Lucene search
Veracode Vulnerability DatabaseVERACODE:36706HistoryAug 13, 2022 - 10:42 a.m.
Denial Of Service (DoS)
2022-08-1310:42:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
0.001 Low
EPSS
Percentile
47.2%
vim is vulnerable to denial of service. The vulnerability exists due to heap based overflow in ins_compl_add of insexpand.c which allows an attacker to cause an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| vim:sid | eq | 2:8.2.2434-3 | |
| vim:sid | le | 2:8.2.2434-3 | |
| vim:sid | eq | 2:8.2.2434-3 | |
| vim:sid | le | 2:8.2.2434-3 |
References
bugzilla.suse.com/show_bug.cgi?id=1201359
github.com/advisories/GHSA-868g-c3hc-28w2
github.com/vim/vim/commit/baefde14550231f6468ac2ed2ed495bc381c0c92
huntr.dev/bounties/4a095ed9-3125-464a-b656-c31b437e1996
lists.fedoraproject.org/archives/list/[email protected]/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/
security-tracker.debian.org/tracker/CVE-2022-2344
security.gentoo.org/glsa/202208-32
security.gentoo.org/glsa/202305-16
Related
redhatcve
redhatcve
CVE-2022-2344
2022-07-13 14:14:36
cbl_mariner
cbl_mariner
CVE-2022-2344 affecting package vim for versions less than 9.0.0050-2
2022-08-03 21:15:04
CVE-2022-2344 affecting package vim 8.2.5172-1
2022-08-12 16:45:08
cvelist
cvelist
CVE-2022-2344 Heap-based Buffer Overflow in vim/vim
2022-07-08 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: vim (CVE-2022-2344)
2023-03-20 00:00:00
Amazon Linux AMI : vim (ALAS-2022-1639)
2022-10-21 00:00:00
EulerOS 2.0 SP10 : vim (EulerOS-SA-2022-2423)
2022-10-08 00:00:00
huntr
huntr
Heap-based buffer overflow in function ins_compl_add
2022-07-06 16:38:19
debiancve
debiancve
CVE-2022-2344
2022-07-08 19:15:08
ubuntucve
ubuntucve
CVE-2022-2344
2022-07-08 00:00:00
nvd
nvd
CVE-2022-2344
2022-07-08 19:15:08
cnvd
cnvd
Vim Buffer Overflow Vulnerability (CNVD-2022-68100)
2022-07-12 00:00:00
alpinelinux
alpinelinux
CVE-2022-2344
2022-07-08 19:15:08
prion
prion
Heap overflow
2022-07-08 19:15:00
cve
cve
CVE-2022-2344
2022-07-08 19:15:08
cloudlinux
cloudlinux
openvas
openvas
Fedora: Security Advisory for vim (FEDORA-2022-9d7a58e376)
2022-07-22 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-2436)
2022-10-10 00:00:00
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-2423)
2022-10-10 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: vim-9.0.049-1.fc35
2022-07-21 17:10:23
ubuntu
ubuntu
Vim vulnerabilities
2023-04-04 00:00:00
cloudfoundry
cloudfoundry
USN-5995-1: Vim vulnerabilities | Cloud Foundry
2023-04-24 00:00:00
osv
osv
vim vulnerabilities
2023-04-04 08:58:38
suse
suse
Security update for vim (important)
2022-09-09 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0380
2023-04-25 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0568
2023-04-19 00:00:00
mageia
mageia
Updated vim packages fix security vulnerability
2022-11-19 01:50:51
gentoo
gentoo
Vim, gVim: Multiple Vulnerabilities
2023-05-03 00:00:00
Vim, gVim: Multiple Vulnerabilities
2022-08-21 00:00:00
avleonov
avleonov