ID

VAR-202205-2077


CVE

CVE-2022-1942


TITLE

vim/vim  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011769

DESCRIPTION

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. vim/vim Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Vim is a cross-platform text editor. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. Background ========= Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060 Description ========== Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Vim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060" All gVim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060" All vim-core users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060" References ========= [ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================= Ubuntu Security Notice USN-5995-1 April 04, 2023 vim vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 14.04 ESM Summary: Several security issues were fixed in Vim. Software Description: - vim: Vi IMproved - enhanced vi editor Details: It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-0413, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851, CVE-2022-1898, CVE-2022-1942, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2183, CVE-2022-2206, CVE-2022-2304, CVE-2022-2345, CVE-2022-2581) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1720, CVE-2022-2571, CVE-2022-2845, CVE-2022-2849, CVE-2022-2923) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1927, CVE-2022-2344) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2946) It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possible execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-2980) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: vim 2:9.0.0242-1ubuntu1.3 vim-athena 2:9.0.0242-1ubuntu1.3 vim-gtk3 2:9.0.0242-1ubuntu1.3 vim-motif 2:9.0.0242-1ubuntu1.3 vim-nox 2:9.0.0242-1ubuntu1.3 vim-tiny 2:9.0.0242-1ubuntu1.3 Ubuntu 22.04 LTS: vim 2:8.2.3995-1ubuntu2.5 vim-athena 2:8.2.3995-1ubuntu2.5 vim-gtk 2:8.2.3995-1ubuntu2.5 vim-gtk3 2:8.2.3995-1ubuntu2.5 vim-nox 2:8.2.3995-1ubuntu2.5 vim-tiny 2:8.2.3995-1ubuntu2.5 Ubuntu 20.04 LTS: vim 2:8.1.2269-1ubuntu5.13 vim-athena 2:8.1.2269-1ubuntu5.13 vim-gtk 2:8.1.2269-1ubuntu5.13 vim-gtk3 2:8.1.2269-1ubuntu5.13 vim-nox 2:8.1.2269-1ubuntu5.13 vim-tiny 2:8.1.2269-1ubuntu5.13 Ubuntu 18.04 LTS: vim 2:8.0.1453-1ubuntu1.12 vim-athena 2:8.0.1453-1ubuntu1.12 vim-gnome 2:8.0.1453-1ubuntu1.12 vim-gtk 2:8.0.1453-1ubuntu1.12 vim-gtk3 2:8.0.1453-1ubuntu1.12 vim-nox 2:8.0.1453-1ubuntu1.12 vim-tiny 2:8.0.1453-1ubuntu1.12 Ubuntu 14.04 ESM: vim 2:7.4.052-1ubuntu3.1+esm8 vim-athena 2:7.4.052-1ubuntu3.1+esm8 vim-gnome 2:7.4.052-1ubuntu3.1+esm8 vim-gtk 2:7.4.052-1ubuntu3.1+esm8 vim-nox 2:7.4.052-1ubuntu3.1+esm8 vim-tiny 2:7.4.052-1ubuntu3.1+esm8 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5995-1 CVE-2022-0413, CVE-2022-1629, CVE-2022-1674, CVE-2022-1720, CVE-2022-1733, CVE-2022-1735, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851, CVE-2022-1898, CVE-2022-1927, CVE-2022-1942, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2183, CVE-2022-2206, CVE-2022-2304, CVE-2022-2344, CVE-2022-2345, CVE-2022-2571, CVE-2022-2581, CVE-2022-2845, CVE-2022-2849, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980 Package Information: https://launchpad.net/ubuntu/+source/vim/2:9.0.0242-1ubuntu1.3 https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.5 https://launchpad.net/ubuntu/+source/vim/2:8.1.2269-1ubuntu5.13 https://launchpad.net/ubuntu/+source/vim/2:8.0.1453-1ubuntu1.12

Trust: 2.07

sources: NVD: CVE-2022-1942 // JVNDB: JVNDB-2022-011769 // VULHUB: VHN-423661 // VULMON: CVE-2022-1942 // PACKETSTORM: 168124 // PACKETSTORM: 171681 // PACKETSTORM: 172122

AFFECTED PRODUCTS

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:applemodel:macosscope:ltversion:13.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:35

Trust: 1.0

vendor:vimmodel:vimscope:ltversion:8.2.5043

Trust: 1.0

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:vimmodel:vimscope: - version: -

Trust: 0.8

vendor:fedoramodel:fedorascope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-011769 // NVD: CVE-2022-1942

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-1942
value: HIGH

Trust: 1.0

security@huntr.dev: CVE-2022-1942
value: HIGH

Trust: 1.0

NVD: CVE-2022-1942
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202205-4308
value: HIGH

Trust: 0.6

VULHUB: VHN-423661
value: MEDIUM

Trust: 0.1

VULMON: CVE-2022-1942
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-1942
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-423661
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

security@huntr.dev: CVE-2022-1942
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2022-1942
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-423661 // VULMON: CVE-2022-1942 // JVNDB: JVNDB-2022-011769 // CNNVD: CNNVD-202205-4308 // NVD: CVE-2022-1942 // NVD: CVE-2022-1942

PROBLEMTYPE DATA

problemtype:CWE-122

Trust: 1.1

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-423661 // JVNDB: JVNDB-2022-011769 // NVD: CVE-2022-1942

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202205-4308

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202205-4308

PATCH

title:HT213488 Apple  Security updateurl:https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html

Trust: 0.8

title:Vim Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=195410

Trust: 0.6

title:Ubuntu Security Notice: USN-5507-1: Vim vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5507-1

Trust: 0.1

title:Red Hat: url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2022-1942

Trust: 0.1

title:Debian CVElist Bug Report Logs: vim: CVE-2022-1942 CVE-2022-1968 CVE-2022-2000 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2285 CVE-2022-2288 CVE-2022-2304 CVE-2022-2207 CVE-2022-1616 CVE-2022-1619 CVE-2022-1621 CVE-2022-1720 CVE-2022-1785 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=11dbcf77118f7ec64d0ef6c1e3c087e3

Trust: 0.1

title:Amazon Linux AMI: ALAS-2022-1628url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1628

Trust: 0.1

title:Amazon Linux 2: ALAS2-2022-1829url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1829

Trust: 0.1

title:Amazon Linux 2022: ALAS2022-2022-116url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-116

Trust: 0.1

sources: VULMON: CVE-2022-1942 // JVNDB: JVNDB-2022-011769 // CNNVD: CNNVD-202205-4308

EXTERNAL IDS

db:NVDid:CVE-2022-1942

Trust: 3.7

db:JVNDBid:JVNDB-2022-011769

Trust: 0.8

db:CNNVDid:CNNVD-202205-4308

Trust: 0.7

db:CS-HELPid:SB2022070807

Trust: 0.6

db:AUSCERTid:ESB-2022.5300

Trust: 0.6

db:AUSCERTid:ESB-2022.6148

Trust: 0.6

db:AUSCERTid:ESB-2022.3347

Trust: 0.6

db:CNVDid:CNVD-2022-50689

Trust: 0.1

db:VULHUBid:VHN-423661

Trust: 0.1

db:VULMONid:CVE-2022-1942

Trust: 0.1

db:PACKETSTORMid:168124

Trust: 0.1

db:PACKETSTORMid:171681

Trust: 0.1

db:PACKETSTORMid:172122

Trust: 0.1

sources: VULHUB: VHN-423661 // VULMON: CVE-2022-1942 // JVNDB: JVNDB-2022-011769 // PACKETSTORM: 168124 // PACKETSTORM: 171681 // PACKETSTORM: 172122 // CNNVD: CNNVD-202205-4308 // NVD: CVE-2022-1942

REFERENCES

url:https://security.gentoo.org/glsa/202208-32

Trust: 1.9

url:https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071

Trust: 1.8

url:https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d

Trust: 1.8

url:https://support.apple.com/kb/ht213488

Trust: 1.7

url:http://seclists.org/fulldisclosure/2022/oct/28

Trust: 1.7

url:http://seclists.org/fulldisclosure/2022/oct/41

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html

Trust: 1.7

url:https://security.gentoo.org/glsa/202305-16

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-1942

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/tynk6sdcmolqjoi3b4aoe66p2g2ih4zm/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/tynk6sdcmolqjoi3b4aoe66p2g2ih4zm/

Trust: 0.8

url:https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071/

Trust: 0.8

url:https://vigilance.fr/vulnerability/vim-buffer-overflow-via-buflist-getfile-38517

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022070807

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5300

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.6148

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-1942/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3347

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-2129

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-2126

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-1851

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-1968

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-2345

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-1735

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-1733

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-2304

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-1898

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-2344

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-0413

Trust: 0.2

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1927

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2175

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2286

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1886

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1771

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2000

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2287

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1674

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1621

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2284

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2288

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2257

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1154

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2124

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2343

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1381

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2125

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2207

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1629

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2183

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1616

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2264

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1619

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1620

Trust: 0.2

url:https://bugs.gentoo.org.

Trust: 0.2

url:https://security.gentoo.org/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1785

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1796

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2206

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1720

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1769

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1897

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2289

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1420

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2042

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2182

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-1160

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2231

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2285

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2208

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2210

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-2923

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/122.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5507-1

Trust: 0.1

url:https://alas.aws.amazon.com/alas-2022-1628.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0361

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0261

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0943

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3796

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0408

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0158

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0417

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0407

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0318

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0392

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0368

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0128

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0554

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0443

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0714

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4193

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3778

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3984

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0629

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0393

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0156

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4069

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4166

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3927

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0685

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0319

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3974

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0351

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3928

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4019

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3968

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0213

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0729

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-46059

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3770

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0359

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3973

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4187

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4173

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3872

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3875

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4192

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-4136

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/vim/2:8.0.1453-1ubuntu1.12

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2581

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/vim/2:9.0.0242-1ubuntu1.3

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/vim/2:8.1.2269-1ubuntu5.13

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.5

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5995-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2845

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2816

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2862

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3256

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3296

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3153

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3705

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3235

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2889

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0051

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2982

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3520

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4293

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3099

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2874

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3016

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3278

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-47024

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0054

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4141

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2819

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2946

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0049

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2849

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3324

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2980

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2817

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2522

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3591

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-4292

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3134

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3297

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3352

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3491

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1725

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3234

Trust: 0.1

sources: VULHUB: VHN-423661 // VULMON: CVE-2022-1942 // JVNDB: JVNDB-2022-011769 // PACKETSTORM: 168124 // PACKETSTORM: 171681 // PACKETSTORM: 172122 // CNNVD: CNNVD-202205-4308 // NVD: CVE-2022-1942

CREDITS

Gentoo

Trust: 0.2

sources: PACKETSTORM: 168124 // PACKETSTORM: 172122

SOURCES

db:VULHUBid:VHN-423661
db:VULMONid:CVE-2022-1942
db:JVNDBid:JVNDB-2022-011769
db:PACKETSTORMid:168124
db:PACKETSTORMid:171681
db:PACKETSTORMid:172122
db:CNNVDid:CNNVD-202205-4308
db:NVDid:CVE-2022-1942

LAST UPDATE DATE

2024-11-23T20:17:29.675000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-423661date:2022-11-29T00:00:00
db:VULMONid:CVE-2022-1942date:2022-08-21T00:00:00
db:JVNDBid:JVNDB-2022-011769date:2023-08-24T00:55:00
db:CNNVDid:CNNVD-202205-4308date:2023-05-04T00:00:00
db:NVDid:CVE-2022-1942date:2024-11-21T06:41:48.150

SOURCES RELEASE DATE

db:VULHUBid:VHN-423661date:2022-05-31T00:00:00
db:VULMONid:CVE-2022-1942date:2022-05-31T00:00:00
db:JVNDBid:JVNDB-2022-011769date:2023-08-24T00:00:00
db:PACKETSTORMid:168124date:2022-08-22T16:01:59
db:PACKETSTORMid:171681date:2023-04-04T12:59:12
db:PACKETSTORMid:172122date:2023-05-03T15:29:00
db:CNNVDid:CNNVD-202205-4308date:2022-05-31T00:00:00
db:NVDid:CVE-2022-1942date:2022-05-31T14:15:07.833