Details of VAR-202205-1003

ID

VAR-202205-1003

CVE

CVE-2022-1674

TITLE

vim/vim In NULL Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-010571

DESCRIPTION

NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. vim/vim for, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. Background ========= Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060 Description ========== Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Vim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060" All gVim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060" All vim-core users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060" References ========= [ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-5723-1 November 14, 2022 vim vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: Several security issues were fixed in Vim. Software Description: - vim: Vi IMproved - enhanced vi editor Details: It was discovered that Vim could be made to crash when searching specially crafted patterns. (CVE-2022-1725) It was discovered that there existed a buffer over-read in Vim when searching specially crafted patterns. (CVE-2022-2124) It was discovered that there existed a heap buffer overflow in Vim when auto-indenting lisp. (CVE-2022-2125) It was discovered that there existed an out of bounds read in Vim when performing spelling suggestions. (CVE-2022-2126) It was discovered that Vim accessed invalid memory when executing specially crafted command line expressions. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. (CVE-2022-2175) It was discovered that there existed an out-of-bounds read in Vim when auto-indenting lisp. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. (CVE-2022-2183) It was discovered that Vim accessed invalid memory when terminal size changed. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. (CVE-2022-2206) It was discovered that there existed a stack buffer overflow in Vim's spelldump. (CVE-2022-2304) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: vim 2:7.4.1689-3ubuntu1.5+esm13 vim-athena 2:7.4.1689-3ubuntu1.5+esm13 vim-athena-py2 2:7.4.1689-3ubuntu1.5+esm13 vim-gnome 2:7.4.1689-3ubuntu1.5+esm13 vim-gnome-py2 2:7.4.1689-3ubuntu1.5+esm13 vim-gtk 2:7.4.1689-3ubuntu1.5+esm13 vim-gtk-py2 2:7.4.1689-3ubuntu1.5+esm13 vim-gtk3 2:7.4.1689-3ubuntu1.5+esm13 vim-gtk3-py2 2:7.4.1689-3ubuntu1.5+esm13 vim-nox 2:7.4.1689-3ubuntu1.5+esm13 vim-nox-py2 2:7.4.1689-3ubuntu1.5+esm13 vim-tiny 2:7.4.1689-3ubuntu1.5+esm13 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5723-1 CVE-2022-1674, CVE-2022-1725, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2175, CVE-2022-2183, CVE-2022-2206, CVE-2022-2304

Trust: 2.07

sources: NVD: CVE-2022-1674 // JVNDB: JVNDB-2022-010571 // VULHUB: VHN-419787 // VULMON: CVE-2022-1674 // PACKETSTORM: 168124 // PACKETSTORM: 172122 // PACKETSTORM: 169832

AFFECTED PRODUCTS

vendor:	vim	model:	vim	scope:	lt	version:	8.2.4938	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	13.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	35	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	36	Trust: 1.0
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	vim	model:	vim	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-010571 // NVD: CVE-2022-1674

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-1674
value:	MEDIUM
Trust: 1.0
security@huntr.dev:	CVE-2022-1674
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-1674
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202205-3071
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-419787
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-1674
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-1674
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-419787
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-1674
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
security@huntr.dev:	CVE-2022-1674
baseSeverity:	MEDIUM
baseScore:	6.6
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	4.7
version:	3.0
Trust: 1.0
NVD:	CVE-2022-1674
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-419787 // VULMON: CVE-2022-1674 // JVNDB: JVNDB-2022-010571 // CNNVD: CNNVD-202205-3071 // NVD: CVE-2022-1674 // NVD: CVE-2022-1674

PROBLEMTYPE DATA

problemtype:	CWE-476	Trust: 1.1
problemtype:	NULL Pointer dereference (CWE-476) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-419787 // JVNDB: JVNDB-2022-010571 // NVD: CVE-2022-1674

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-3071

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202205-3071

PATCH

title:	crash when matching buffer with invalid pattern Apple Apple Security Updates	url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/	Trust: 0.8
title:	Vim Fixes for code issue vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=193802	Trust: 0.6
title:	Red Hat:	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2022-1674	Trust: 0.1
title:	Ubuntu Security Notice: USN-5723-1: Vim vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5723-1	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2022-1628	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1628	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2022-1829	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1829	Trust: 0.1

sources: VULMON: CVE-2022-1674 // JVNDB: JVNDB-2022-010571 // CNNVD: CNNVD-202205-3071

EXTERNAL IDS

db:	NVD	id:	CVE-2022-1674	Trust: 3.7
db:	PACKETSTORM	id:	169832	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-010571	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.5872	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5300	Trust: 0.6
db:	CS-HELP	id:	SB2022052017	Trust: 0.6
db:	CNNVD	id:	CNNVD-202205-3071	Trust: 0.6
db:	VULHUB	id:	VHN-419787	Trust: 0.1
db:	VULMON	id:	CVE-2022-1674	Trust: 0.1
db:	PACKETSTORM	id:	168124	Trust: 0.1
db:	PACKETSTORM	id:	172122	Trust: 0.1

sources: VULHUB: VHN-419787 // VULMON: CVE-2022-1674 // JVNDB: JVNDB-2022-010571 // PACKETSTORM: 168124 // PACKETSTORM: 172122 // PACKETSTORM: 169832 // CNNVD: CNNVD-202205-3071 // NVD: CVE-2022-1674

