Published: 23/06/2022 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Heap-based Buffer Overflow in GitHub repository vim/vim before 8.2.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vim vim
fedoraproject fedora 35
fedoraproject fedora 36

Use after free in append_command in GitHub repository vim/vim prior to 824895 This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616) Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 824899 This vulnerabilities ...

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 82 ...

A heap buffer over-read vulnerability was found in Vim's grab_file_name() function of the src/findfilec file This flaw occurs because the function reads after the NULL terminates the line with "gf" in Visual block mode This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap buffer over-read vulnerabi ...

CWE-122 https://github.com/vim/vim/commit/f7c7c3fad6d2135d558f3b36d0d1a943118aeb5e https://huntr.dev/bounties/238d8650-3beb-4831-a8f7-6f0b597a6fb8 https://security.gentoo.org/glsa/202208-32 https://security.gentoo.org/glsa/202305-16 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2022-1829.html

CVE-2022-2182

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect