Lucene search
Veracode Vulnerability DatabaseVERACODE:36898HistorySep 01, 2022 - 12:17 p.m.
Denial Of Service (DoS)
2022-09-0112:17:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
denial of service
vulnerability
memory
application crash
software
EPSS
0.001
Percentile
39.3%
vim is vulnerable to denial of service. The vulnerability exists because of using freed memory with multiple line breaks in expression which allows an attacker to cause an application crash.
References
github.com/vim/vim/commit/91c7cbfe31bbef57d5fcf7d76989fc159f73ef15
huntr.dev/bounties/d1ac9817-825d-49ce-b514-1d5b12b6bdaa
lists.fedoraproject.org/archives/list/[email protected]/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/
security-tracker.debian.org/tracker/CVE-2022-2889
security.gentoo.org/glsa/202305-16
Related
alpinelinux
alpinelinux
CVE-2022-2889
2022-08-19 13:15:08
openvas
openvas
Slackware: Security Advisory (SSA:2022-232-01)
2022-08-22 00:00:00
Fedora: Security Advisory for vim (FEDORA-2022-3b33d04743)
2022-09-03 00:00:00
Mageia: Security Advisory (MGASA-2022-0377)
2022-10-19 00:00:00
nvd
nvd
CVE-2022-2889
2022-08-19 13:15:08
cnvd
cnvd
Vim Resource Management Error Vulnerability (CNVD-2022-59203)
2022-08-23 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-2889 affecting package vim for versions less than 9.0.0325-1
2022-09-16 06:05:42
CVE-2022-2889 affecting package vim 9.0.0181-1
2022-09-17 05:56:39
cve
cve
CVE-2022-2889
2022-08-19 13:15:08
huntr
huntr
Use After Free in function find_var_also_in_script
2022-08-17 00:03:52
ubuntucve
ubuntucve
CVE-2022-2889
2022-08-19 00:00:00
cvelist
cvelist
CVE-2022-2889 Use After Free in vim/vim
2022-08-19 00:00:00
prion
prion
Design/Logic Flaw
2022-08-19 13:15:00
slackware
slackware
[slackware-security] vim
2022-08-20 20:09:46
nessus
nessus
Slackware Linux 15.0 / current vim Vulnerability (SSA:2022-232-01)
2022-08-22 00:00:00
Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS : Vim vulnerabilities (USN-6302-1)
2023-08-21 00:00:00
Amazon Linux 2 : vim (ALAS-2022-1868)
2022-10-21 00:00:00
redhatcve
redhatcve
CVE-2022-2889
2022-08-19 17:39:04
debiancve
debiancve
CVE-2022-2889
2022-08-19 13:15:08
mageia
mageia
Updated golang packages fix security vulnerability
2022-10-19 02:14:56
Updated vim packages fix security vulnerability
2022-11-19 01:50:51
fedora
fedora
[SECURITY] Fedora 35 Update: vim-9.0.246-1.fc35
2022-09-01 09:56:13
ubuntu
ubuntu
Vim vulnerabilities
2023-08-21 00:00:00
cloudfoundry
cloudfoundry
USN-6302-1: Vim vulnerabilities | Cloud Foundry
2023-10-05 00:00:00
osv
osv
vim vulnerabilities
2023-08-21 05:45:06
gvim-9.0.0453-2.1 on GA media
2024-06-15 00:00:00
amazon
amazon
Low: vim
2022-10-17 21:46:00
ibm
ibm
suse
suse
Security update for vim (important)
2022-09-09 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0380
2023-04-25 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0568
2023-04-19 00:00:00
gentoo
gentoo
Vim, gVim: Multiple Vulnerabilities
2023-05-03 00:00:00
avleonov
avleonov