Details of VAR-202205-2059

ID

VAR-202205-2059

CVE

CVE-2022-1897

TITLE

Vim Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202205-4246

DESCRIPTION

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Vim is a cross-platform text editor. There is a security vulnerability in versions prior to Vim 8.2, which is caused by an out-of-bounds write problem. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. Background ========= Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060 Description ========== Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Vim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060" All gVim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060" All vim-core users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060" References ========= [ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-5507-1 July 08, 2022 vim vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: Several security issues were fixed in Vim. Software Description: - vim: Vi IMproved - enhanced vi editor Details: It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the program to crash, use unexpected values, or execute arbitrary code. (CVE-2022-1968) It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution. (CVE-2022-1897, CVE-2022-1942) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: vim 2:7.4.1689-3ubuntu1.5+esm10 In general, a standard system update will make all the necessary changes. Summary: OpenShift sandboxed containers 1.3.1 is now available. Description: OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional, optional runtime. Space precludes documenting all of the updates to OpenShift sandboxed containers in this advisory. Solution: Before applying this update, ensure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode 2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob 2118556 - CVE-2022-2832 blender: Null pointer reference in blender thumbnail extractor 5. JIRA issues fixed (https://issues.jboss.org/): KATA-1751 - CVE-2022-24675 osc-operator-container: golang: encoding/pem: fix stack overflow in Decode [rhosc-1] KATA-1752 - CVE-2022-28327 osc-operator-container: golang: crypto/elliptic: panic caused by oversized scalar [rhosc-1] KATA-1754 - OSC Pod security issue in 4.12 prevents subscribing to operator KATA-1758 - CVE-2022-30632 osc-operator-container: golang: path/filepath: stack exhaustion in Glob [rhosc-1] 6. Summary: Red Hat Advanced Cluster Management for Kubernetes 2.3.12 General Availability release images, which provide security updates and bug fixes. Description: Red Hat Advanced Cluster Management for Kubernetes 2.3.12 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/ Security fix: * CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS Bug fixes: * Remove 1.9.1 from Proxy Patch Documentation (BZ# 2076856) * RHACM 2.3.12 images (BZ# 2101411) 3. Solution: For Red Hat Advanced Cluster Management for Kubernetes, see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index For details on how to apply this update, refer to: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing 4. Bugs fixed (https://bugzilla.redhat.com/): 2076856 - [doc] Remove 1.9.1 from Proxy Patch Documentation 2101411 - RHACM 2.3.12 images 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Self Node Remediation Operator 0.4.1 security update Advisory ID: RHSA-2022:6184-01 Product: RHWA Advisory URL: https://access.redhat.com/errata/RHSA-2022:6184 Issue date: 2022-08-25 CVE Names: CVE-2022-1292 CVE-2022-1586 CVE-2022-1785 CVE-2022-1897 CVE-2022-1927 CVE-2022-2068 CVE-2022-2097 CVE-2022-30631 ==================================================================== 1. Summary: This is an updated release of the Self Node Remediation Operator. The Self Node Remediation Operator replaces the Poison Pill Operator, and is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: The Self Node Remediation Operator works in conjunction with the Machine Health Check or the Node Health Check Operators to provide automatic remediation of unhealthy nodes by rebooting them. This minimizes downtime for stateful applications and RWO volumes, as well as restoring compute capacity in the event of transient failures. Security Fix(es): * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, see the CVE page(s) listed in the References section. 3. Solution: For details on how to apply this update, which includes the changes described in this advisory, see: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 5. References: https://access.redhat.com/security/cve/CVE-2022-1292 https://access.redhat.com/security/cve/CVE-2022-1586 https://access.redhat.com/security/cve/CVE-2022-1785 https://access.redhat.com/security/cve/CVE-2022-1897 https://access.redhat.com/security/cve/CVE-2022-1927 https://access.redhat.com/security/cve/CVE-2022-2068 https://access.redhat.com/security/cve/CVE-2022-2097 https://access.redhat.com/security/cve/CVE-2022-30631 https://access.redhat.com/security/updates/classification/#important 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYwdmJdzjgjWX9erEAQhbTQ//Tplmgrd41CYr3MR1vSfhYdQqJ34XomuL GVZ77BNRxA7zb3JbCM11UhxmnZGFfSHvza7hWXsJuHLlRxp+niURrxzHcERDTolY Glh8K0KNa4cPAbvBkL293UJz3yfwbuy1XUn55tQ2s4BSKyLmDlekxT/8P96gUbl4 JEw5B1gV/XHYk0njC5PgGjmwwe6JT05efvBFaiSLDkHhahpBjamUaDMov7IElIu7 khA8XF/Ty2KXrWDNdothqw1TCHRc41pQLo3MPpeGyA6QTFvw+6nNvYtr5bi6PspO raElAq1kszYiLXF1/FHrE5ZVWRJrwAPIlt+ZtYS6JCQmvHJPEEGGBuuzPYsraR25 +NI8r8z5aiNxYtP4/TtBFZD9SmZE4zr64z5vHZAzv4YUvFl5Fs3ITx88SQ20opXT BtgWxz1rsyDrcF2nOH98BrczJVsG7kpnQGw/Zhpril8n1AP/o7YEBE1TPjpG33PA RkFfHEfsev0pmuxN69DmBA290XN+khQSBgWKhndACDA5HcjA7hO4/jqxxW+TzfFS gplu7pnyXSmTgYQxuHNfREkePpwzDCIPkXVOCQdlSpXF0iFgcCXygs6dq30j+54z lWPGcfYNE+0L1tGeUtgTcBgeeMHc/zX3+9BGXZ+rA3oLxV/ySZNQfJqQsH4CUyqr 2xsqRVjngeU=QoWK -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Bugs fixed (https://bugzilla.redhat.com/): 2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects 2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays 5. JIRA issues fixed (https://issues.jboss.org/): LOG-3293 - log-file-metric-exporter container has not limits exhausting the resources of the node 6

