admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-11-08 17:00:33 +00:00
parent d1a4497864
commit 009150632b
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
45 changed files with 528 additions and 229 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/3xxx/CVE-2021-3927.json
View File

@ -109,6 +109,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2021/3xxx/CVE-2021-3928.json
View File

@ -109,6 +109,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2021/3xxx/CVE-2021-3974.json
View File

@ -104,6 +104,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2021/3xxx/CVE-2021-3984.json
View File

@ -99,6 +99,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2021/4xxx/CVE-2021-4019.json
View File

@ -104,6 +104,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2021/4xxx/CVE-2021-4069.json
View File

@ -104,6 +104,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2021/4xxx/CVE-2021-4192.json
View File

@ -129,6 +129,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2021/4xxx/CVE-2021-4193.json
View File

@ -129,6 +129,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0213.json
View File

@ -94,6 +94,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0261.json
View File

@ -114,6 +114,11 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0319.json
View File

@ -114,6 +114,11 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0351.json
View File

@ -114,6 +114,11 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0359.json
View File

@ -114,6 +114,11 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0361.json
View File

@ -114,6 +114,11 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0368.json
View File

@ -114,6 +114,11 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0408.json
View File

@ -99,6 +99,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0413.json
View File

@ -99,6 +99,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0417.json
View File

@ -99,6 +99,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/0xxx/CVE-2022-0443.json
View File

@ -99,6 +99,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

10
2022/0xxx/CVE-2022-0554.json
View File

@ -104,6 +104,16 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

10
2022/0xxx/CVE-2022-0572.json
View File

@ -104,6 +104,16 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

10
2022/0xxx/CVE-2022-0685.json
View File

@ -104,6 +104,16 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

10
2022/0xxx/CVE-2022-0714.json
View File

@ -109,6 +109,16 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

10
2022/0xxx/CVE-2022-0729.json
View File

@ -109,6 +109,16 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

10
2022/0xxx/CVE-2022-0943.json
View File

@ -109,6 +109,16 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/1xxx/CVE-2022-1154.json
View File

@ -104,6 +104,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

10
2022/1xxx/CVE-2022-1616.json
View File

@ -114,6 +114,16 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/1xxx/CVE-2022-1720.json
View File

@ -134,6 +134,11 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7",
"url": "http://seclists.org/fulldisclosure/2022/Oct/45"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

10
2022/1xxx/CVE-2022-1851.json
View File

@ -114,6 +114,16 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/1xxx/CVE-2022-1898.json
View File

@ -119,6 +119,11 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

10
2022/1xxx/CVE-2022-1968.json
View File

@ -99,6 +99,16 @@
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"refsource": "FULLDISC",
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/2xxx/CVE-2022-2285.json
View File

@ -94,6 +94,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/2xxx/CVE-2022-2304.json
View File

@ -94,6 +94,11 @@
"refsource": "GENTOO",
"name": "GLSA-202208-32",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

171
2022/2xxx/CVE-2022-2598.json
View File

@ -1,89 +1,94 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-2598",
"STATE": "PUBLIC",
"TITLE": "Undefined Behavior for Input to API in vim/vim"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vim/vim",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.0.0100"
}
]
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-2598",
"STATE": "PUBLIC",
"TITLE": "Undefined Behavior for Input to API in vim/vim"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vim/vim",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.0.0100"
}
]
}
}
]
},
"vendor_name": "vim"
}
}
]
},
"vendor_name": "vim"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Undefined Behavior for Input to API in GitHub repository vim/vim prior to 9.0.0100."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-475 Undefined Behavior for Input to API"
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Undefined Behavior for Input to API in GitHub repository vim/vim prior to 9.0.0100."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/2f08363a-47a2-422d-a7de-ce96a89ad08e",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/2f08363a-47a2-422d-a7de-ce96a89ad08e"
},
{
"name": "https://github.com/vim/vim/commit/4e677b9c40ccbc5f090971b31dc2fe07bf05541d",
"refsource": "MISC",
"url": "https://github.com/vim/vim/commit/4e677b9c40ccbc5f090971b31dc2fe07bf05541d"
}
]
},
"source": {
"advisory": "2f08363a-47a2-422d-a7de-ce96a89ad08e",
"discovery": "EXTERNAL"
}
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-475 Undefined Behavior for Input to API"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/2f08363a-47a2-422d-a7de-ce96a89ad08e",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/2f08363a-47a2-422d-a7de-ce96a89ad08e"
},
{
"name": "https://github.com/vim/vim/commit/4e677b9c40ccbc5f090971b31dc2fe07bf05541d",
"refsource": "MISC",
"url": "https://github.com/vim/vim/commit/4e677b9c40ccbc5f090971b31dc2fe07bf05541d"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},
"source": {
"advisory": "2f08363a-47a2-422d-a7de-ce96a89ad08e",
"discovery": "EXTERNAL"
}
}

5
2022/2xxx/CVE-2022-2946.json
View File

@ -84,6 +84,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-3b33d04743",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/3xxx/CVE-2022-3099.json
View File

@ -94,6 +94,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-c28b637883",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LLK2RMZEECKKWUQK7J46D2FQZOXFQLTC/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

173
2022/3xxx/CVE-2022-3134.json
View File

@ -1,89 +1,94 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-3134",
"STATE": "PUBLIC",
"TITLE": "Use After Free in vim/vim"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vim/vim",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.0.0389"
}
]
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-3134",
"STATE": "PUBLIC",
"TITLE": "Use After Free in vim/vim"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vim/vim",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.0.0389"
}
]
}
}
]
},
"vendor_name": "vim"
}
}
]
},
"vendor_name": "vim"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use After Free in GitHub repository vim/vim prior to 9.0.0389."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use After Free in GitHub repository vim/vim prior to 9.0.0389."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc"
},
{
"name": "https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e",
"refsource": "MISC",
"url": "https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e"
}
]
},
"source": {
"advisory": "6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc",
"discovery": "EXTERNAL"
}
}
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc"
},
{
"name": "https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e",
"refsource": "MISC",
"url": "https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},
"source": {
"advisory": "6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc",
"discovery": "EXTERNAL"
}
}

5
2022/3xxx/CVE-2022-3234.json
View File

@ -89,6 +89,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-fff548cfab",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/3xxx/CVE-2022-3324.json
View File

@ -89,6 +89,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-fff548cfab",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
},

5
2022/3xxx/CVE-2022-3705.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-06e4f1dd58",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4JCW33NOLMELTTTDJH7WGDIFJZ5YEEMK/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
}
]
}

18
2022/3xxx/CVE-2022-3896.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3896",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3897.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3897",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/3xxx/CVE-2022-3898.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-3898",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

64
2022/41xxx/CVE-2022-41206.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-41206",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) - versions 420, 430, allows an authenticated attacker to send user-controlled inputs when OLAP connections are created and edited in the Central Management Console. On successful exploitation, there could be a limited impact on confidentiality and integrity of the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,12 +40,12 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "420"
"version_value": "420",
"version_affected": "="
},
{
"version_affected": "=",
"version_value": "430"
"version_value": "430",
"version_affected": "="
}
]
}
@ -35,33 +56,6 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) - versions 420, 430, allows an authenticated attacker to send user-controlled inputs when OLAP connections are created and edited in the Central Management Console. On successful exploitation, there could be a limited impact on confidentiality and integrity of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
@ -75,5 +69,11 @@
"name": "https://launchpad.support.sap.com/#/notes/3229425"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
}
}

60
2022/41xxx/CVE-2022-41209.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-41209",
"ASSIGNER": "cna@sap.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. This can lead to information disclosure. In certain scenarios, application might also be susceptible to replay attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-326",
"cweId": "CWE-326"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,8 +40,8 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.4"
"version_value": "7.4",
"version_affected": "="
}
]
}
@ -31,33 +52,6 @@
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses encryption method which lacks proper diffusion and does not hide the patterns well. This can lead to information disclosure. In certain scenarios, application might also be susceptible to replay attacks."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-326"
}
]
}
]
},
"references": {
"reference_data": [
{
@ -71,5 +65,11 @@
"name": "https://launchpad.support.sap.com/#/notes/3248970"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
}
}