rpm package
suse/vim&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
pkg:rpm/suse/vim&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS
Vulnerabilities (24)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3591 | — | < 9.0.1040-150000.5.31.1 | 9.0.1040-150000.5.31.1 | Dec 2, 2022 | Use After Free in GitHub repository vim/vim prior to 9.0.0789. | ||
| CVE-2022-3520 | — | < 9.0.1040-150000.5.31.1 | 9.0.1040-150000.5.31.1 | Dec 2, 2022 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. | ||
| CVE-2022-4141 | — | < 9.0.1040-150000.5.31.1 | 9.0.1040-150000.5.31.1 | Nov 25, 2022 | Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command. | ||
| CVE-2022-3705 | — | < 9.0.1040-150000.5.31.1 | 9.0.1040-150000.5.31.1 | Oct 26, 2022 | A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0 |
- CVE-2022-3591Dec 2, 2022affected < 9.0.1040-150000.5.31.1fixed 9.0.1040-150000.5.31.1
Use After Free in GitHub repository vim/vim prior to 9.0.0789.
- CVE-2022-3520Dec 2, 2022affected < 9.0.1040-150000.5.31.1fixed 9.0.1040-150000.5.31.1
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
- CVE-2022-4141Nov 25, 2022affected < 9.0.1040-150000.5.31.1fixed 9.0.1040-150000.5.31.1
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
- CVE-2022-3705Oct 26, 2022affected < 9.0.1040-150000.5.31.1fixed 9.0.1040-150000.5.31.1
A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0
Page 2 of 2