Lucene search
AlmaLinuxALSA-2022:5813HistoryAug 03, 2022 - 12:00 a.m.
Moderate: vim security update
2022-08-0300:00:00
errata.almalinux.org
14
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
47.1%
Vim (Vi IMproved) is an updated and improved version of the vi editor.
Security Fix(es):
- vim: Out-of-bounds Write (CVE-2022-1785)
- vim: out-of-bounds write in vim_regsub_both() in regexp.c (CVE-2022-1897)
- vim: buffer over-read in utf_ptr2char() in mbyte.c (CVE-2022-1927)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 8 | noarch | vim-filesystem | < 8.0.1763-19.el8_6.4 | vim-filesystem-8.0.1763-19.el8_6.4.noarch.rpm |
| almalinux | 8 | aarch64 | vim-x11 | < 8.0.1763-19.el8_6.4 | vim-X11-8.0.1763-19.el8_6.4.aarch64.rpm |
| almalinux | 8 | aarch64 | vim-minimal | < 8.0.1763-19.el8_6.4 | vim-minimal-8.0.1763-19.el8_6.4.aarch64.rpm |
| almalinux | 8 | aarch64 | vim-enhanced | < 8.0.1763-19.el8_6.4 | vim-enhanced-8.0.1763-19.el8_6.4.aarch64.rpm |
| almalinux | 8 | aarch64 | vim-common | < 8.0.1763-19.el8_6.4 | vim-common-8.0.1763-19.el8_6.4.aarch64.rpm |
| almalinux | 8 | x86_64 | vim-common | < 8.0.1763-19.el8_6.4 | vim-common-8.0.1763-19.el8_6.4.x86_64.rpm |
| almalinux | 8 | x86_64 | vim-minimal | < 8.0.1763-19.el8_6.4 | vim-minimal-8.0.1763-19.el8_6.4.x86_64.rpm |
| almalinux | 8 | x86_64 | vim-enhanced | < 8.0.1763-19.el8_6.4 | vim-enhanced-8.0.1763-19.el8_6.4.x86_64.rpm |
| almalinux | 8 | x86_64 | vim-x11 | < 8.0.1763-19.el8_6.4 | vim-X11-8.0.1763-19.el8_6.4.x86_64.rpm |
| almalinux | 8 | ppc64le | vim-enhanced | < 8.0.1763-19.el8_6.4 | vim-enhanced-8.0.1763-19.el8_6.4.ppc64le.rpm |
References
Related
rocky
rocky
vim security update
2022-08-09 09:32:59
vim security update
2022-08-02 06:59:03
nessus
nessus
Rocky Linux 8 : vim (RLSA-2022:5813)
2022-08-16 00:00:00
RHEL 8 : vim (RHSA-2022:5813)
2022-08-03 00:00:00
Oracle Linux 9 : vim (ELSA-2022-5942)
2022-08-10 00:00:00
redhat
redhat
(RHSA-2022:5942) Moderate: vim security update
2022-08-09 09:32:59
(RHSA-2022:5813) Moderate: vim security update
2022-08-02 06:59:03
almalinux
almalinux
Moderate: vim security update
2022-08-09 00:00:00
osv
osv
Moderate: vim security update
2022-08-09 00:00:00
Moderate: vim security update
2022-08-02 06:59:03
Moderate: vim security update
2022-08-09 09:32:59
oraclelinux
oraclelinux
vim security update
2022-08-10 00:00:00
vim security update
2022-08-05 00:00:00
ibm
ibm
cloudlinux
cloudlinux
Fixed CVEs in vim: CVE-2022-1927, CVE-2022-1897
2022-06-15 19:21:00
Fixed CVEs in vim: CVE-2022-1785, CVE-2022-1796
2022-06-06 15:31:35
fedora
fedora
[SECURITY] Fedora 34 Update: vim-8.2.5046-1.fc34
2022-06-05 01:34:26
[SECURITY] Fedora 36 Update: vim-8.2.5046-1.fc36
2022-06-02 01:34:59
[SECURITY] Fedora 35 Update: vim-8.2.5052-1.fc35
2022-06-07 01:48:25
huntr
huntr
Out-of-bounds write in function vim_regsub_both
2022-05-25 14:18:01
Out-of-bounds write in function vim_regsub_both
2022-05-16 13:43:21
Buffer Over-read in function utf_ptr2char
2022-05-22 03:06:47
veracode
veracode
Out-of-bounds Write
2022-08-09 13:37:17
Denial Of Service (DoS)
2022-08-10 01:56:43
Out-Of-Bounds Read
2022-08-07 18:28:33
debiancve
debiancve
alpinelinux
alpinelinux
CVE-2022-1785
2022-05-19 13:15:00
CVE-2022-1927
2022-05-29 14:15:00
prion
prion
Design/Logic Flaw
2022-05-19 13:15:00
Design/Logic Flaw
2022-05-27 15:15:00
Buffer overflow
2022-05-29 14:15:00
cbl_mariner
cbl_mariner
CVE-2022-1785 affecting package vim 8.2.4774-1
2022-06-15 17:03:10
CVE-2022-1785 affecting package vim 8.2.4925-1
2022-06-26 03:29:39
cve
cve
ubuntucve
ubuntucve
redhatcve
redhatcve
rosalinux
rosalinux
Advisory ROSA-SA-2023-2215
2023-08-15 09:26:16
mageia
mageia
Updated vim packages fix security vulnerability
2022-06-09 23:49:47
photon
photon
Critical Photon OS Security Update - PHSA-2022-0199
2022-06-17 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0199
2022-06-17 00:00:00
Critical Photon OS Security Update - PHSA-2022-0487
2022-06-20 00:00:00
ubuntu
ubuntu
Vim vulnerabilities
2022-07-08 00:00:00
Vim vulnerabilities
2022-06-30 00:00:00
Vim vulnerabilities
2023-04-04 00:00:00
debian
debian
[SECURITY] [DLA 3204-1] vim security update
2022-11-24 09:17:54
amazon
amazon
Medium: vim
2022-07-28 20:41:00
Medium: vim
2022-07-19 01:26:00
redos
redos
ROS-20220525-01
2022-05-25 00:00:00
suse
suse
Security update for vim (important)
2022-06-16 00:00:00
cloudfoundry
cloudfoundry
USN-5995-1: Vim vulnerabilities | Cloud Foundry
2023-04-24 00:00:00
USN-6557-1: Vim vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
gentoo
gentoo
Vim, gVim: Multiple Vulnerabilities
2023-05-03 00:00:00
Vim, gVim: Multiple Vulnerabilities
2022-08-21 00:00:00
apple
apple
About the security content of macOS Ventura 13
2022-10-24 00:00:00
avleonov
avleonov
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
47.1%
Related for ALSA-2022:5813