REFERENCES

url:	http://seclists.org/fulldisclosure/2022/oct/41	Trust: 2.6
url:	https://security.gentoo.org/glsa/202208-32	Trust: 1.9
url:	https://support.apple.com/kb/ht213488	Trust: 1.8
url:	https://huntr.dev/bounties/a74ba4a4-7a39-4a22-bde3-d2f8ee07b385	Trust: 1.8
url:	https://github.com/vim/vim/commit/a59f2dfd0cf9ee1a584d3de5b7c2d47648e79060	Trust: 1.8
url:	http://seclists.org/fulldisclosure/2022/oct/28	Trust: 1.7
url:	https://security.gentoo.org/glsa/202305-16	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1674	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bfaztat5czc2r6kydya2hbavedsix6mw/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/iupolex5gxc733hl4efymhfu7nisjjzg/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/odxvyzc5z4xrrzk7ck6b6iuryvyha25u/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/iupolex5gxc733hl4efymhfu7nisjjzg/	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bfaztat5czc2r6kydya2hbavedsix6mw/	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/odxvyzc5z4xrrzk7ck6b6iuryvyha25u/	Trust: 0.8
url:	https://huntr.dev/bounties/a74ba4a4-7a39-4a22-bde3-d2f8ee07b385/	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2022-1674	Trust: 0.7
url:	https://packetstormsecurity.com/files/169832/ubuntu-security-notice-usn-5723-1.html	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-1674/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/vim-null-pointer-dereference-via-vim-regexec-string-38405	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5300	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5872	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022052017	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2175	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2126	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2124	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2125	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2183	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2304	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2206	Trust: 0.3
url:	https://ubuntu.com/security/notices/usn-5723-1	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2129	Trust: 0.2
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1927	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2286	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1886	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1771	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1851	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2000	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2287	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1968	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1621	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2284	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2288	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2345	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2257	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1154	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2343	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1381	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1735	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1733	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2207	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1629	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1616	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2264	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1619	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1620	Trust: 0.2
url:	https://bugs.gentoo.org.	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1898	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2344	Trust: 0.2
url:	https://security.gentoo.org/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1785	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1796	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1720	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1769	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1897	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2289	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1420	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2042	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2182	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1160	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2231	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2285	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2208	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1942	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2210	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1725	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/476.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0361	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0261	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0413	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0943	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3796	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0408	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0158	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0417	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0318	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0392	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0368	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0128	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0443	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0714	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4193	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3778	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3984	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0629	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0393	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0156	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4069	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4166	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3927	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0685	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0319	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3974	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0351	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3928	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4019	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3968	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0213	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0729	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-46059	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3770	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0359	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3973	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4187	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4173	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3872	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4192	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4136	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2845	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2816	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2862	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3256	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3296	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3153	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3705	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3235	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2889	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0051	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2923	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2982	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3520	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4293	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3099	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2874	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3016	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3278	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-47024	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0054	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4141	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2819	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2946	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0049	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2849	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3324	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2980	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2817	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2522	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3591	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4292	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3134	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3297	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3352	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3491	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3234	Trust: 0.1

CREDITS

Gentoo

Trust: 0.2

sources: PACKETSTORM: 168124 // PACKETSTORM: 172122

SOURCES

db:	VULHUB	id:	VHN-419787
db:	VULMON	id:	CVE-2022-1674
db:	JVNDB	id:	JVNDB-2022-010571
db:	PACKETSTORM	id:	168124
db:	PACKETSTORM	id:	172122
db:	PACKETSTORM	id:	169832
db:	CNNVD	id:	CNNVD-202205-3071
db:	NVD	id:	CVE-2022-1674

LAST UPDATE DATE

2024-08-14T12:35:21.765000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-419787	date:	2022-12-02T00:00:00
db:	VULMON	id:	CVE-2022-1674	date:	2022-10-30T00:00:00
db:	JVNDB	id:	JVNDB-2022-010571	date:	2023-08-16T01:11:00
db:	CNNVD	id:	CNNVD-202205-3071	date:	2023-05-04T00:00:00
db:	NVD	id:	CVE-2022-1674	date:	2023-11-07T03:42:06.207

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-419787	date:	2022-05-12T00:00:00
db:	VULMON	id:	CVE-2022-1674	date:	2022-05-12T00:00:00
db:	JVNDB	id:	JVNDB-2022-010571	date:	2023-08-16T00:00:00
db:	PACKETSTORM	id:	168124	date:	2022-08-22T16:01:59
db:	PACKETSTORM	id:	172122	date:	2023-05-03T15:29:00
db:	PACKETSTORM	id:	169832	date:	2022-11-15T16:38:43
db:	CNNVD	id:	CNNVD-202205-3071	date:	2022-05-12T00:00:00
db:	NVD	id:	CVE-2022-1674	date:	2022-05-12T11:15:07.363