All the vulnerabilites related to vim - vim/vim
cve-2022-2580
Vulnerability from cvelistv5
Published
2022-08-01 14:12
Modified
2024-08-03 00:39
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/c5f2f1d4-0441-4881-b19c-055acaa16249 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/1e56bda9048a9625bce6e660938c834c5c15b07d | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:39:08.108Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/c5f2f1d4-0441-4881-b19c-055acaa16249" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/1e56bda9048a9625bce6e660938c834c5c15b07d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0102", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-01T14:12:38", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/c5f2f1d4-0441-4881-b19c-055acaa16249" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/1e56bda9048a9625bce6e660938c834c5c15b07d" } ], "source": { "advisory": "c5f2f1d4-0441-4881-b19c-055acaa16249", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-2580", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "9.0.0102" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/c5f2f1d4-0441-4881-b19c-055acaa16249", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/c5f2f1d4-0441-4881-b19c-055acaa16249" }, { "name": "https://github.com/vim/vim/commit/1e56bda9048a9625bce6e660938c834c5c15b07d", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/1e56bda9048a9625bce6e660938c834c5c15b07d" } ] }, "source": { "advisory": "c5f2f1d4-0441-4881-b19c-055acaa16249", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2580", "datePublished": "2022-08-01T14:12:38", "dateReserved": "2022-07-29T00:00:00", "dateUpdated": "2024-08-03T00:39:08.108Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2819
Vulnerability from cvelistv5
Published
2022-08-15 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.508Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/0a9bd71e-66b8-4eb1-9566-7dfd9b097e59" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/d1d8f6bacb489036d0fd479c9dd3c0102c988889" }, { "name": "FEDORA-2022-6f5e420e52", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0211", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/0a9bd71e-66b8-4eb1-9566-7dfd9b097e59" }, { "url": "https://github.com/vim/vim/commit/d1d8f6bacb489036d0fd479c9dd3c0102c988889" }, { "name": "FEDORA-2022-6f5e420e52", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "0a9bd71e-66b8-4eb1-9566-7dfd9b097e59", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2819", "datePublished": "2022-08-15T00:00:00", "dateReserved": "2022-08-15T00:00:00", "dateUpdated": "2024-08-03T00:52:59.508Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1619
Vulnerability from cvelistv5
Published
2022-05-08 00:00
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in function cmdline_erase_chars in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:10:03.595Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/b3200483-624e-4c76-a070-e246f62a7450" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ef02f16609ff0a26ffc6e20263523424980898fe" }, { "name": "FEDORA-2022-e92c3ce170", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/" }, { "name": "FEDORA-2022-f0db3943d9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220930-0007/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4899", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/b3200483-624e-4c76-a070-e246f62a7450" }, { "url": "https://github.com/vim/vim/commit/ef02f16609ff0a26ffc6e20263523424980898fe" }, { "name": "FEDORA-2022-e92c3ce170", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/" }, { "name": "FEDORA-2022-f0db3943d9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://security.netapp.com/advisory/ntap-20220930-0007/" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "b3200483-624e-4c76-a070-e246f62a7450", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in function cmdline_erase_chars in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1619", "datePublished": "2022-05-08T00:00:00", "dateReserved": "2022-05-07T00:00:00", "dateUpdated": "2024-08-03T00:10:03.595Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1127
Vulnerability from cvelistv5
Published
2023-03-01 00:00
Modified
2024-08-02 05:32
Severity ?
EPSS score ?
