ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0223
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0223)
Resumen:	The remote host is missing an update for the 'vim' package(s) announced via the MGASA-2022-0223 advisory.
Descripción:	Summary: The remote host is missing an update for the 'vim' package(s) announced via the MGASA-2022-0223 advisory. Vulnerability Insight: out-of-bounds read in gchar_cursor() in misc1.c (CVE-2022-1851) use-after-free in find_pattern_in_path() in search.c (CVE-2022-1898) out-of-bounds write in vim_regsub_both() in regexp.c (CVE-2022-1897) buffer over-read in utf_ptr2char() in mbyte.c (CVE-2022-1927 ) out of bounds write in vim_regsub_both() (CVE-2022-1942) heap-based buffer overflow in function utf_head_off (CVE-2022-1886) Affected Software/OS: 'vim' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-1851 https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/ http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://security.gentoo.org/glsa/202208-32 https://security.gentoo.org/glsa/202305-16 https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2022-1886 https://huntr.dev/bounties/fa0ad526-b608-45b3-9ebc-f2b607834d6a https://github.com/vim/vim/commit/2a585c85013be22f59f184d49612074fd9b115d7 Common Vulnerability Exposure (CVE) ID: CVE-2022-1897 https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118 https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html Common Vulnerability Exposure (CVE) ID: CVE-2022-1898 https://huntr.dev/bounties/45aad635-c2f1-47ca-a4f9-db5b25979cea https://github.com/vim/vim/commit/e2fa213cf571041dbd04ab0329303ffdc980678a Common Vulnerability Exposure (CVE) ID: CVE-2022-1927 https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777 https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 Common Vulnerability Exposure (CVE) ID: CVE-2022-1942 https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071 https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.