Details of VAR-202202-0047

ID

VAR-202202-0047

CVE

CVE-2022-0714

TITLE

vim/vim Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-006016

DESCRIPTION

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. vim/vim Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. Background ========= Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060 Description ========== Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Vim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060" All gVim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060" All vim-core users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060" References ========= [ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-5460-1 June 06, 2022 vim vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: Several security issues were fixed in Vim. Software Description: - vim: Vi IMproved - enhanced vi editor Details: It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. (CVE-2022-0554) It was discovered that Vim was not properly performing bounds checks for column numbers when replacing tabs with spaces or spaces with tabs, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0572) It was discovered that Vim was not properly performing validation of data that contained special multi-byte characters, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0685) It was discovered that Vim was incorrectly processing data used to define indentation in a file, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0714) It was discovered that Vim was incorrectly processing certain regular expression patterns and strings, which could cause an out-of-bounds read. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0729) It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0943) It was discovered that Vim was incorrectly performing bounds checks when processing invalid commands with composing characters in Ex mode, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1616) It was discovered that Vim was not properly processing latin1 data when issuing Ex commands, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1619) It was discovered that Vim was not properly performing memory management when dealing with invalid regular expression patterns in buffers, which could cause a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-1620) It was discovered that Vim was not properly processing invalid bytes when performing spell check operations, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-1621) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: vim 2:7.4.1689-3ubuntu1.5+esm6 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5460-1 CVE-2022-0554, CVE-2022-0572, CVE-2022-0685, CVE-2022-0714, CVE-2022-0729, CVE-2022-0943, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1621

Trust: 1.98

sources: NVD: CVE-2022-0714 // JVNDB: JVNDB-2022-006016 // VULHUB: VHN-415705 // VULMON: CVE-2022-0714 // PACKETSTORM: 168124 // PACKETSTORM: 167419

AFFECTED PRODUCTS

vendor:	vim	model:	vim	scope:	lte	version:	8.2.4436	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	13.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	35	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	vim	model:	vim	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-006016 // NVD: CVE-2022-0714

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-0714
value:	MEDIUM
Trust: 1.0
security@huntr.dev:	CVE-2022-0714
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-0714
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202202-1737
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-415705
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-0714
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-0714
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-415705
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-0714
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
security@huntr.dev:	CVE-2022-0714
baseSeverity:	HIGH
baseScore:	8.4
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.5
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2022-0714
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-415705 // VULMON: CVE-2022-0714 // JVNDB: JVNDB-2022-006016 // CNNVD: CNNVD-202202-1737 // NVD: CVE-2022-0714 // NVD: CVE-2022-0714

PROBLEMTYPE DATA

problemtype:	CWE-122	Trust: 1.1
problemtype:	CWE-787	Trust: 1.1
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-415705 // JVNDB: JVNDB-2022-006016 // NVD: CVE-2022-0714

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202202-1737

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202202-1737

PATCH

title:	HT213488	url:	https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html	Trust: 0.8
title:	Red Hat:	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2022-0714	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2022-1579	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1579	Trust: 0.1
title:	Amazon Linux 2022: ALAS2022-2022-077	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-077	Trust: 0.1

sources: VULMON: CVE-2022-0714 // JVNDB: JVNDB-2022-006016

EXTERNAL IDS

db:	NVD	id:	CVE-2022-0714	Trust: 3.6
db:	PACKETSTORM	id:	167419	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-006016	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.2791	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.1056	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5300	Trust: 0.6
db:	CS-HELP	id:	SB2022022221	Trust: 0.6
db:	CS-HELP	id:	SB2022060635	Trust: 0.6
db:	CNNVD	id:	CNNVD-202202-1737	Trust: 0.6
db:	VULHUB	id:	VHN-415705	Trust: 0.1
db:	VULMON	id:	CVE-2022-0714	Trust: 0.1
db:	PACKETSTORM	id:	168124	Trust: 0.1

sources: VULHUB: VHN-415705 // VULMON: CVE-2022-0714 // JVNDB: JVNDB-2022-006016 // PACKETSTORM: 168124 // PACKETSTORM: 167419 // CNNVD: CNNVD-202202-1737 // NVD: CVE-2022-0714

REFERENCES

url:	http://seclists.org/fulldisclosure/2022/oct/41	Trust: 2.5
url:	https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3	Trust: 1.8
url:	https://security.gentoo.org/glsa/202208-32	Trust: 1.8
url:	https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html	Trust: 1.8
url:	https://support.apple.com/kb/ht213488	Trust: 1.7
url:	http://seclists.org/fulldisclosure/2022/oct/28	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0714	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7zlehvp4lnager4zdguds5v5yvqd6inf/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/hbuyqbz6gwawjrwp7aodj4khw5bckdvp/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7zlehvp4lnager4zdguds5v5yvqd6inf/	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/hbuyqbz6gwawjrwp7aodj4khw5bckdvp/	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2022-0714	Trust: 0.7
url:	https://cxsecurity.com/cveshow/cve-2022-0714/	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022022221	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.1056	Trust: 0.6
url:	https://vigilance.fr/vulnerability/vim-buffer-overflow-via-change-indent-37649	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.2791	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5300	Trust: 0.6
url:	https://support.apple.com/en-us/ht213488	Trust: 0.6
url:	https://packetstormsecurity.com/files/167419/ubuntu-security-notice-usn-5460-1.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022060635	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0943	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1621	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0554	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1616	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1619	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0685	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1620	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0729	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://alas.aws.amazon.com/alas-2022-1579.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0361	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2129	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0261	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0413	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1927	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3796	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2175	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0408	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2286	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2126	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1886	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1771	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1851	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2000	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2287	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0158	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1674	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0417	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1968	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0318	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2284	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2288	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0392	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2345	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2257	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1154	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0368	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0128	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0443	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2124	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2343	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1381	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1735	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2125	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4193	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3778	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1733	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2207	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3984	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0629	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1629	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0393	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2183	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0156	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4069	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4166	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2264	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3927	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2304	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0319	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1898	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3974	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2344	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0351	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3928	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4019	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3968	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1785	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0213	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1796	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2206	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1720	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-46059	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3770	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1769	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1897	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2289	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0359	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3973	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4187	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1420	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2042	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2182	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4173	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3872	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1160	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4192	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4136	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2231	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2285	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2208	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1942	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2210	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5460-1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0572	Trust: 0.1

CREDITS

Gentoo

Trust: 0.1

sources: PACKETSTORM: 168124

SOURCES

db:	VULHUB	id:	VHN-415705
db:	VULMON	id:	CVE-2022-0714
db:	JVNDB	id:	JVNDB-2022-006016
db:	PACKETSTORM	id:	168124
db:	PACKETSTORM	id:	167419
db:	CNNVD	id:	CNNVD-202202-1737
db:	NVD	id:	CVE-2022-0714

LAST UPDATE DATE

2024-08-14T12:09:37.211000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-415705	date:	2022-12-02T00:00:00
db:	VULMON	id:	CVE-2022-0714	date:	2022-03-29T00:00:00
db:	JVNDB	id:	JVNDB-2022-006016	date:	2023-06-26T02:40:00
db:	CNNVD	id:	CNNVD-202202-1737	date:	2022-11-09T00:00:00
db:	NVD	id:	CVE-2022-0714	date:	2023-11-07T03:41:31.497

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-415705	date:	2022-02-22T00:00:00
db:	VULMON	id:	CVE-2022-0714	date:	2022-02-22T00:00:00
db:	JVNDB	id:	JVNDB-2022-006016	date:	2023-06-26T00:00:00
db:	PACKETSTORM	id:	168124	date:	2022-08-22T16:01:59
db:	PACKETSTORM	id:	167419	date:	2022-06-07T15:13:22
db:	CNNVD	id:	CNNVD-202202-1737	date:	2022-02-22T00:00:00
db:	NVD	id:	CVE-2022-0714	date:	2022-02-22T20:15:07.630