Published: 21/01/2022 Updated: 09/11/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Out-of-bounds Read in vim/vim before 8.2.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vim vim
debian debian linux 9.0
debian debian linux 10.0
apple macos

Several security issues were fixed in Vim ...

A flaw was found in vim The vulnerability occurs due to buffer shifting when exchanging windows in Visual mode and leads to a heap buffer overflow This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution ...

A flaw was found in vim The vulnerability occurs due to not checking the length for the NameBuff function, which can lead to a heap buffer overflow This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution (CVE-2022-0213) A heap based out-of-bounds write flaw was found in vim's opsc This flaw allows ...

CWE-125 https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://security.gentoo.org/glsa/202208-32 https://support.apple.com/kb/HT213488 https://support.apple.com/kb/HT213444 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/43 https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://ubuntu.com/security/notices/USN-5458-1 https://nvd.nist.gov

CVE-2022-0319

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect