 00:00:00
ubuntucve
ubuntucve
CVE-2022-2257
2022-06-30 00:00:00
debiancve
debiancve
CVE-2022-2257
2022-06-30 21:15:10
cloudlinux
cloudlinux
Fixed 7 CVEs in vim
2022-07-18 19:07:58
fedora
fedora
[SECURITY] Fedora 36 Update: vim-9.0.049-1.fc36
2022-07-14 01:49:09
[SECURITY] Fedora 35 Update: vim-9.0.049-1.fc35
2022-07-21 17:10:23
osv
osv
vim vulnerabilities
2023-08-03 08:06:12
cloudfoundry
cloudfoundry
USN-6270-1: Vim vulnerabilities | Cloud Foundry
2023-10-05 00:00:00
ubuntu
ubuntu
Vim vulnerabilities
2023-08-03 00:00:00
suse
suse
Security update for vim (important)
2022-09-09 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0380
2023-04-25 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0568
2023-04-19 00:00:00
mageia
mageia
Updated vim packages fix security vulnerability
2022-11-19 01:50:51
gentoo
gentoo
Vim, gVim: Multiple Vulnerabilities
2023-05-03 00:00:00
Vim, gVim: Multiple Vulnerabilities
2022-08-21 00:00:00
hp
hp
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00
avleonov
avleonov