Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-0318 (GCVE-0-2022-0318)
Vulnerability from cvelistv5 – Published: 2022-01-21 00:00 – Updated: 2024-11-15 13:08
VLAI?
EPSS
Title
Heap-based Buffer Overflow in vim/vim
Summary
Heap-based Buffer Overflow in vim/vim prior to 8.2.
Severity ?
6.6 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-15T13:08:06.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc"
},
{
"name": "GLSA-202208-32",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213444"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20241115-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vim/vim",
"vendor": "vim",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap-based Buffer Overflow in vim/vim prior to 8.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-24T00:00:00.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08"
},
{
"url": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc"
},
{
"name": "GLSA-202208-32",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"url": "https://support.apple.com/kb/HT213444"
},
{
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"
}
],
"source": {
"advisory": "0d10ba02-b138-4e68-a284-67f781a62d08",
"discovery": "EXTERNAL"
},
"title": "Heap-based Buffer Overflow in vim/vim"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0318",
"datePublished": "2022-01-21T00:00:00.000Z",
"dateReserved": "2022-01-20T00:00:00.000Z",
"dateUpdated": "2024-11-15T13:08:06.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-J89M-7G9M-FCMJ
Vulnerability from github – Published: 2022-01-22 00:00 – Updated: 2022-08-22 00:00
VLAI?
Details
Heap-based Buffer Overflow in vim/vim prior to 8.2.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2022-0318"
],
"database_specific": {
"cwe_ids": [
"CWE-122",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-21T12:15:00Z",
"severity": "CRITICAL"
},
"details": "Heap-based Buffer Overflow in vim/vim prior to 8.2.",
"id": "GHSA-j89m-7g9m-fcmj",
"modified": "2022-08-22T00:00:51Z",
"published": "2022-01-22T00:00:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0318"
},
{
"type": "WEB",
"url": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213444"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213488"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
cve-2022-0318
Vulnerability from osv_almalinux
Published
2022-03-15 09:11
Modified
2022-03-16 22:22
Summary
Moderate: vim security update
Details
Vim (Vi IMproved) is an updated and improved version of the vi editor.
Security Fix(es):
-
vim: Heap-based buffer overflow in block_insert() in src/ops.c (CVE-2022-0261)
-
vim: Heap-based buffer overflow in utf_head_off() in mbyte.c (CVE-2022-0318)
-
vim: Heap-based buffer overflow in init_ccline() in ex_getln.c (CVE-2022-0359)
-
vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow (CVE-2022-0361)
-
vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c (CVE-2022-0392)
-
vim: Use after free in src/ex_cmds.c (CVE-2022-0413)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "vim-X11"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:8.0.1763-16.el8_5.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "vim-X11"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:8.0.1763-16.el8_5.12"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "vim-common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:8.0.1763-16.el8_5.12"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "vim-common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:8.0.1763-16.el8_5.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "vim-enhanced"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:8.0.1763-16.el8_5.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "vim-enhanced"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:8.0.1763-16.el8_5.12"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "vim-filesystem"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:8.0.1763-16.el8_5.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "vim-filesystem"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:8.0.1763-16.el8_5.12"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "vim-minimal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:8.0.1763-16.el8_5.13"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Vim (Vi IMproved) is an updated and improved version of the vi editor.\n\nSecurity Fix(es):\n\n* vim: Heap-based buffer overflow in block_insert() in src/ops.c (CVE-2022-0261)\n\n* vim: Heap-based buffer overflow in utf_head_off() in mbyte.c (CVE-2022-0318)\n\n* vim: Heap-based buffer overflow in init_ccline() in ex_getln.c (CVE-2022-0359)\n\n* vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow (CVE-2022-0361)\n\n* vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c (CVE-2022-0392)\n\n* vim: Use after free in src/ex_cmds.c (CVE-2022-0413)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2022:0894",
"modified": "2022-03-16T22:22:38Z",
"published": "2022-03-15T09:11:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2022-0894.html"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2022-0261"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2022-0318"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2022-0359"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2022-0361"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2022-0392"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2022-0413"
}
],
"related": [
"CVE-2022-0261",
"CVE-2022-0318",
"CVE-2022-0359",
"CVE-2022-0361",
"CVE-2022-0392",
"CVE-2022-0413"
],
"summary": "Moderate: vim security update"
}
GSD-2022-0318
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Heap-based Buffer Overflow in vim/vim prior to 8.2.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-0318",
"description": "Heap-based Buffer Overflow in vim/vim prior to 8.2.",
"id": "GSD-2022-0318",
"references": [
"https://www.suse.com/security/cve/CVE-2022-0318.html",
"https://access.redhat.com/errata/RHSA-2022:0894",
"https://alas.aws.amazon.com/cve/html/CVE-2022-0318.html",
"https://security.archlinux.org/CVE-2022-0318",
"https://advisories.mageia.org/CVE-2022-0318.html",
"https://linux.oracle.com/cve/CVE-2022-0318.html",
"https://ubuntu.com/security/CVE-2022-0318"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-0318"
],
"details": "Heap-based Buffer Overflow in vim/vim prior to 8.2.",
"id": "GSD-2022-0318",
"modified": "2023-12-13T01:19:11.758283Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0318",
"STATE": "PUBLIC",
"TITLE": "Heap-based Buffer Overflow in vim/vim"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vim/vim",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "8.2"
}
]
}
}
]
},
"vendor_name": "vim"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow in vim/vim prior to 8.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08"
},
{
"name": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc",
"refsource": "MISC",
"url": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc"
},
{
"name": "GLSA-202208-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"name": "https://support.apple.com/kb/HT213444",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213444"
},
{
"name": "https://support.apple.com/kb/HT213488",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"
}
]
},
"source": {
"advisory": "0d10ba02-b138-4e68-a284-67f781a62d08",
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2.4151",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0318"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Heap-based Buffer Overflow in vim/vim prior to 8.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc"
},
{
"name": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08"
},
{
"name": "GLSA-202208-32",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"name": "https://support.apple.com/kb/HT213488",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "https://support.apple.com/kb/HT213444",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213444"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-11-29T22:12Z",
"publishedDate": "2022-01-21T12:15Z"
}
}
}
CERTFR-2022-AVI-330
Vulnerability from certfr_avis - Published: 2022-04-13 - Updated: 2022-04-13
De multiples vulnérabilités ont été découvertes dans Stormshield Network Security. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Stormshield | Stormshield Network Security | Stormshield Network Security versions 2.7.x antérieures à 2.7.10 | ||
| Stormshield | Stormshield Network Security | Stormshield Network Security versions 3.7.x antérieures à 3.7.27 | ||
| Stormshield | Stormshield Network Security | Stormshield Network Security versions 4.3.x antérieures à 4.3.7 | ||
| Stormshield | Stormshield Network Security | Stormshield Network Security versions 3.11.x antérieures à 3.11.15 | ||
| Stormshield | Stormshield Network Security | Stormshield Network Security versions 4.2.x antérieures à 4.2.11 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Stormshield Network Security versions 2.7.x ant\u00e9rieures \u00e0 2.7.10",
"product": {
"name": "Stormshield Network Security",
"vendor": {
"name": "Stormshield",
"scada": false
}
}
},
{
"description": "Stormshield Network Security versions 3.7.x ant\u00e9rieures \u00e0 3.7.27",
"product": {
"name": "Stormshield Network Security",
"vendor": {
"name": "Stormshield",
"scada": false
}
}
},
{
"description": "Stormshield Network Security versions 4.3.x ant\u00e9rieures \u00e0 4.3.7",
"product": {
"name": "Stormshield Network Security",
"vendor": {
"name": "Stormshield",
"scada": false
}
}
},
{
"description": "Stormshield Network Security versions 3.11.x ant\u00e9rieures \u00e0 3.11.15",
"product": {
"name": "Stormshield Network Security",
"vendor": {
"name": "Stormshield",
"scada": false
}
}
},
{
"description": "Stormshield Network Security versions 4.2.x ant\u00e9rieures \u00e0 4.2.11",
"product": {
"name": "Stormshield Network Security",
"vendor": {
"name": "Stormshield",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-0261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0261"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2021-3968",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3968"
},
{
"name": "CVE-2021-4019",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4019"
},
{
"name": "CVE-2021-4192",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4192"
},
{
"name": "CVE-2022-0393",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0393"
},
{
"name": "CVE-2022-0408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0408"
},
{
"name": "CVE-2021-4173",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4173"
},
{
"name": "CVE-2021-4136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4136"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2021-3928",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3928"
},
{
"name": "CVE-2022-0417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0417"
},
{
"name": "CVE-2022-0368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0368"
},
{
"name": "CVE-2021-4166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4166"
},
{
"name": "CVE-2022-0128",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0128"
},
{
"name": "CVE-2022-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0443"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2021-3984",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3984"
},
{
"name": "CVE-2022-0213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0213"
},
{
"name": "CVE-2021-4193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
},
{
"name": "CVE-2022-0413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0413"
},
{
"name": "CVE-2022-20698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20698"
},
{
"name": "CVE-2021-3974",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3974"
},
{
"name": "CVE-2022-0392",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0392"
},
{
"name": "CVE-2022-0359",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0359"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0361"
},
{
"name": "CVE-2021-4069",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4069"
},
{
"name": "CVE-2022-0318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0318"
},
{
"name": "CVE-2021-4187",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4187"
},
{
"name": "CVE-2021-3927",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3927"
},
{
"name": "CVE-2022-0407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0407"
}
],
"initial_release_date": "2022-04-13T00:00:00",
"last_revision_date": "2022-04-13T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-330",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Stormshield Network\nSecurity. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Stormshield Network Security",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Stormshield 2022-008 du 06 avril 2022",
"url": "https://advisories.stormshield.eu/2022-008/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Stormshield 2022-004 du 06 avril 2022",
"url": "https://advisories.stormshield.eu/2022-004/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Stormshield 2022-005 du 06 avril 2022",
"url": "https://advisories.stormshield.eu/2022-005/"
}
]
}
CERTFR-2022-AVI-947
Vulnerability from certfr_avis - Published: 2022-10-25 - Updated: 2022-10-25
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Apple indique que la vulnérabilité CVE-2022-42827 serait activement exploitée.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | watchOS versions antérieures à 9.1 | ||
| Apple | N/A | iPadOS versions antérieures à 16 | ||
| Apple | macOS | macOS Monterey versions antérieures à 12.6.1 | ||
| Apple | Safari | Safari versions antérieures à 16.1 | ||
| Apple | macOS | macOS Ventura versions antérieures à 13 | ||
| Apple | N/A | iOS versions antérieures à 16.1 | ||
| Apple | macOS | macOS Big Sur versions antérieures à 11.7.1 | ||
| Apple | N/A | tvOS versions antérieures à 16.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "watchOS versions ant\u00e9rieures \u00e0 9.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 16",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Monterey versions ant\u00e9rieures \u00e0 12.6.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 16.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Ventura versions ant\u00e9rieures \u00e0 13",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 16.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Big Sur versions ant\u00e9rieures \u00e0 11.7.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 16.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-1621",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1621"
},
{
"name": "CVE-2022-42819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42819"
},
{
"name": "CVE-2022-0261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0261"
},
{
"name": "CVE-2022-2000",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2000"
},
{
"name": "CVE-2022-1381",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1381"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2022-1898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1898"
},
{
"name": "CVE-2022-42832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42832"
},
{
"name": "CVE-2022-42823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42823"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-32913",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32913"
},
{
"name": "CVE-2022-32928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32928"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2022-42815",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42815"
},
{
"name": "CVE-2022-1968",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1968"
},
{
"name": "CVE-2022-32936",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32936"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-42793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42793"
},
{
"name": "CVE-2022-32915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32915"
},
{
"name": "CVE-2022-1629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1629"
},
{
"name": "CVE-2022-42827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42827"
},
{
"name": "CVE-2022-42830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42830"
},
{
"name": "CVE-2022-0554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0554"
},
{
"name": "CVE-2022-32862",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32862"
},
{
"name": "CVE-2022-0572",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0572"
},
{
"name": "CVE-2022-42824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42824"
},
{
"name": "CVE-2022-2042",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2042"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2022-1733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1733"
},
{
"name": "CVE-2022-0943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0943"
},
{
"name": "CVE-2022-1927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1927"
},
{
"name": "CVE-2022-1851",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1851"
},
{
"name": "CVE-2022-2126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2126"
},
{
"name": "CVE-2022-42795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42795"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-0368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0368"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2022-42829",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42829"
},
{
"name": "CVE-2022-42831",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42831"
},
{
"name": "CVE-2022-42806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42806"
},
{
"name": "CVE-2022-1616",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1616"
},
{
"name": "CVE-2022-42796",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42796"
},
{
"name": "CVE-2022-32866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32866"
},
{
"name": "CVE-2022-42808",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42808"
},
{
"name": "CVE-2022-32940",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32940"
},
{
"name": "CVE-2022-42790",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42790"
},
{
"name": "CVE-2022-42788",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42788"
},
{
"name": "CVE-2022-32886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32886"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2022-0629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0629"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2022-32890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32890"
},
{
"name": "CVE-2022-0729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0729"
},
{
"name": "CVE-2022-42814",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42814"
},
{
"name": "CVE-2022-32867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32867"
},
{
"name": "CVE-2022-32924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32924"
},
{
"name": "CVE-2022-32883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32883"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-42818",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42818"
},
{
"name": "CVE-2022-42789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42789"
},
{
"name": "CVE-2022-32912",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32912"
},
{
"name": "CVE-2022-0392",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0392"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32918",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32918"
},
{
"name": "CVE-2022-32908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32908"
},
{
"name": "CVE-2022-1620",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1620"
},
{
"name": "CVE-2022-32911",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32911"
},
{
"name": "CVE-2022-42813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42813"
},
{
"name": "CVE-2022-32864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32864"
},
{
"name": "CVE-2022-1942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1942"
},
{
"name": "CVE-2022-1735",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1735"
},
{
"name": "CVE-2022-1720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1720"
},
{
"name": "CVE-2022-42809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42809"
},
{
"name": "CVE-2022-0359",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0359"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-32898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32898"
},
{
"name": "CVE-2022-32938",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32938"
},
{
"name": "CVE-2022-32827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32827"
},
{
"name": "CVE-2022-26730",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26730"
},
{
"name": "CVE-2022-42799",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42799"
},
{
"name": "CVE-2022-32914",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32914"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-32875",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32875"
},
{
"name": "CVE-2022-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0361"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2022-32892",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32892"
},
{
"name": "CVE-2022-32881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32881"
},
{
"name": "CVE-2022-42811",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42811"
},
{
"name": "CVE-2022-32905",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32905"
},
{
"name": "CVE-2022-32895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32895"
},
{
"name": "CVE-2022-32922",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32922"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2022-32902",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32902"
},
{
"name": "CVE-2022-0318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0318"
},
{
"name": "CVE-2022-32904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32904"
},
{
"name": "CVE-2022-32879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32879"
},
{
"name": "CVE-2022-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2124"
},
{
"name": "CVE-2022-32865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32865"
},
{
"name": "CVE-2022-1769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1769"
},
{
"name": "CVE-2022-32947",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32947"
},
{
"name": "CVE-2022-1619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1619"
},
{
"name": "CVE-2022-32858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32858"
},
{
"name": "CVE-2022-32899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32899"
},
{
"name": "CVE-2022-32870",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32870"
},
{
"name": "CVE-2022-0685",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0685"
},
{
"name": "CVE-2022-42820",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42820"
},
{
"name": "CVE-2022-32934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32934"
},
{
"name": "CVE-2022-42825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42825"
},
{
"name": "CVE-2022-32888",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32888"
},
{
"name": "CVE-2022-2125",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2125"
},
{
"name": "CVE-2022-42791",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42791"
},
{
"name": "CVE-2022-32946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32946"
}
],
"initial_release_date": "2022-10-25T00:00:00",
"last_revision_date": "2022-10-25T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-947",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n\nApple indique que la vuln\u00e9rabilit\u00e9\u00a0CVE-2022-42827 serait activement\nexploit\u00e9e.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213493 du 24 octobre 2022",
"url": "https://support.apple.com/fr-fr/HT213493"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213489 du 24 octobre 2022",
"url": "https://support.apple.com/fr-fr/HT213489"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213492 du 24 octobre 2022",
"url": "https://support.apple.com/fr-fr/HT213492"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213491 du 24 octobre 2022",
"url": "https://support.apple.com/fr-fr/HT213491"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213494 du 24 octobre 2022",
"url": "https://support.apple.com/fr-fr/HT213494"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213488 du 24 octobre 2022",
"url": "https://support.apple.com/fr-fr/HT213488"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT213495 du 24 octobre 2022",
"url": "https://support.apple.com/fr-fr/HT213495"
}
]
}
FKIE_CVE-2022-0318
Vulnerability from fkie_nvd - Published: 2022-01-21 12:15 - Updated: 2024-11-21 06:38
Severity ?
Summary
Heap-based Buffer Overflow in vim/vim prior to 8.2.
References
| URL | Tags | ||
|---|---|---|---|
| security@huntr.dev | http://seclists.org/fulldisclosure/2022/Oct/28 | Mailing List, Third Party Advisory | |
| security@huntr.dev | http://seclists.org/fulldisclosure/2022/Oct/41 | Mailing List, Third Party Advisory | |
| security@huntr.dev | http://seclists.org/fulldisclosure/2022/Oct/43 | Mailing List, Third Party Advisory | |
| security@huntr.dev | https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08 | Exploit, Patch, Third Party Advisory | |
| security@huntr.dev | https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html | Mailing List, Third Party Advisory | |
| security@huntr.dev | https://security.gentoo.org/glsa/202208-32 | Third Party Advisory | |
| security@huntr.dev | https://support.apple.com/kb/HT213444 | Third Party Advisory | |
| security@huntr.dev | https://support.apple.com/kb/HT213488 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2022/Oct/28 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2022/Oct/41 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2022/Oct/43 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202208-32 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20241115-0004/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/kb/HT213444 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/kb/HT213488 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9F96CA-18A7-4C0B-8C3E-4A4DEC087ABA",
"versionEndExcluding": "8.2.4151",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC",
"versionEndExcluding": "13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based Buffer Overflow in vim/vim prior to 8.2."
},
{
"lang": "es",
"value": "Un Desbordamiento de B\u00fafer en la regi\u00f3n Heap de la Memoria en vim/vim versiones anteriores a 8.2"
}
],
"id": "CVE-2022-0318",
"lastModified": "2024-11-21T06:38:22.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7,
"source": "security@huntr.dev",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-21T12:15:10.053",
"references": [
{
"source": "security@huntr.dev",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"source": "security@huntr.dev",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"source": "security@huntr.dev",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"source": "security@huntr.dev",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc"
},
{
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08"
},
{
"source": "security@huntr.dev",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"
},
{
"source": "security@huntr.dev",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"source": "security@huntr.dev",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213444"
},
{
"source": "security@huntr.dev",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20241115-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213488"
}
],
"sourceIdentifier": "security@huntr.dev",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "security@huntr.dev",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-0318
Vulnerability from fstec - Published: 21.01.2022
VLAI Severity ?
Title
Уязвимость функции utf_head_off() (mbyte.c) текстового редактора vim, позволяющая нарушителю вызвать переполнение буфера
Description
Уязвимость функции utf_head_off() (mbyte.c) текстового редактора vim вызвана переполнением буфера в динамической памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать переполнение буфера
Severity ?
Vendor
Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», Red Hat Inc., Fedora Project, АО «ИВК», АО "НППКТ", АО «НТЦ ИТ РОСА»
Software Name
Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), Fedora, vim, Альт 8 СП (запись в едином реестре российских программ №4305), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), ROSA Virtualization (запись в едином реестре российских программ №5091), ROSA Virtualization 3.0 (запись в едином реестре российских программ №21308)
Software Version
9 (Debian GNU/Linux), 1.6 «Смоленск» (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 10 (Debian GNU/Linux), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), 34 (Fedora), 11 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), до 8.2.4151 (vim), - (Альт 8 СП), 4.7 (Astra Linux Special Edition), до 2.6 (ОСОН ОСнова Оnyx), 2.1 (ROSA Virtualization), 3.0 (ROSA Virtualization 3.0)
Possible Mitigations
Использование рекомендаций:
Для vim:
https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc
https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08
Для программных продуктов Red Hat Inc.
:
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0318.xml
Для Fedora:
https://lists.fedoraproject.org/archives/search?mlist=package-announce%40lists.fedoraproject.org&q=CVE-2022-0318
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2022-0318
Для Альт 8 СП:
https://altsp.su/obnovleniya-bezopasnosti/
Для Astra Linux Special Edition 1.7 архитектуры x86-64:
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1011SE17MD
Для ОСОН ОСнова Оnyx:
Обновление программного обеспечения vim до версии 2:9.0.0626-1
Для Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47
Для ОС Astra Linux:
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20221220SE16
Для системы управления средой виртуализации «ROSA Virtualization» : https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2214
Для Astra Linux Special Edition для «Эльбрус» 8.1 «Ленинград»:
обновить пакет vim до 2:9.0.0242-1.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81
Для программной системы управления средой виртуализации с подсистемой безагентного резервного копирования виртуальных машин «ROSA Virtualization 3.0»: https://abf.rosa.ru/advisories/ROSA-SA-2025-2720
Reference
https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc
https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08
https://altsp.su/obnovleniya-bezopasnosti/
:
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0318.xml
https://lists.fedoraproject.org/archives/search?mlist=package-announce%40lists.fedoraproject.org&q=CVE-2022-0318
https://security-tracker.debian.org/tracker/CVE-2022-0318
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1011SE17MD
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.6/
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20221220SE16
https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2214
https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81
https://abf.rosa.ru/advisories/ROSA-SA-2025-2720
CWE
CWE-122
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., Fedora Project, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 10 (Debian GNU/Linux), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 34 (Fedora), 11 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), \u0434\u043e 8.2.4151 (vim), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), 4.7 (Astra Linux Special Edition), \u0434\u043e 2.6 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), 2.1 (ROSA Virtualization), 3.0 (ROSA Virtualization 3.0)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f vim:\n\nhttps://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc\nhttps://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08\n\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.\n:\nhttps://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0318.xml\n\n\n\u0414\u043b\u044f Fedora:\n\nhttps://lists.fedoraproject.org/archives/search?mlist=package-announce%40lists.fedoraproject.org\u0026q=CVE-2022-0318\n\n\n\u0414\u043b\u044f Debian GNU/Linux:\n\nhttps://security-tracker.debian.org/tracker/CVE-2022-0318\n\n\u0414\u043b\u044f \u0410\u043b\u044c\u0442 8 \u0421\u041f:\nhttps://altsp.su/obnovleniya-bezopasnosti/\n\u0414\u043b\u044f Astra Linux Special Edition 1.7 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b x86-64:\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1011SE17MD\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f vim \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2:9.0.0626-1\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20221220SE16\n\n\u0414\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0440\u0435\u0434\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u00abROSA Virtualization\u00bb : https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2214\n\n\u0414\u043b\u044f Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 vim \u0434\u043e 2:9.0.0242-1.astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0440\u0435\u0434\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0431\u0435\u0437\u0430\u0433\u0435\u043d\u0442\u043d\u043e\u0433\u043e \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u00abROSA Virtualization 3.0\u00bb: https://abf.rosa.ru/advisories/ROSA-SA-2025-2720",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "21.01.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "19.03.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.02.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-00982",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-0318",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Fedora, vim, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), ROSA Virtualization (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165091), ROSA Virtualization 3.0 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211621308)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Fedora Project Fedora 34 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.6 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb ROSA Virtualization 2.1 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165091), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb ROSA Virtualization 3.0 3.0 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211621308)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 utf_head_off() (mbyte.c) \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u043e\u0433\u043e \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0430 vim, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-122)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 utf_head_off() (mbyte.c) \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u043e\u0433\u043e \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0430 vim \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc\nhttps://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08\nhttps://altsp.su/obnovleniya-bezopasnosti/\n:\nhttps://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0318.xml\n\n\nhttps://lists.fedoraproject.org/archives/search?mlist=package-announce%40lists.fedoraproject.org\u0026q=CVE-2022-0318\n\n\nhttps://security-tracker.debian.org/tracker/CVE-2022-0318\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1011SE17MD\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.6/\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20221220SE16\nhttps://abf.rosalinux.ru/advisories/ROSA-SA-2023-2214\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-2720",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-122",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…