Details of VAR-202206-0761

ID

VAR-202206-0761

CVE

CVE-2022-2000

TITLE

vim/vim Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011269

DESCRIPTION

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. vim/vim Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Vim is a cross-platform text editor. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Vim, gVim: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #811870, #818562, #819528, #823473, #824930, #828583, #829658, #830106, #830994, #833572, #836432, #851231 ID: 202208-32 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service. Background ========= Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/gvim < 9.0.0060 >= 9.0.0060 2 app-editors/vim < 9.0.0060 >= 9.0.0060 3 app-editors/vim-core < 9.0.0060 >= 9.0.0060 Description ========== Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Vim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060" All gVim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060" All vim-core users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060" References ========= [ 1 ] CVE-2021-3770 https://nvd.nist.gov/vuln/detail/CVE-2021-3770 [ 2 ] CVE-2021-3778 https://nvd.nist.gov/vuln/detail/CVE-2021-3778 [ 3 ] CVE-2021-3796 https://nvd.nist.gov/vuln/detail/CVE-2021-3796 [ 4 ] CVE-2021-3872 https://nvd.nist.gov/vuln/detail/CVE-2021-3872 [ 5 ] CVE-2021-3875 https://nvd.nist.gov/vuln/detail/CVE-2021-3875 [ 6 ] CVE-2021-3927 https://nvd.nist.gov/vuln/detail/CVE-2021-3927 [ 7 ] CVE-2021-3928 https://nvd.nist.gov/vuln/detail/CVE-2021-3928 [ 8 ] CVE-2021-3968 https://nvd.nist.gov/vuln/detail/CVE-2021-3968 [ 9 ] CVE-2021-3973 https://nvd.nist.gov/vuln/detail/CVE-2021-3973 [ 10 ] CVE-2021-3974 https://nvd.nist.gov/vuln/detail/CVE-2021-3974 [ 11 ] CVE-2021-3984 https://nvd.nist.gov/vuln/detail/CVE-2021-3984 [ 12 ] CVE-2021-4019 https://nvd.nist.gov/vuln/detail/CVE-2021-4019 [ 13 ] CVE-2021-4069 https://nvd.nist.gov/vuln/detail/CVE-2021-4069 [ 14 ] CVE-2021-4136 https://nvd.nist.gov/vuln/detail/CVE-2021-4136 [ 15 ] CVE-2021-4166 https://nvd.nist.gov/vuln/detail/CVE-2021-4166 [ 16 ] CVE-2021-4173 https://nvd.nist.gov/vuln/detail/CVE-2021-4173 [ 17 ] CVE-2021-4187 https://nvd.nist.gov/vuln/detail/CVE-2021-4187 [ 18 ] CVE-2021-4192 https://nvd.nist.gov/vuln/detail/CVE-2021-4192 [ 19 ] CVE-2021-4193 https://nvd.nist.gov/vuln/detail/CVE-2021-4193 [ 20 ] CVE-2021-46059 https://nvd.nist.gov/vuln/detail/CVE-2021-46059 [ 21 ] CVE-2022-0128 https://nvd.nist.gov/vuln/detail/CVE-2022-0128 [ 22 ] CVE-2022-0156 https://nvd.nist.gov/vuln/detail/CVE-2022-0156 [ 23 ] CVE-2022-0158 https://nvd.nist.gov/vuln/detail/CVE-2022-0158 [ 24 ] CVE-2022-0213 https://nvd.nist.gov/vuln/detail/CVE-2022-0213 [ 25 ] CVE-2022-0261 https://nvd.nist.gov/vuln/detail/CVE-2022-0261 [ 26 ] CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 [ 27 ] CVE-2022-0319 https://nvd.nist.gov/vuln/detail/CVE-2022-0319 [ 28 ] CVE-2022-0351 https://nvd.nist.gov/vuln/detail/CVE-2022-0351 [ 29 ] CVE-2022-0359 https://nvd.nist.gov/vuln/detail/CVE-2022-0359 [ 30 ] CVE-2022-0361 https://nvd.nist.gov/vuln/detail/CVE-2022-0361 [ 31 ] CVE-2022-0368 https://nvd.nist.gov/vuln/detail/CVE-2022-0368 [ 32 ] CVE-2022-0392 https://nvd.nist.gov/vuln/detail/CVE-2022-0392 [ 33 ] CVE-2022-0393 