Trust: 1.8

sources: NVD: CVE-2022-1897 // VULHUB: VHN-423551 // VULMON: CVE-2022-1897 // PACKETSTORM: 169435 // PACKETSTORM: 168124 // PACKETSTORM: 167729 // PACKETSTORM: 169443 // PACKETSTORM: 168213 // PACKETSTORM: 168182 // PACKETSTORM: 170179 // PACKETSTORM: 172122

AFFECTED PRODUCTS

vendor:	apple	model:	macos	scope:	lt	version:	13.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	35	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	34	Trust: 1.0
vendor:	vim	model:	vim	scope:	lt	version:	8.0.5023	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	36	Trust: 1.0

sources: NVD: CVE-2022-1897

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-1897
value:	HIGH
Trust: 1.0
security@huntr.dev:	CVE-2022-1897
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202205-4246
value:	HIGH
Trust: 0.6
VULHUB:	VHN-423551
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-1897
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-1897
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-423551
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-1897
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
security@huntr.dev:	CVE-2022-1897
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-423551 // VULMON: CVE-2022-1897 // CNNVD: CNNVD-202205-4246 // NVD: CVE-2022-1897 // NVD: CVE-2022-1897

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.1

sources: VULHUB: VHN-423551 // NVD: CVE-2022-1897

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-4246

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202205-4246

PATCH

title:	Vim Buffer error vulnerability fix	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=195377	Trust: 0.6
title:	Ubuntu Security Notice: USN-5507-1: Vim vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5507-1	Trust: 0.1
title:	Red Hat: Moderate: vim security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225942 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: vim security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20225813 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Self Node Remediation Operator 0.4.1 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226184 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: OpenShift Container Platform 4.11.1 bug fix and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226103 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Openshift Logging Security and Bug Fix update (5.3.11)	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226182 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Logging Subsystem 5.5.0 - Red Hat OpenShift security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226051 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat OpenShift Service Mesh 2.2.2 Containers security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226283 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Logging Subsystem 5.4.5 Security and Bug Fix Update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226183 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: Red Hat Advanced Cluster Management 2.5.2 security fixes and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226507 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: RHOSDT 2.6.0 operator/operand containers Security Update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227055 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: OpenShift sandboxed containers 1.3.1 security fix and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20227058 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: New container image for Red Hat Ceph Storage 5.2 Security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226024 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: RHACS 3.72 enhancement and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226714 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226370 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.12 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226271 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: Red Hat Advanced Cluster Management 2.4.6 security update and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226696 - Security Advisory	Trust: 0.1
title:	Debian CVElist Bug Report Logs: vim: CVE-2022-1942 CVE-2022-1968 CVE-2022-2000 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2285 CVE-2022-2288 CVE-2022-2304 CVE-2022-2207 CVE-2022-1616 CVE-2022-1619 CVE-2022-1621 CVE-2022-1720 CVE-2022-1785 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=11dbcf77118f7ec64d0ef6c1e3c087e3	Trust: 0.1
title:	Red Hat: Important: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226156 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: OpenShift Container Platform 4.11.45 bug fix and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20234053 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: OpenShift Virtualization 4.11.1 security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228750 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Migration Toolkit for Containers (MTC) 1.7.4 security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226429 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: OpenShift Virtualization 4.12.0 Images security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20230408 - Security Advisory	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2022-1628	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1628	Trust: 0.1
title:	Red Hat: Moderate: Openshift Logging 5.3.14 bug fix release and security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228889 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Logging Subsystem 5.5.5 - Red Hat OpenShift security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20228781 - Security Advisory	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2022-1829	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1829	Trust: 0.1
title:	Amazon Linux 2022: ALAS2022-2022-116	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-116	Trust: 0.1

sources: VULMON: CVE-2022-1897 // CNNVD: CNNVD-202205-4246

EXTERNAL IDS

db:	NVD	id:	CVE-2022-1897	Trust: 2.6
db:	PACKETSTORM	id:	168182	Trust: 0.8
db:	PACKETSTORM	id:	167729	Trust: 0.8
db:	PACKETSTORM	id:	169443	Trust: 0.8
db:	PACKETSTORM	id:	170083	Trust: 0.7
db:	PACKETSTORM	id:	167944	Trust: 0.7
db:	PACKETSTORM	id:	168538	Trust: 0.7
db:	PACKETSTORM	id:	168378	Trust: 0.7
db:	PACKETSTORM	id:	168112	Trust: 0.7
db:	PACKETSTORM	id:	168222	Trust: 0.7
db:	PACKETSTORM	id:	168284	Trust: 0.7
db:	PACKETSTORM	id:	168013	Trust: 0.7
db:	PACKETSTORM	id:	168022	Trust: 0.7
db:	CNNVD	id:	CNNVD-202205-4246	Trust: 0.7
db:	AUSCERT	id:	ESB-2022.4122	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.6290	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.3347	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.2896	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.4082	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5247	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5300	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.4233	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.3813	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.4316	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.4167	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.4747	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.3921	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.0019	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.4568	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.3002	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.6148	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.6434	Trust: 0.6
db:	CS-HELP	id:	SB2022062022	Trust: 0.6
db:	CS-HELP	id:	SB2022070807	Trust: 0.6
db:	PACKETSTORM	id:	169435	Trust: 0.2
db:	PACKETSTORM	id:	168213	Trust: 0.2
db:	CNVD	id:	CNVD-2022-50690	Trust: 0.1
db:	PACKETSTORM	id:	168516	Trust: 0.1
db:	PACKETSTORM	id:	168150	Trust: 0.1
db:	PACKETSTORM	id:	168289	Trust: 0.1
db:	PACKETSTORM	id:	168287	Trust: 0.1
db:	PACKETSTORM	id:	168139	Trust: 0.1
db:	VULHUB	id:	VHN-423551	Trust: 0.1
db:	VULMON	id:	CVE-2022-1897	Trust: 0.1
db:	PACKETSTORM	id:	168124	Trust: 0.1
db:	PACKETSTORM	id:	170179	Trust: 0.1
db:	PACKETSTORM	id:	172122	Trust: 0.1

sources: VULHUB: VHN-423551 // VULMON: CVE-2022-1897 // PACKETSTORM: 169435 // PACKETSTORM: 168124 // PACKETSTORM: 167729 // PACKETSTORM: 169443 // PACKETSTORM: 168213 // PACKETSTORM: 168182 // PACKETSTORM: 170179 // PACKETSTORM: 172122 // CNNVD: CNNVD-202205-4246 // NVD: CVE-2022-1897

REFERENCES

url:	https://security.gentoo.org/glsa/202208-32	Trust: 1.9
url:	https://support.apple.com/kb/ht213488	Trust: 1.8
url:	https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118	Trust: 1.8
url:	http://seclists.org/fulldisclosure/2022/oct/28	Trust: 1.8
url:	http://seclists.org/fulldisclosure/2022/oct/41	Trust: 1.8
url:	https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html	Trust: 1.8
url:	https://security.gentoo.org/glsa/202305-16	Trust: 1.8
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qmfhbc5oqxdpv2sdya2juqgvcpyastjb/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ozslfikfyu5y2km5ejkqnyhwrubdq4gj/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/tynk6sdcmolqjoi3b4aoe66p2g2ih4zm/	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2025/03/msg00023.html	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/qmfhbc5oqxdpv2sdya2juqgvcpyastjb/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/tynk6sdcmolqjoi3b4aoe66p2g2ih4zm/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ozslfikfyu5y2km5ejkqnyhwrubdq4gj/	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1897	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1927	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1785	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.4747	Trust: 0.6
url:	https://vigilance.fr/vulnerability/vim-buffer-overflow-via-normal-cmd-38494	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3813	Trust: 0.6
url:	https://packetstormsecurity.com/files/168538/red-hat-security-advisory-2022-6696-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/168222/red-hat-security-advisory-2022-6283-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/168182/red-hat-security-advisory-2022-6184-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/170083/red-hat-security-advisory-2022-8750-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.2896	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.6290	Trust: 0.6
url:	https://packetstormsecurity.com/files/168013/red-hat-security-advisory-2022-5942-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/167729/ubuntu-security-notice-usn-5507-1.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022070807	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.4233	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5300	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.6434	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3002	Trust: 0.6
url:	https://packetstormsecurity.com/files/168378/red-hat-security-advisory-2022-6507-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5247	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3347	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.4316	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3921	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.4082	Trust: 0.6
url:	https://packetstormsecurity.com/files/168112/red-hat-security-advisory-2022-6051-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/168284/red-hat-security-advisory-2022-6183-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/167944/red-hat-security-advisory-2022-5813-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.0019	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022062022	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-1897/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.4167	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.6148	Trust: 0.6
url:	https://packetstormsecurity.com/files/168022/red-hat-security-advisory-2022-6024-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.4122	Trust: 0.6
url:	https://packetstormsecurity.com/files/169443/red-hat-security-advisory-2022-7058-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.4568	Trust: 0.6
url:	https://bugzilla.redhat.com/):	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2022-1586	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2022-1897	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2022-2097	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2022-1927	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2022-1785	Trust: 0.5
url:	https://access.redhat.com/security/team/contact/	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2022-1292	Trust: 0.5
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2022-2068	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2097	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1586	Trust: 0.4
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1292	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2068	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2022-32208	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2022-34903	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2022-32206	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1968	Trust: 0.3
url:	https://ubuntu.com/security/notices/usn-5507-1	Trust: 0.2
url:	https://access.redhat.com/articles/11258	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-31129	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-0391	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0391	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-20107	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2015-20107	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2129	Trust: 0.2
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2175	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2286	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2126	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1886	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1771	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1851	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2000	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2287	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1674	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1621	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2284	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2288	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2345	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2257	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1154	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2124	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2343	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1381	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1735	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2125	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1733	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2207	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1629	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2183	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1616	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2264	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1619	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2304	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1620	Trust: 0.2
url:	https://bugs.gentoo.org.	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1898	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2344	Trust: 0.2
url:	https://security.gentoo.org/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1796	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2206	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1720	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1769	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2289	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1420	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2042	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2182	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1160	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2231	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2285	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2208	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1942	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2210	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-29154	Trust: 0.2
url:	https://issues.jboss.org/):	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://alas.aws.amazon.com/alas-2022-1628.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-31129	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0536	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-24785	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:7055	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3918	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1650	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1650	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24785	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3918	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0536	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0361	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0261	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0413	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0943	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3796	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0408	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0158	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0417	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0318	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0392	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0368	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0128	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0443	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0714	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4193	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3778	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3984	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0629	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0393	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0156	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4069	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4166	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3927	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0685	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0319	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3974	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0351	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3928	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4019	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3968	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0213	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0729	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-46059	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3770	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0359	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3973	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4187	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4173	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3872	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4192	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4136	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24675	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-30632	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.11/sandboxed_containers/sandboxed-containers-release-notes.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:7058	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32206	Trust: 0.1
url:	https://docs.openshift.com/container-platform/latest/sandboxed_containers/upgrade-sandboxed-containers.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-24675	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2832	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-29154	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-40674	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-30632	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2832	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26116	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-26116	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-25314	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27782	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1729	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21123	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-32250	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27776	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21166	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21125	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22576	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1966	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3177	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-26137	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-40528	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1729	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1966	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-25313	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1012	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26137	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27774	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1012	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-40528	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3177	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2526	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:6271	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-29824	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:6184	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-30631	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-30631	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36516	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24448	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-26710	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:8889	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22628	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21618	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-3515	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0168	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21628	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-3709	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0617	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0924	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0562	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2639	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0908	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1055	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0865	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-35527	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-35525	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-26373	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-26709	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-20368	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1048	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3640	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0561	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0617	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-39399	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0562	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0854	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22629	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-29581	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1016	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2078	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22844	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-42898	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2938	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21499	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-36946	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-42003	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0865	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36558	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27405	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2016-3709	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0909	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1852	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0561	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35527	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0854	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-30293	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27406	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0168	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21624	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1304	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-26717	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21626	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-28390	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36558	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-26716	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30002	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36518	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27950	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-27404	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2586	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23960	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3640	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30002	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36518	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0891	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1184	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35525	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22624	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2509	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-26700	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-25255	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-26719	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-21619	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-42004	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-37434	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-1355	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36516	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22662	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-28893	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2845	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2816	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2862	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3256	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3296	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3153	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3705	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3235	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2889	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0051	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2923	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2982	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3520	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4293	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3099	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2874	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3016	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3278	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-47024	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0054	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4141	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2819	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2946	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0049	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2849	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3324	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2980	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2817	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2522	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3591	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4292	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3134	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3297	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3352	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3491	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1725	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3234	Trust: 0.1

CREDITS

Red Hat

Trust: 0.5

sources: PACKETSTORM: 169435 // PACKETSTORM: 169443 // PACKETSTORM: 168213 // PACKETSTORM: 168182 // PACKETSTORM: 170179

SOURCES

db:	VULHUB	id:	VHN-423551
db:	VULMON	id:	CVE-2022-1897
db:	PACKETSTORM	id:	169435
db:	PACKETSTORM	id:	168124
db:	PACKETSTORM	id:	167729
db:	PACKETSTORM	id:	169443
db:	PACKETSTORM	id:	168213
db:	PACKETSTORM	id:	168182
db:	PACKETSTORM	id:	170179
db:	PACKETSTORM	id:	172122
db:	CNNVD	id:	CNNVD-202205-4246
db:	NVD	id:	CVE-2022-1897

LAST UPDATE DATE

2026-02-08T20:08:25.206000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-423551	date:	2022-12-03T00:00:00
db:	VULMON	id:	CVE-2022-1897	date:	2023-11-07T00:00:00
db:	CNNVD	id:	CNNVD-202205-4246	date:	2023-07-20T00:00:00
db:	NVD	id:	CVE-2022-1897	date:	2025-11-03T21:15:50.817

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-423551	date:	2022-05-27T00:00:00
db:	VULMON	id:	CVE-2022-1897	date:	2022-05-27T00:00:00
db:	PACKETSTORM	id:	169435	date:	2022-10-20T14:19:18
db:	PACKETSTORM	id:	168124	date:	2022-08-22T16:01:59
db:	PACKETSTORM	id:	167729	date:	2022-07-11T14:35:31
db:	PACKETSTORM	id:	169443	date:	2022-10-20T14:21:57
db:	PACKETSTORM	id:	168213	date:	2022-09-01T16:30:25
db:	PACKETSTORM	id:	168182	date:	2022-08-25T15:29:18
db:	PACKETSTORM	id:	170179	date:	2022-12-09T14:52:40
db:	PACKETSTORM	id:	172122	date:	2023-05-03T15:29:00
db:	CNNVD	id:	CNNVD-202205-4246	date:	2022-05-27T00:00:00
db:	NVD	id:	CVE-2022-1897	date:	2022-05-27T15:15:07.620