{"vulnerability": "CVE-2022-2889", "sightings": [{"uuid": "03bca3d8-3f0b-4d04-be36-74d7b82891ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2889", "type": "seen", "source": "https://t.me/cibsecurity/48432", "content": "\u203c CVE-2022-2889 \u203c\n\nUse After Free in GitHub repository vim/vim prior to 9.0.0224.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T16:17:23.000000Z"}, {"uuid": "ea3c1d3e-8b58-44e6-89d3-97544cfd4918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28890", "type": "seen", "source": "https://t.me/cibsecurity/41966", "content": "\u203c CVE-2022-28890 \u203c\n\nA vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-05T12:36:11.000000Z"}, {"uuid": "72fa9b8a-8fe8-49b7-a7d5-caad8a313ec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28892", "type": "seen", "source": "https://t.me/cibsecurity/41591", "content": "\u203c CVE-2022-28892 \u203c\n\nMahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-29T10:30:01.000000Z"}, {"uuid": "7b96073a-0ec2-47a1-915f-76a5c63eaf92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28893", "type": "seen", "source": "https://t.me/cibsecurity/40449", "content": "\u203c CVE-2022-28893 \u203c\n\nThe SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-11T12:15:59.000000Z"}, {"uuid": "6c249a00-e3ae-487e-b3b5-b94185d2d7cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28893", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0287/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}]}