https://nvd.nist.gov/vuln/detail/CVE-2022-0393 [ 34 ] CVE-2022-0407 https://nvd.nist.gov/vuln/detail/CVE-2022-0407 [ 35 ] CVE-2022-0408 https://nvd.nist.gov/vuln/detail/CVE-2022-0408 [ 36 ] CVE-2022-0413 https://nvd.nist.gov/vuln/detail/CVE-2022-0413 [ 37 ] CVE-2022-0417 https://nvd.nist.gov/vuln/detail/CVE-2022-0417 [ 38 ] CVE-2022-0443 https://nvd.nist.gov/vuln/detail/CVE-2022-0443 [ 39 ] CVE-2022-0554 https://nvd.nist.gov/vuln/detail/CVE-2022-0554 [ 40 ] CVE-2022-0629 https://nvd.nist.gov/vuln/detail/CVE-2022-0629 [ 41 ] CVE-2022-0685 https://nvd.nist.gov/vuln/detail/CVE-2022-0685 [ 42 ] CVE-2022-0714 https://nvd.nist.gov/vuln/detail/CVE-2022-0714 [ 43 ] CVE-2022-0729 https://nvd.nist.gov/vuln/detail/CVE-2022-0729 [ 44 ] CVE-2022-0943 https://nvd.nist.gov/vuln/detail/CVE-2022-0943 [ 45 ] CVE-2022-1154 https://nvd.nist.gov/vuln/detail/CVE-2022-1154 [ 46 ] CVE-2022-1160 https://nvd.nist.gov/vuln/detail/CVE-2022-1160 [ 47 ] CVE-2022-1381 https://nvd.nist.gov/vuln/detail/CVE-2022-1381 [ 48 ] CVE-2022-1420 https://nvd.nist.gov/vuln/detail/CVE-2022-1420 [ 49 ] CVE-2022-1616 https://nvd.nist.gov/vuln/detail/CVE-2022-1616 [ 50 ] CVE-2022-1619 https://nvd.nist.gov/vuln/detail/CVE-2022-1619 [ 51 ] CVE-2022-1620 https://nvd.nist.gov/vuln/detail/CVE-2022-1620 [ 52 ] CVE-2022-1621 https://nvd.nist.gov/vuln/detail/CVE-2022-1621 [ 53 ] CVE-2022-1629 https://nvd.nist.gov/vuln/detail/CVE-2022-1629 [ 54 ] CVE-2022-1674 https://nvd.nist.gov/vuln/detail/CVE-2022-1674 [ 55 ] CVE-2022-1720 https://nvd.nist.gov/vuln/detail/CVE-2022-1720 [ 56 ] CVE-2022-1733 https://nvd.nist.gov/vuln/detail/CVE-2022-1733 [ 57 ] CVE-2022-1735 https://nvd.nist.gov/vuln/detail/CVE-2022-1735 [ 58 ] CVE-2022-1769 https://nvd.nist.gov/vuln/detail/CVE-2022-1769 [ 59 ] CVE-2022-1771 https://nvd.nist.gov/vuln/detail/CVE-2022-1771 [ 60 ] CVE-2022-1785 https://nvd.nist.gov/vuln/detail/CVE-2022-1785 [ 61 ] CVE-2022-1796 https://nvd.nist.gov/vuln/detail/CVE-2022-1796 [ 62 ] CVE-2022-1851 https://nvd.nist.gov/vuln/detail/CVE-2022-1851 [ 63 ] CVE-2022-1886 https://nvd.nist.gov/vuln/detail/CVE-2022-1886 [ 64 ] CVE-2022-1897 https://nvd.nist.gov/vuln/detail/CVE-2022-1897 [ 65 ] CVE-2022-1898 https://nvd.nist.gov/vuln/detail/CVE-2022-1898 [ 66 ] CVE-2022-1927 https://nvd.nist.gov/vuln/detail/CVE-2022-1927 [ 67 ] CVE-2022-1942 https://nvd.nist.gov/vuln/detail/CVE-2022-1942 [ 68 ] CVE-2022-1968 https://nvd.nist.gov/vuln/detail/CVE-2022-1968 [ 69 ] CVE-2022-2000 https://nvd.nist.gov/vuln/detail/CVE-2022-2000 [ 70 ] CVE-2022-2042 https://nvd.nist.gov/vuln/detail/CVE-2022-2042 [ 71 ] CVE-2022-2124 https://nvd.nist.gov/vuln/detail/CVE-2022-2124 [ 72 ] CVE-2022-2125 https://nvd.nist.gov/vuln/detail/CVE-2022-2125 [ 73 ] CVE-2022-2126 https://nvd.nist.gov/vuln/detail/CVE-2022-2126 [ 74 ] CVE-2022-2129 https://nvd.nist.gov/vuln/detail/CVE-2022-2129 [ 75 ] CVE-2022-2175 https://nvd.nist.gov/vuln/detail/CVE-2022-2175 [ 76 ] CVE-2022-2182 https://nvd.nist.gov/vuln/detail/CVE-2022-2182 [ 77 ] CVE-2022-2183 https://nvd.nist.gov/vuln/detail/CVE-2022-2183 [ 78 ] CVE-2022-2206 https://nvd.nist.gov/vuln/detail/CVE-2022-2206 [ 79 ] CVE-2022-2207 https://nvd.nist.gov/vuln/detail/CVE-2022-2207 [ 80 ] CVE-2022-2208 https://nvd.nist.gov/vuln/detail/CVE-2022-2208 [ 81 ] CVE-2022-2210 https://nvd.nist.gov/vuln/detail/CVE-2022-2210 [ 82 ] CVE-2022-2231 https://nvd.nist.gov/vuln/detail/CVE-2022-2231 [ 83 ] CVE-2022-2257 https://nvd.nist.gov/vuln/detail/CVE-2022-2257 [ 84 ] CVE-2022-2264 https://nvd.nist.gov/vuln/detail/CVE-2022-2264 [ 85 ] CVE-2022-2284 https://nvd.nist.gov/vuln/detail/CVE-2022-2284 [ 86 ] CVE-2022-2285 https://nvd.nist.gov/vuln/detail/CVE-2022-2285 [ 87 ] CVE-2022-2286 https://nvd.nist.gov/vuln/detail/CVE-2022-2286 [ 88 ] CVE-2022-2287 https://nvd.nist.gov/vuln/detail/CVE-2022-2287 [ 89 ] CVE-2022-2288 https://nvd.nist.gov/vuln/detail/CVE-2022-2288 [ 90 ] CVE-2022-2289 https://nvd.nist.gov/vuln/detail/CVE-2022-2289 [ 91 ] CVE-2022-2304 https://nvd.nist.gov/vuln/detail/CVE-2022-2304 [ 92 ] CVE-2022-2343 https://nvd.nist.gov/vuln/detail/CVE-2022-2343 [ 93 ] CVE-2022-2344 https://nvd.nist.gov/vuln/detail/CVE-2022-2344 [ 94 ] CVE-2022-2345 https://nvd.nist.gov/vuln/detail/CVE-2022-2345 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-32 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7 macOS Big Sur 11.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213443. AppleMobileFileIntegrity Available for: macOS Big Sur Impact: An app may be able to access user-sensitive data Description: An issue in code signature validation was addressed with improved checks. CVE-2022-42789: Koh M. Nakagawa of FFRI Security, Inc. Entry added October 27, 2022 ATS Available for: macOS Big Sur Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions. CVE-2022-32904: Mickey Jin (@patch1t) Entry added October 27, 2022 ATS Available for: macOS Big Sur Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management. CVE-2022-32902: Mickey Jin (@patch1t) Calendar Available for: macOS Big Sur Impact: An app may be able to read sensitive location information Description: An access issue was addressed with improved access restrictions. CVE-2022-42819: an anonymous researcher Entry added October 27, 2022 Contacts Available for: macOS Big Sur Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved checks. CVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security GarageBand Available for: macOS Big Sur Impact: An app may be able to access user-sensitive data Description: A configuration issue was addressed with additional restrictions. CVE-2022-32877: Wojciech Reguła (@_r3ggi) of SecuRing Entry added October 27, 2022 ImageIO Available for: macOS Big Sur Impact: Processing an image may lead to a denial-of-service Description: A denial-of-service issue was addressed with improved validation. CVE-2022-1622 Entry added October 27, 2022 Image Processing Available for: macOS Big Sur Impact: A sandboxed app may be able to determine which app is currently using the camera Description: The issue was addressed with additional restrictions on the observability of app states. CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit) Entry added October 27, 2022 iMovie Available for: macOS Big Sur Impact: A user may be able to view sensitive user information Description: This issue was addressed by enabling hardened runtime. CVE-2022-32896: Wojciech Reguła (@_r3ggi) Kernel Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-32914: Zweig of Kunlun Lab Entry added October 27, 2022 Kernel Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de) CVE-2022-32911: Zweig of Kunlun Lab CVE-2022-32924: Ian Beer of Google Project Zero Entry updated October 27, 2022 Kernel Available for: macOS Big Sur Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de) Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32894: an anonymous researcher Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: The issue was addressed with improved bounds checks. CVE-2022-32917: an anonymous researcher Maps Available for: macOS Big Sur Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions. CVE-2022-32883: Ron Masas of breakpointhq.com Entry updated October 27, 2022 MediaLibrary Available for: macOS Big Sur Impact: A user may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-32908: an anonymous researcher ncurses Available for: macOS Big Sur Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2021-39537 Entry added October 27, 2022 PackageKit Available for: macOS Big Sur Impact: An app may be able to gain elevated privileges Description: A logic issue was addressed with improved state management. CVE-2022-32900: Mickey Jin (@patch1t) Sandbox Available for: macOS Big Sur Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved restrictions. CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security Entry added October 27, 2022 Security Available for: macOS Big Sur Impact: An app may be able to bypass code signing checks Description: An issue in code signature validation was addressed with improved checks. CVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de) Entry added October 27, 2022 Sidecar Available for: macOS Big Sur Impact: A user may be able to view restricted content from the lock screen Description: A logic issue was addressed with improved state management. CVE-2022-42790: Om kothawade of Zaprico Digital Entry added October 27, 2022 SMB Available for: macOS Big Sur Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling. CVE-2022-32934: Felix Poulin-Belanger Entry added October 27, 2022 Vim Available for: macOS Big Sur Impact: Processing a maliciously crafted file may lead to a denial- of-service or potentially disclose memory contents Description: This issue was addressed with improved checks. CVE-2022-1720 CVE-2022-2000 CVE-2022-2042 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 Entry added October 27, 2022 Weather Available for: macOS Big Sur Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved state management. CVE-2022-32875: an anonymous researcher Entry added October 27, 2022 WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. WebKit Bugzilla: 242047 CVE-2022-32888: P1umer (@p1umer) Entry added October 27, 2022 Additional recognition Identity Services We would like to acknowledge Joshua Jones for their assistance. macOS Big Sur 11.7 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpYACgkQ4RjMIDke NxnDzw/7BbMWXxZ6uPMWb3LMFZlymEZMCtL5S27GA8HXiz7SU6c2wPrF1ofp8Bbz pYGy4OrK17rAb/qHIig03TVE6EJl4ScZHv7STn1gQ5ciKqud6jL16mm2BjRCm2T4 ZQtTzrQrSRHJbBSUSsnZxi5Wp9wjIA6w8JVvMqdBrnpu3yWt8Jo0tW0d/nO1EK3I QlfDgOaiZrdHN2m/Y+kjWOhRqDLe2QWObQh95Gyybi3++ctTr58PBLBYLhWgLMoV AMj69PLudFI8cEeqhDlfVK7ept2O+WLkYeI/Px5nG7YHhndr9fiR55Rz5m2Hl44k rnxDKs9hVQLwSHAo9uJ1DBUteEzgdUJWiwGxP4InnCmhlXpJl7AkVsr7bq5iaDcT o32wNfv1BEzBBvINNfw1PZ+JwNmEwugSj1UX54GFOj3B9WjGguIi0dMqOc0j6GKm xnIwzPIlHhHb/1D17kl/kTQH602w/Mf5OIlSfL/mk0CKjwR+0QvQF5HXhULJHbqJ Kpx8C1JfhnyWqBoCuh+URCKlZJ4T3P6IUgoRzuX4Jk3TDABCP5jgEZOzj76JPE1y IVt8ULLARjjUdEOzC8dZkaeGUOAerzfxIU8QJwmrnHQI3vQX7JR9MbK1S+PRJsGy 1h69HcdL2HGpjPyDf9uI2nMOntOUrTz/PqjQUzmfllq3B42RPZs= =euaC -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6557-1 December 14, 2023 vim vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 23.04 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in Vim. Software Description: - vim: Vi IMproved - enhanced vi editor Details: It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1725) It was discovered that Vim could be made to recurse infinitely. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1771) It was discovered that Vim could be made to write out of bounds with a put command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1886) It was discovered that Vim could be made to write out of bounds. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1897, CVE-2022-2000) It was discovered that Vim did not properly manage memory in the spell command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2042) It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2023-46246, CVE-2023-48231) It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-48232) It was discovered that Vim contained multiple arithmetic overflows. An attacker could possibly use these issues to cause a denial of service. (CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237) It was discovered that Vim did not properly manage memory in the substitute command. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-48706) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: vim 2:9.0.1672-1ubuntu2.2 vim-athena 2:9.0.1672-1ubuntu2.2 vim-gtk3 2:9.0.1672-1ubuntu2.2 vim-nox 2:9.0.1672-1ubuntu2.2 vim-tiny 2:9.0.1672-1ubuntu2.2 xxd 2:9.0.1672-1ubuntu2.2 Ubuntu 23.04: vim 2:9.0.1000-4ubuntu3.3 vim-athena 2:9.0.1000-4ubuntu3.3 vim-gtk3 2:9.0.1000-4ubuntu3.3 vim-nox 2:9.0.1000-4ubuntu3.3 vim-tiny 2:9.0.1000-4ubuntu3.3 xxd 2:9.0.1000-4ubuntu3.3 Ubuntu 22.04 LTS: vim 2:8.2.3995-1ubuntu2.15 vim-athena 2:8.2.3995-1ubuntu2.15 vim-gtk 2:8.2.3995-1ubuntu2.15 vim-gtk3 2:8.2.3995-1ubuntu2.15 vim-nox 2:8.2.3995-1ubuntu2.15 vim-tiny 2:8.2.3995-1ubuntu2.15 xxd 2:8.2.3995-1ubuntu2.15 Ubuntu 20.04 LTS: vim 2:8.1.2269-1ubuntu5.21 vim-athena 2:8.1.2269-1ubuntu5.21 vim-gtk 2:8.1.2269-1ubuntu5.21 vim-gtk3 2:8.1.2269-1ubuntu5.21 vim-nox 2:8.1.2269-1ubuntu5.21 vim-tiny 2:8.1.2269-1ubuntu5.21 xxd 2:8.1.2269-1ubuntu5.21 Ubuntu 18.04 LTS (Available with Ubuntu Pro): vim 2:8.0.1453-1ubuntu1.13+esm7 vim-athena 2:8.0.1453-1ubuntu1.13+esm7 vim-gtk 2:8.0.1453-1ubuntu1.13+esm7 vim-gtk3 2:8.0.1453-1ubuntu1.13+esm7 vim-nox 2:8.0.1453-1ubuntu1.13+esm7 vim-tiny 2:8.0.1453-1ubuntu1.13+esm7 xxd 2:8.0.1453-1ubuntu1.13+esm7 Ubuntu 16.04 LTS (Available with Ubuntu Pro): vim 2:7.4.1689-3ubuntu1.5+esm22 vim-athena 2:7.4.1689-3ubuntu1.5+esm22 vim-gtk 2:7.4.1689-3ubuntu1.5+esm22 vim-gtk3 2:7.4.1689-3ubuntu1.5+esm22 vim-nox 2:7.4.1689-3ubuntu1.5+esm22 vim-tiny 2:7.4.1689-3ubuntu1.5+esm22 Ubuntu 14.04 LTS (Available with Ubuntu Pro): vim 2:7.4.052-1ubuntu3.1+esm15 vim-athena 2:7.4.052-1ubuntu3.1+esm15 vim-gtk 2:7.4.052-1ubuntu3.1+esm15 vim-nox 2:7.4.052-1ubuntu3.1+esm15 vim-tiny 2:7.4.052-1ubuntu3.1+esm15 In general, a standard system update will make all the necessary changes

Trust: 2.34

sources: NVD: CVE-2022-2000 // JVNDB: JVNDB-2022-011269 // VULHUB: VHN-424304 // VULMON: CVE-2022-2000 // PACKETSTORM: 167749 // PACKETSTORM: 168124 // PACKETSTORM: 172122 // PACKETSTORM: 169585 // PACKETSTORM: 169576 // PACKETSTORM: 176249

AFFECTED PRODUCTS

vendor:	vim	model:	vim	scope:	lt	version:	8.2.5063	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	12.6	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	35	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.7	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	12.0	Trust: 1.0
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	vim	model:	vim	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-011269 // NVD: CVE-2022-2000

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-2000
value:	HIGH
Trust: 1.0
security@huntr.dev:	CVE-2022-2000
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-2000
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202206-947
value:	HIGH
Trust: 0.6
VULHUB:	VHN-424304
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-2000
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-2000
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-424304
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

security@huntr.dev:	CVE-2022-2000
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2022-2000
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-424304 // VULMON: CVE-2022-2000 // JVNDB: JVNDB-2022-011269 // CNNVD: CNNVD-202206-947 // NVD: CVE-2022-2000 // NVD: CVE-2022-2000

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.1
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-424304 // JVNDB: JVNDB-2022-011269 // NVD: CVE-2022-2000

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202206-947

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202206-947

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-424304

PATCH

title:	HT213444 Apple Security update	url:	https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html	Trust: 0.8
title:	Vim Buffer error vulnerability fix	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=196479	Trust: 0.6
title:	Red Hat:	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2022-2000	Trust: 0.1
title:	Debian CVElist Bug Report Logs: vim: CVE-2022-1942 CVE-2022-1968 CVE-2022-2000 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2285 CVE-2022-2288 CVE-2022-2304 CVE-2022-2207 CVE-2022-1616 CVE-2022-1619 CVE-2022-1621 CVE-2022-1720 CVE-2022-1785 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=11dbcf77118f7ec64d0ef6c1e3c087e3	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2022-1628	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1628	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2022-1829	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1829	Trust: 0.1
title:	Amazon Linux 2022: ALAS2022-2022-116	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-116	Trust: 0.1

sources: VULMON: CVE-2022-2000 // JVNDB: JVNDB-2022-011269 // CNNVD: CNNVD-202206-947

EXTERNAL IDS

db:	NVD	id:	CVE-2022-2000	Trust: 4.0
db:	PACKETSTORM	id:	169585	Trust: 0.8
db:	PACKETSTORM	id:	167749	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-011269	Trust: 0.8
db:	CNNVD	id:	CNNVD-202206-947	Trust: 0.7
db:	AUSCERT	id:	ESB-2022.3431	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5300	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.6148	Trust: 0.6
db:	CS-HELP	id:	SB2022071351	Trust: 0.6
db:	PACKETSTORM	id:	169576	Trust: 0.2
db:	VULHUB	id:	VHN-424304	Trust: 0.1
db:	VULMON	id:	CVE-2022-2000	Trust: 0.1
db:	PACKETSTORM	id:	168124	Trust: 0.1
db:	PACKETSTORM	id:	172122	Trust: 0.1
db:	PACKETSTORM	id:	176249	Trust: 0.1

sources: VULHUB: VHN-424304 // VULMON: CVE-2022-2000 // JVNDB: JVNDB-2022-011269 // PACKETSTORM: 167749 // PACKETSTORM: 168124 // PACKETSTORM: 172122 // PACKETSTORM: 169585 // PACKETSTORM: 169576 // PACKETSTORM: 176249 // CNNVD: CNNVD-202206-947 // NVD: CVE-2022-2000

REFERENCES

url:	https://security.gentoo.org/glsa/202208-32	Trust: 1.9
url:	https://huntr.dev/bounties/f61a64e2-d163-461b-a77e-46ab38e021f0	Trust: 1.8
url:	https://github.com/vim/vim/commit/44a3f3353e0407e9fffee138125a6927d1c9e7e5	Trust: 1.8
url:	https://support.apple.com/kb/ht213443	Trust: 1.7
url:	https://support.apple.com/kb/ht213444	Trust: 1.7
url:	https://support.apple.com/kb/ht213488	Trust: 1.7
url:	http://seclists.org/fulldisclosure/2022/oct/28	Trust: 1.7
url:	http://seclists.org/fulldisclosure/2022/oct/41	Trust: 1.7
url:	http://seclists.org/fulldisclosure/2022/oct/43	Trust: 1.7
url:	http://seclists.org/fulldisclosure/2022/oct/45	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html	Trust: 1.7
url:	https://security.gentoo.org/glsa/202305-16	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2000	Trust: 1.4
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4jjnus4aevysejmck6jzb57qhd5v2g4o/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4jjnus4aevysejmck6jzb57qhd5v2g4o/	Trust: 0.8
url:	https://packetstormsecurity.com/files/167749/ubuntu-security-notice-usn-5516-1.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/169585/apple-security-advisory-2022-10-27-9.html	Trust: 0.6
url:	https://vigilance.fr/vulnerability/vim-buffer-overflow-via-parse-cmd-address-38615	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022071351	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-2000/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5300	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.6148	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3431	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2042	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2124	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1720	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2126	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1886	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1771	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2125	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0361	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2129	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0261	Trust: 0.2
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1927	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2175	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2286	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1851	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2287	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1674	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1968	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1621	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0318	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2284	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2288	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0392	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2345	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2257	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1154	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0368	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2343	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1381	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1735	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1733	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2207	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1629	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2183	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1616	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2264	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1619	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2304	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1620	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0319	Trust: 0.2
url:	https://bugs.gentoo.org.	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1898	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2344	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0351	Trust: 0.2
url:	https://security.gentoo.org/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1785	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1796	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2206	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1769	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1897	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2289	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0359	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1420	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2182	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1160	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2231	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2285	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2208	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1942	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2210	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1725	Trust: 0.2
url:	https://support.apple.com/en-us/ht201222.	Trust: 0.2
url:	https://support.apple.com/downloads/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1622	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-39537	Trust: 0.2
url:	https://www.apple.com/support/security/pgp/	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-2000	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015984	Trust: 0.1
url:	https://alas.aws.amazon.com/alas-2022-1628.html	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5516-1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0413	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0943	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3796	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0408	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0158	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0417	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0128	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0443	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0714	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4193	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3778	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3984	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0629	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0393	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0156	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4069	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4166	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3927	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0685	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3974	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3928	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4019	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3968	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0213	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-0729	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-46059	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3770	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3973	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4187	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4173	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3872	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4192	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-4136	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2845	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2816	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2862	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3256	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3296	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3153	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3705	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3235	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2889	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0051	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2923	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2982	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3520	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4293	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3099	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2874	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3016	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3278	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-47024	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0054	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4141	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2819	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2946	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-0049	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2849	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3324	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2980	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2817	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2522	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3591	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-4292	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3134	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3297	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3352	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3491	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-3234	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32866	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32864	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32877	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32854	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32881	Trust: 0.1
url:	https://support.apple.com/ht213443.	Trust: 0.1
url:	https://support.apple.com/ht213444.	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/vim/2:9.0.1672-1ubuntu2.2	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-6557-1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-48237	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/vim/2:8.1.2269-1ubuntu5.21	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.15	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-48706	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-48236	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2023-48232	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/vim/2:9.0.1000-4ubuntu3.3	Trust: 0.1

CREDITS

Ubuntu

Trust: 0.2

sources: PACKETSTORM: 167749 // PACKETSTORM: 176249

SOURCES

db:	VULHUB	id:	VHN-424304
db:	VULMON	id:	CVE-2022-2000
db:	JVNDB	id:	JVNDB-2022-011269
db:	PACKETSTORM	id:	167749
db:	PACKETSTORM	id:	168124
db:	PACKETSTORM	id:	172122
db:	PACKETSTORM	id:	169585
db:	PACKETSTORM	id:	169576
db:	PACKETSTORM	id:	176249
db:	CNNVD	id:	CNNVD-202206-947
db:	NVD	id:	CVE-2022-2000

LAST UPDATE DATE

2024-08-14T13:16:26.546000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-424304	date:	2022-11-29T00:00:00
db:	VULMON	id:	CVE-2022-2000	date:	2022-08-21T00:00:00
db:	JVNDB	id:	JVNDB-2022-011269	date:	2023-08-21T07:52:00
db:	CNNVD	id:	CNNVD-202206-947	date:	2023-05-04T00:00:00
db:	NVD	id:	CVE-2022-2000	date:	2023-11-07T03:46:08.880

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-424304	date:	2022-06-09T00:00:00
db:	VULMON	id:	CVE-2022-2000	date:	2022-06-09T00:00:00
db:	JVNDB	id:	JVNDB-2022-011269	date:	2023-08-21T00:00:00
db:	PACKETSTORM	id:	167749	date:	2022-07-14T14:34:34
db:	PACKETSTORM	id:	168124	date:	2022-08-22T16:01:59
db:	PACKETSTORM	id:	172122	date:	2023-05-03T15:29:00
db:	PACKETSTORM	id:	169585	date:	2022-10-31T14:50:18
db:	PACKETSTORM	id:	169576	date:	2022-10-31T14:42:57
db:	PACKETSTORM	id:	176249	date:	2023-12-15T15:15:14
db:	CNNVD	id:	CNNVD-202206-947	date:	2022-06-09T00:00:00
db:	NVD	id:	CVE-2022-2000	date:	2022-06-09T16:15:08.513