Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2022-1616

Published: 07/05/2022 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Vim

Vulnerability Summary

Use after free in append_command in GitHub repository vim/vim before 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vim vim

fedoraproject fedora 34

fedoraproject fedora 35

fedoraproject fedora 36

debian debian linux 9.0

debian debian linux 10.0

apple macos

Vendor Advisories

Debian CVElist Bug Report Logs: vim: CVE-2022-1942 CVE-2022-1968 CVE-2022-2000 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2285 CVE-2022-2288 CVE-2022-2304 CVE-2022-2207 CVE-2022-1616 CVE-2022-1619 CVE-2022-1621 CVE-2022-1720 CVE-2022-1785 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898
Debian Bug report logs - #1015984 vim: CVE-2022-1942 CVE-2022-1968 CVE-2022-2000 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2285 CVE-2022-2288 CVE-2022-2304 CVE-2022-2207 CVE-2022-1616 CVE-2022-1619 CVE-2022-1621 CVE-2022-1720 CVE-2022-1785 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898 Package: src:vim; Maintainer for sr ...
Ubuntu Security Notice: USN-5460-1: Vim vulnerabilities
Several security issues were fixed in Vim ...
Ubuntu Security Notice: USN-5613-2: Vim regression
USN-5613-1 caused a regression in Vim ...
Ubuntu Security Notice: USN-5613-1: Vim vulnerabilities
Several security issues were fixed in Vim ...
Amazon Linux 2: ALAS2-2022-1829
Use after free in append_command in GitHub repository vim/vim prior to 824895 This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616) Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 824899 This vulnerabilities ...
Amazon Linux AMI: ALAS-2022-1628
Use after free in append_command in GitHub repository vim/vim prior to 824895 This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616) Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 824899 This vulnerabilities ...
Red Hat:
Use after free in append_command in GitHub repository vim/vim prior to 824895 This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution ...

References

CWE-416https://github.com/vim/vim/commit/d88934406c5375d88f8f1b65331c9f0cab68cc6chttps://huntr.dev/bounties/40f1d75f-fb2f-4281-b585-a41017f217e2https://lists.debian.org/debian-lts-announce/2022/05/msg00022.htmlhttps://security.gentoo.org/glsa/202208-32https://support.apple.com/kb/HT213488http://seclists.org/fulldisclosure/2022/Oct/41http://seclists.org/fulldisclosure/2022/Oct/28https://lists.debian.org/debian-lts-announce/2022/11/msg00009.htmlhttps://security.gentoo.org/glsa/202305-16https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015984https://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5460-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook