Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-3256

Published: 22/09/2022 Updated: 07/11/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Vim

Vulnerability Summary

Use After Free in GitHub repository vim/vim before 9.0.0530.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vim vim

fedoraproject fedora 35

fedoraproject fedora 36

fedoraproject fedora 37

debian debian linux 10.0

Vendor Advisories

Ubuntu Security Notice: USN-5775-1: Vim vulnerabilities
Several security issues were fixed in Vim ...
Amazon Linux 2: ALAS2-2023-1975
A heap buffer overflow vulnerability was found in vim's ins_compl_infercase_gettext() function of the src/insexpandc file This flaw occurs when vim tries to access uninitialized memory when completing a long line This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap-based buffer overflow that cause ...
Amazon Linux AMI: ALAS-2023-1716
A heap buffer overflow vulnerability was found in vim's ins_compl_infercase_gettext() function of the src/insexpandc file This flaw occurs when vim tries to access uninitialized memory when completing a long line This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap-based buffer overflow that cause ...
Red Hat:
Description The MITRE CVE dictionary describes this issue as: Use After Free in GitHub repository vim/vim prior to 900530 ...
Arch Linux Issues:
Severity Unknown Remote Unknown Type Unknown Description AVG-2843 vim 901224-1 901225-1 Unknown Unknown ...

References

CWE-416https://github.com/vim/vim/commit/8ecfa2c56b4992c7f067b92488aa9acea5a454adhttps://huntr.dev/bounties/8336a3df-212a-4f8d-ae34-76ef1f936bb3https://lists.debian.org/debian-lts-announce/2022/11/msg00032.htmlhttps://security.gentoo.org/glsa/202305-16https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/https://ubuntu.com/security/notices/USN-5775-1https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook