pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/c9f2/ALT-PU-2022-1958/definitions.json
pepelyaevip 0707cb759b ALT Vulnerability
2024-04-16 14:26:14 +00:00

571 lines
27 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20221958",
"Version": "oval:org.altlinux.errata:def:20221958",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2022-1958: package `vim` update to version 8.2.5019-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2022-1958",
"RefURL": "https://errata.altlinux.org/ALT-PU-2022-1958",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-03035",
"RefURL": "https://bdu.fstec.ru/vul/2022-03035",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03037",
"RefURL": "https://bdu.fstec.ru/vul/2022-03037",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03230",
"RefURL": "https://bdu.fstec.ru/vul/2022-03230",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03232",
"RefURL": "https://bdu.fstec.ru/vul/2022-03232",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03233",
"RefURL": "https://bdu.fstec.ru/vul/2022-03233",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03234",
"RefURL": "https://bdu.fstec.ru/vul/2022-03234",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03235",
"RefURL": "https://bdu.fstec.ru/vul/2022-03235",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03237",
"RefURL": "https://bdu.fstec.ru/vul/2022-03237",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03238",
"RefURL": "https://bdu.fstec.ru/vul/2022-03238",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03239",
"RefURL": "https://bdu.fstec.ru/vul/2022-03239",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03240",
"RefURL": "https://bdu.fstec.ru/vul/2022-03240",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03271",
"RefURL": "https://bdu.fstec.ru/vul/2022-03271",
"Source": "BDU"
},
{
"RefID": "BDU:2022-04217",
"RefURL": "https://bdu.fstec.ru/vul/2022-04217",
"Source": "BDU"
},
{
"RefID": "BDU:2022-04218",
"RefURL": "https://bdu.fstec.ru/vul/2022-04218",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05980",
"RefURL": "https://bdu.fstec.ru/vul/2022-05980",
"Source": "BDU"
},
{
"RefID": "BDU:2022-06965",
"RefURL": "https://bdu.fstec.ru/vul/2022-06965",
"Source": "BDU"
},
{
"RefID": "CVE-2022-1616",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1616",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1619",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1619",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1620",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1620",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1621",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1621",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1629",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1629",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1674",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1674",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1720",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1720",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1725",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1725",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1733",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1733",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1735",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1735",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1769",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1769",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1771",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1771",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1785",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1785",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1796",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1796",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1851",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1851",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1886",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1886",
"Source": "CVE"
}
],
"Description": "This update upgrades vim to version 8.2.5019-alt1. \nSecurity Fix(es):\n\n * BDU:2022-03035: Уязвимость функции cmdline_erase_chars() текстового редактора Vim, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-03037: Уязвимость реализации функции vim_regexec_string() текстового редактора Vim, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-03230: Уязвимость функции get_one_sourceline() текстового редактора Vim, связанная с чтением за границами буфера памяти, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2022-03232: Уязвимость реализации функции skip_string() текстового редактора Vim, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2022-03233: Уязвимость реализации функции vim_regexec_string() текстового редактора Vim, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-03234: Уязвимость реализации функции vim_strncpy find_word() текстового редактора Vim, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2022-03235: Уязвимость реализации функции find_next_quote() текстового редактора Vim, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2022-03237: Уязвимость реализации функции find_pattern_in_path() текстового редактора Vim, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-03238: Уязвимость реализации функции vim_regsub_both() текстового редактора Vim, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-03239: Уязвимость реализации функции utfc_ptr2len() текстового редактора Vim, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2022-03240: Уязвимость текстового редактора Vim, вызванная неконтролируемой рекурсией, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-03271: Уязвимость реализации команды append текстового редактора Vim, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2022-04217: Уязвимость комопнента normal.c текстового редактора Vim, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2022-04218: Уязвимость комопнента register.c текстового редактора Vim, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-05980: Уязвимость функции gchar_cursor компонента misc1.c текстового редактора Vim, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-06965: Уязвимость функции vim_regexec_string() текстового редактора Vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2022-1616: Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution\n\n * CVE-2022-1619: Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution\n\n * CVE-2022-1620: NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.\n\n * CVE-2022-1621: Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution\n\n * CVE-2022-1629: Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution\n\n * CVE-2022-1674: NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input.\n\n * CVE-2022-1720: Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n\n * CVE-2022-1725: NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959.\n\n * CVE-2022-1733: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.\n\n * CVE-2022-1735: Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.\n\n * CVE-2022-1769: Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.\n\n * CVE-2022-1771: Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.\n\n * CVE-2022-1785: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.\n\n * CVE-2022-1796: Use After Free in GitHub repository vim/vim prior to 8.2.4979.\n\n * CVE-2022-1851: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.\n\n * CVE-2022-1886: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.\n\n * #42859: не закрыты: CVE-2022-1381, CVE-2022-1616, CVE-2022-1621, CVE-2022-1733, CVE-2022-1629, CVE-2022-1785",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2022-05-30"
},
"Updated": {
"Date": "2022-05-30"
},
"BDUs": [
{
"ID": "BDU:2022-03035",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"CWE": "CWE-119, CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-03035",
"Impact": "Low",
"Public": "20220428"
},
{
"ID": "BDU:2022-03037",
"CVSS": "AV:L/AC:L/Au:S/C:P/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2022-03037",
"Impact": "Low",
"Public": "20220428"
},
{
"ID": "BDU:2022-03230",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2022-03230",
"Impact": "Low",
"Public": "20220525"
},
{
"ID": "BDU:2022-03232",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"CWE": "CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-03232",
"Impact": "Low",
"Public": "20220508"
},
{
"ID": "BDU:2022-03233",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2022-03233",
"Impact": "Low",
"Public": "20220509"
},
{
"ID": "BDU:2022-03234",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
"CWE": "CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-03234",
"Impact": "High",
"Public": "20220428"
},
{
"ID": "BDU:2022-03235",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"CWE": "CWE-125, CWE-126",
"Href": "https://bdu.fstec.ru/vul/2022-03235",
"Impact": "Low",
"Public": "20220508"
},
{
"ID": "BDU:2022-03237",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03237",
"Impact": "Low",
"Public": "20220516"
},
{
"ID": "BDU:2022-03238",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-03238",
"Impact": "High",
"Public": "20220516"
},
{
"ID": "BDU:2022-03239",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"CWE": "CWE-120",
"Href": "https://bdu.fstec.ru/vul/2022-03239",
"Impact": "Low",
"Public": "20220428"
},
{
"ID": "BDU:2022-03240",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-121, CWE-674",
"Href": "https://bdu.fstec.ru/vul/2022-03240",
"Impact": "Low",
"Public": "20220516"
},
{
"ID": "BDU:2022-03271",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H",
"CWE": "CWE-119, CWE-122, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-03271",
"Impact": "High",
"Public": "20220428"
},
{
"ID": "BDU:2022-04217",
"CVSS": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2022-04217",
"Impact": "Low",
"Public": "20220627"
},
{
"ID": "BDU:2022-04218",
"CVSS": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2022-04218",
"Impact": "High",
"Public": "20220627"
},
{
"ID": "BDU:2022-05980",
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2022-05980",
"Impact": "High",
"Public": "20220523"
},
{
"ID": "BDU:2022-06965",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2022-06965",
"Impact": "High",
"Public": "20220928"
}
],
"CVEs": [
{
"ID": "CVE-2022-1616",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1616",
"Impact": "High",
"Public": "20220507"
},
{
"ID": "CVE-2022-1619",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1619",
"Impact": "High",
"Public": "20220508"
},
{
"ID": "CVE-2022-1620",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1620",
"Impact": "High",
"Public": "20220508"
},
{
"ID": "CVE-2022-1621",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1621",
"Impact": "High",
"Public": "20220510"
},
{
"ID": "CVE-2022-1629",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-126",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1629",
"Impact": "High",
"Public": "20220510"
},
{
"ID": "CVE-2022-1674",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1674",
"Impact": "Low",
"Public": "20220512"
},
{
"ID": "CVE-2022-1720",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-126",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1720",
"Impact": "High",
"Public": "20220620"
},
{
"ID": "CVE-2022-1725",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1725",
"Impact": "Low",
"Public": "20220929"
},
{
"ID": "CVE-2022-1733",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1733",
"Impact": "High",
"Public": "20220517"
},
{
"ID": "CVE-2022-1735",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1735",
"Impact": "High",
"Public": "20220517"
},
{
"ID": "CVE-2022-1769",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-126",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1769",
"Impact": "High",
"Public": "20220517"
},
{
"ID": "CVE-2022-1771",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-674",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1771",
"Impact": "Low",
"Public": "20220518"
},
{
"ID": "CVE-2022-1785",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1785",
"Impact": "High",
"Public": "20220519"
},
{
"ID": "CVE-2022-1796",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1796",
"Impact": "High",
"Public": "20220519"
},
{
"ID": "CVE-2022-1851",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1851",
"Impact": "High",
"Public": "20220525"
},
{
"ID": "CVE-2022-1886",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-122",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1886",
"Impact": "High",
"Public": "20220526"
}
],
"Bugzilla": [
{
"ID": "42859",
"Href": "https://bugzilla.altlinux.org/42859",
"Data": "не закрыты: CVE-2022-1381, CVE-2022-1616, CVE-2022-1621, CVE-2022-1733, CVE-2022-1629, CVE-2022-1785"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20221958001",
"Comment": "rpm-build-vim is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958002",
"Comment": "vim-X11 is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958003",
"Comment": "vim-X11-gnome2 is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958004",
"Comment": "vim-X11-gtk2 is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958005",
"Comment": "vim-X11-gtk3 is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958006",
"Comment": "vim-common is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958007",
"Comment": "vim-console is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958008",
"Comment": "vim-enhanced is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958009",
"Comment": "vim-minimal is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958010",
"Comment": "vim-spell-source is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958011",
"Comment": "vimtutor is earlier than 4:8.2.5019-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20221958012",
"Comment": "xxd is earlier than 4:8.2.5019-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink