VDB
CVE-2022-4293
CVE-2022-4293
PUBLISHED
Es existiert eine Schwachstelle in vim. Der Fehler besteht aufgrund einer Fließkomma-Ausnahme in der Funktion num_divide, wenn versucht wird, eine Zahl durch -1 zu dividieren. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.31% · 54.4th percentile
Risk Scores
EPSS Score
0.31%
54.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Dell ECS <3.8.1.0 | |
| SUSE | SUSE Linux | |
| Ubuntu | Ubuntu Linux | |
| Dell | Dell PowerEdge |
Exploit Intelligence
- https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143 (nist-nvd)
- glcve_test.go (github-poc)
- glcve_test.go (github-poc)
- glcve_test.go (github-poc)
- glcve_test.go (github-poc)
- glcve_test.go (github-poc)
- glcve_test.go (github-poc)
Timeline
- Dec 5, 2022 CVE Published
- Dec 6, 2022 EPSS Score
- Jan 17, 2023 EPSS Score
- Feb 28, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 11, 2023 EPSS Score
- May 23, 2023 EPSS Score
- Jul 5, 2023 EPSS Score
- Aug 16, 2023 EPSS Score
- Sep 27, 2023 EPSS Score
- Nov 8, 2023 EPSS Score
- Dec 20, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2248.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2248 advisory
- https://ubuntu.com/security/notices/USN-6420-1 advisory
- https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b advisory
- https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143/ advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-December/013353.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-January/013598.html advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0794.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0794 advisory
- https://www.dell.com/support/kbdoc/000223839/dsa-2024-= advisory
- https://www.dell.com/support/kbdoc/en-us/000209268/dsa-2023-014-dell-poweredge-server-security-update-for-intel-february-2023-security-advisories-2023-1-ipu advisory