Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2023 Greenbone AGOPENVAS:1361412562310885325
HistoryNov 27, 2023 - 12:00 a.m.

Fedora: Security Advisory for vim (FEDORA-2023-ce3f7d4818)

2023-11-2700:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
4
fedora
security advisory
vim
fedora-2023-ce3f7d4818
update
vim
vi editor
package
vulnerability
fedora 37

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

5.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.2%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.885325");
  script_version("2023-12-07T05:05:41+0000");
  script_cve_id("CVE-2023-48233", "CVE-2023-48231", "CVE-2023-48232", "CVE-2023-48234", "CVE-2023-48235", "CVE-2023-48236", "CVE-2023-48237");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_tag(name:"last_modification", value:"2023-12-07 05:05:41 +0000 (Thu, 07 Dec 2023)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2023-11-24 18:27:00 +0000 (Fri, 24 Nov 2023)");
  script_tag(name:"creation_date", value:"2023-11-27 02:16:29 +0000 (Mon, 27 Nov 2023)");
  script_name("Fedora: Security Advisory for vim (FEDORA-2023-ce3f7d4818)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2023 Greenbone AG");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC37");

  script_xref(name:"Advisory-ID", value:"FEDORA-2023-ce3f7d4818");
  script_xref(name:"URL", value:"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'vim'
  package(s) announced via the FEDORA-2023-ce3f7d4818 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"VIM (VIsual editor iMproved) is an updated and improved version of the
vi editor.  Vi was the first real screen-based editor for UNIX, and is
still very popular.  VIM improves on vi by adding new features:
multiple windows, multi-level undo, block highlighting and more.");

  script_tag(name:"affected", value:"'vim' package(s) on Fedora 37.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "FC37") {

  if(!isnull(res = isrpmvuln(pkg:"vim", rpm:"vim~9.0.2120~1.fc37", rls:"FC37"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

nessus 34
openvas 23
slackware 1
fedora 3
amazon 2
redos 1
mageia 1
photon 3
ubuntu 1
osv 1
cloudfoundry 1
cvelist 7
ubuntucve 7
cbl_mariner 7
debiancve 7
alpinelinux 7
nvd 7
redhatcve 7
prion 7
cve 7
veracode 6
hp 1
nessus
nessus
Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-447)
2023-12-15 00:00:00
Amazon Linux 2 : vim (ALAS-2023-2353)
2023-12-04 00:00:00
Slackware Linux 15.0 / current vim Multiple Vulnerabilities (SSA:2023-328-01)
2023-11-24 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2023-328-01)
2023-11-27 00:00:00
Fedora: Security Advisory for vim (FEDORA-2023-45cf2b4014)
2023-11-24 00:00:00
Fedora: Security Advisory for vim (FEDORA-2023-eec2cdb7ed)
2023-11-27 00:00:00
slackware
slackware
[slackware-security] vim
2023-11-24 20:58:39
fedora
fedora
[SECURITY] Fedora 37 Update: vim-9.0.2120-1.fc37
2023-11-26 03:08:40
[SECURITY] Fedora 39 Update: vim-9.0.2120-1.fc39
2023-11-24 01:37:40
[SECURITY] Fedora 38 Update: vim-9.0.2120-1.fc38
2023-11-26 03:05:59
amazon
amazon
Low: vim
2023-11-29 22:19:00
Low: vim
2024-01-03 22:37:00
redos
redos
ROS-20240329-01
2024-03-29 00:00:00
mageia
mageia
Updated vim packages fix security vulnerabilities
2023-12-08 13:55:49
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0520
2023-11-24 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0692
2023-11-26 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0154
2023-11-24 00:00:00
ubuntu
ubuntu
Vim vulnerabilities
2023-12-14 00:00:00
osv
osv
vim vulnerabilities
2023-12-14 17:31:12
cloudfoundry
cloudfoundry
USN-6557-1: Vim vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
cvelist
cvelist
CVE-2023-48232 Floating point Exception in adjust_plines_for_skipcol() in vim
2023-11-16 22:57:17
CVE-2023-48231 Use-After-Free in win_close() in vim
2023-11-16 22:59:37
CVE-2023-48237 overflow in shift_line in vim
2023-11-16 22:45:57
ubuntucve
ubuntucve
CVE-2023-48233
2023-11-16 00:00:00
CVE-2023-48232
2023-11-16 00:00:00
CVE-2023-48237
2023-11-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-48233 affecting package vim for versions less than 9.0.2112-1
2023-12-05 04:40:34
CVE-2023-48232 affecting package vim for versions less than 9.0.2112-1
2023-12-05 04:40:34
CVE-2023-48234 affecting package vim for versions less than 9.0.2112-1
2023-12-05 04:40:34
debiancve
debiancve
CVE-2023-48234
2023-11-16 23:15:09
CVE-2023-48232
2023-11-16 23:15:08
CVE-2023-48231
2023-11-16 23:15:08
alpinelinux
alpinelinux
CVE-2023-48236
2023-11-16 23:15:09
CVE-2023-48235
2023-11-16 23:15:09
CVE-2023-48237
2023-11-16 23:15:09
nvd
nvd
CVE-2023-48236
2023-11-16 23:15:09
CVE-2023-48231
2023-11-16 23:15:08
CVE-2023-48232
2023-11-16 23:15:08
redhatcve
redhatcve
CVE-2023-48236
2023-11-17 12:50:49
CVE-2023-48232
2023-11-17 12:20:03
CVE-2023-48237
2023-11-17 12:50:59
prion
prion
Design/Logic Flaw
2023-11-16 23:15:00
Design/Logic Flaw
2023-11-16 23:15:00
Design/Logic Flaw
2023-11-16 23:15:00
cve
cve
CVE-2023-48231
2023-11-16 23:15:08
CVE-2023-48232
2023-11-16 23:15:08
CVE-2023-48236
2023-11-16 23:15:09
veracode
veracode
Denial Of Service
2023-11-28 08:56:35
Integer Overflow
2023-11-28 08:56:38
Buffer Overflow
2023-11-28 08:56:38
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

5.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.2%

JSON
Related for OPENVAS:1361412562310885325
nessus34openvas23slackware1fedora3amazon2redos1mageia1photon3ubuntu1osv1cloudfoundry1cvelist7ubuntucve7cbl_mariner7debiancve7alpinelinux7nvd7redhatcve7prion7cve7veracode6hp1