Summary
Divide By Zero in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:32:46.417Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/2d4d309e-4c96-415f-9070-36d0815f1beb" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e0f869196930ef5f25a0ac41c9215b09c9ce2d3c" }, { "name": "FEDORA-2023-27958e9307", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/" }, { "name": "FEDORA-2023-ccf283d7e1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJ6TMKKBXHGVUHWFGM4X46VIJO7ZAG2W/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1367", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero in GitHub repository vim/vim prior to 9.0.1367." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/2d4d309e-4c96-415f-9070-36d0815f1beb" }, { "url": "https://github.com/vim/vim/commit/e0f869196930ef5f25a0ac41c9215b09c9ce2d3c" }, { "name": "FEDORA-2023-27958e9307", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/" }, { "name": "FEDORA-2023-ccf283d7e1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJ6TMKKBXHGVUHWFGM4X46VIJO7ZAG2W/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "2d4d309e-4c96-415f-9070-36d0815f1beb", "discovery": "EXTERNAL" }, "title": "Divide By Zero in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1127", "datePublished": "2023-03-01T00:00:00", "dateReserved": "2023-03-01T00:00:00", "dateUpdated": "2024-08-02T05:32:46.417Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2210
Vulnerability from cvelistv5
Published
2022-06-27 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.749Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/020845f8-f047-4072-af0f-3726fe1aea25" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c101abff4c6756db4f5e740fde289decb9452efa" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/020845f8-f047-4072-af0f-3726fe1aea25" }, { "url": "https://github.com/vim/vim/commit/c101abff4c6756db4f5e740fde289decb9452efa" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "020845f8-f047-4072-af0f-3726fe1aea25", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2210", "datePublished": "2022-06-27T00:00:00", "dateReserved": "2022-06-26T00:00:00", "dateUpdated": "2024-08-03T00:32:08.749Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3016
Vulnerability from cvelistv5
Published
2022-08-28 00:00
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:53:00.487Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/260516c2-5c4a-4b7f-a01c-04b1aeeea371" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/6d24a51b94beb1991cddce221f90b455e2d50db7" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0286", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0286." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/260516c2-5c4a-4b7f-a01c-04b1aeeea371" }, { "url": "https://github.com/vim/vim/commit/6d24a51b94beb1991cddce221f90b455e2d50db7" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "260516c2-5c4a-4b7f-a01c-04b1aeeea371", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3016", "datePublished": "2022-08-28T00:00:00", "dateReserved": "2022-08-27T00:00:00", "dateUpdated": "2024-08-03T00:53:00.487Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2862
Vulnerability from cvelistv5
Published
2022-08-17 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.949Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/71180988-1ab6-4311-bca8-e9a879b06765" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/1889f499a4f248cd84e0e0bf6d0d820016774494" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0221", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0221." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/71180988-1ab6-4311-bca8-e9a879b06765" }, { "url": "https://github.com/vim/vim/commit/1889f499a4f248cd84e0e0bf6d0d820016774494" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "71180988-1ab6-4311-bca8-e9a879b06765", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2862", "datePublished": "2022-08-17T00:00:00", "dateReserved": "2022-08-16T00:00:00", "dateUpdated": "2024-08-03T00:52:59.949Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1170
Vulnerability from cvelistv5
Published
2023-03-03 00:00
Modified
2024-08-02 05:40
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:40:58.916Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/286e0090-e654-46d2-ac60-29f81799d0a4" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/1c73b65229c25e3c1fd8824ba958f7cc4d604f9c" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1376", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/286e0090-e654-46d2-ac60-29f81799d0a4" }, { "url": "https://github.com/vim/vim/commit/1c73b65229c25e3c1fd8824ba958f7cc4d604f9c" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "286e0090-e654-46d2-ac60-29f81799d0a4", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1170", "datePublished": "2023-03-03T00:00:00", "dateReserved": "2023-03-03T00:00:00", "dateUpdated": "2024-08-02T05:40:58.916Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0368
Vulnerability from cvelistv5
Published
2022-01-26 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.203Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9" }, { "url": "https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "bca9ce1f-400a-4bf9-9207-3f3187cb3fa9", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0368", "datePublished": "2022-01-26T00:00:00", "dateReserved": "2022-01-25T00:00:00", "dateUpdated": "2024-08-02T23:25:40.203Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0572
Vulnerability from cvelistv5
Published
2022-02-13 00:00
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:32:46.359Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f" }, { "name": "FEDORA-2022-9cef12c14c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf" }, { "url": "https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f" }, { "name": "FEDORA-2022-9cef12c14c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "bf3e0643-03e9-4436-a1c8-74e7111c32bf", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0572", "datePublished": "2022-02-13T00:00:00", "dateReserved": "2022-02-12T00:00:00", "dateUpdated": "2024-08-02T23:32:46.359Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5441
Vulnerability from cvelistv5
Published
2023-10-05 20:30
Modified
2024-09-19 18:15
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:59:44.646Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/b54cbdf5-3e85-458d-bb38-9ea2c0b669f2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/20d161ace307e28690229b68584f2d84556f8960" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDDWD25AZIHBAA44HQT75OWLQ5UMDKU3/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGTVLUV7UCXXCZAIQIUCLG6JXAVYT3HE/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-5441", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-19T18:15:24.944541Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-19T18:15:40.773Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "20d161ace307e28690229b68584f2d84556f8960", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-05T20:30:09.121Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/b54cbdf5-3e85-458d-bb38-9ea2c0b669f2" }, { "url": "https://github.com/vim/vim/commit/20d161ace307e28690229b68584f2d84556f8960" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDDWD25AZIHBAA44HQT75OWLQ5UMDKU3/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGTVLUV7UCXXCZAIQIUCLG6JXAVYT3HE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/" } ], "source": { "advisory": "b54cbdf5-3e85-458d-bb38-9ea2c0b669f2", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-5441", "datePublished": "2023-10-05T20:30:09.121Z", "dateReserved": "2023-10-05T20:29:56.622Z", "dateUpdated": "2024-09-19T18:15:40.773Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2000
Vulnerability from cvelistv5
Published
2022-06-07 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:43.810Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/f61a64e2-d163-461b-a77e-46ab38e021f0" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/44a3f3353e0407e9fffee138125a6927d1c9e7e5" }, { "name": "FEDORA-2022-c302c5f62d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4JJNUS4AEVYSEJMCK6JZB57QHD5V2G4O/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213443" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/f61a64e2-d163-461b-a77e-46ab38e021f0" }, { "url": "https://github.com/vim/vim/commit/44a3f3353e0407e9fffee138125a6927d1c9e7e5" }, { "name": "FEDORA-2022-c302c5f62d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4JJNUS4AEVYSEJMCK6JZB57QHD5V2G4O/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "f61a64e2-d163-461b-a77e-46ab38e021f0", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2000", "datePublished": "2022-06-07T00:00:00", "dateReserved": "2022-06-06T00:00:00", "dateUpdated": "2024-08-03T00:24:43.810Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3352
Vulnerability from cvelistv5
Published
2022-09-29 00:00
Modified
2024-08-03 01:07
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:07:06.465Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/d058f182-a49b-40c7-9234-43d4c5a29f60" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ef976323e770315b5fca544efb6b2faa25674d15" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0614", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0614." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/d058f182-a49b-40c7-9234-43d4c5a29f60" }, { "url": "https://github.com/vim/vim/commit/ef976323e770315b5fca544efb6b2faa25674d15" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "d058f182-a49b-40c7-9234-43d4c5a29f60", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3352", "datePublished": "2022-09-29T00:00:00", "dateReserved": "2022-09-28T00:00:00", "dateUpdated": "2024-08-03T01:07:06.465Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0288
Vulnerability from cvelistv5
Published
2023-01-13 00:00
Modified
2024-08-02 05:02
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:02:44.119Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/550a0852-9be0-4abe-906c-f803b34e41d3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/232bdaaca98c34a99ffadf27bf6ee08be6cc8f6a" }, { "name": "FEDORA-2023-340f1d6ab9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1189", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-28T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/550a0852-9be0-4abe-906c-f803b34e41d3" }, { "url": "https://github.com/vim/vim/commit/232bdaaca98c34a99ffadf27bf6ee08be6cc8f6a" }, { "name": "FEDORA-2023-340f1d6ab9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" } ], "source": { "advisory": "550a0852-9be0-4abe-906c-f803b34e41d3", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0288", "datePublished": "2023-01-13T00:00:00", "dateReserved": "2023-01-13T00:00:00", "dateUpdated": "2024-08-02T05:02:44.119Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4192
Vulnerability from cvelistv5
Published
2021-12-31 00:00
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.251Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/4c13e5e6763c6eb36a343a2b8235ea227202e952" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use After Free" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22" }, { "url": "https://github.com/vim/vim/commit/4c13e5e6763c6eb36a343a2b8235ea227202e952" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "6dd9cb2e-a940-4093-856e-59b502429f22", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4192", "datePublished": "2021-12-31T00:00:00", "dateReserved": "2021-12-30T00:00:00", "dateUpdated": "2024-08-03T17:16:04.251Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0943
Vulnerability from cvelistv5
Published
2022-03-14 00:00
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow occurs in vim in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:47:42.937Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3" }, { "name": "FEDORA-2022-b718ebbfce", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2/" }, { "name": "FEDORA-2022-e62adccfca", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4563", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1" }, { "url": "https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3" }, { "name": "FEDORA-2022-b718ebbfce", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2/" }, { "name": "FEDORA-2022-e62adccfca", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "9e4de32f-ad5f-4830-b3ae-9467b5ab90a1", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow occurs in vim in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0943", "datePublished": "2022-03-14T00:00:00", "dateReserved": "2022-03-13T00:00:00", "dateUpdated": "2024-08-02T23:47:42.937Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3297
Vulnerability from cvelistv5
Published
2022-09-25 00:00
Modified
2024-08-03 01:07
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:07:06.447Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/1aa9ec92-0355-4710-bf85-5bce9effa01c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/0ff01835a40f549c5c4a550502f62a2ac9ac447c" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0579", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0579." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/1aa9ec92-0355-4710-bf85-5bce9effa01c" }, { "url": "https://github.com/vim/vim/commit/0ff01835a40f549c5c4a550502f62a2ac9ac447c" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "1aa9ec92-0355-4710-bf85-5bce9effa01c", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3297", "datePublished": "2022-09-25T00:00:00", "dateReserved": "2022-09-24T00:00:00", "dateUpdated": "2024-08-03T01:07:06.447Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-4141
Vulnerability from cvelistv5
Published
2022-11-25 00:00
Modified
2024-08-03 01:27
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:27:54.474Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5" }, { "name": "FEDORA-2022-1e14f3ae45", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AZ3JMSUCR6Y7626RDWQ2HNSUFIQOJ33G/" }, { "name": "FEDORA-2022-fc4c513d06", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6ZNKVN4GICORTVFKVCM4MSOXCYWNHUC/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0947", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f" }, { "url": "https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5" }, { "name": "FEDORA-2022-1e14f3ae45", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AZ3JMSUCR6Y7626RDWQ2HNSUFIQOJ33G/" }, { "name": "FEDORA-2022-fc4c513d06", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6ZNKVN4GICORTVFKVCM4MSOXCYWNHUC/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "source": { "advisory": "20ece512-c600-45ac-8a84-d0931e05541f", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-4141", "datePublished": "2022-11-25T00:00:00", "dateReserved": "2022-11-25T00:00:00", "dateUpdated": "2024-08-03T01:27:54.474Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1725
Vulnerability from cvelistv5
Published
2022-05-16 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:58.809Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/4363cf07-233e-4d0a-a1d5-c731a400525c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/b62dc5e7825bc195efe3041d5b3a9f1528359e1c" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4959", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/4363cf07-233e-4d0a-a1d5-c731a400525c" }, { "url": "https://github.com/vim/vim/commit/b62dc5e7825bc195efe3041d5b3a9f1528359e1c" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "4363cf07-233e-4d0a-a1d5-c731a400525c", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1725", "datePublished": "2022-05-16T00:00:00", "dateReserved": "2022-05-15T00:00:00", "dateUpdated": "2024-08-03T00:16:58.809Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2042
Vulnerability from cvelistv5
Published
2022-06-10 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.172Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8628b4cd-4055-4059-aed4-64f7fdc10eba" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/2813f38e021c6e6581c0c88fcf107e41788bc835" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213443" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8628b4cd-4055-4059-aed4-64f7fdc10eba" }, { "url": "https://github.com/vim/vim/commit/2813f38e021c6e6581c0c88fcf107e41788bc835" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8628b4cd-4055-4059-aed4-64f7fdc10eba", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2042", "datePublished": "2022-06-10T00:00:00", "dateReserved": "2022-06-09T00:00:00", "dateUpdated": "2024-08-03T00:24:44.172Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0319
Vulnerability from cvelistv5
Published
2022-01-21 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.514Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b" }, { "url": "https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "ba622fd2-e6ef-4ad9-95b4-17f87b68755b", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0319", "datePublished": "2022-01-21T00:00:00", "dateReserved": "2022-01-20T00:00:00", "dateUpdated": "2024-08-02T23:25:40.514Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2175
Vulnerability from cvelistv5
Published
2022-06-23 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Buffer Over-read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.074Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7f0481c2-8b57-4324-b47c-795d1ea67e55" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/6046aded8da002b08d380db29de2ba0268b6616e" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer Over-read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7f0481c2-8b57-4324-b47c-795d1ea67e55" }, { "url": "https://github.com/vim/vim/commit/6046aded8da002b08d380db29de2ba0268b6616e" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "7f0481c2-8b57-4324-b47c-795d1ea67e55", "discovery": "EXTERNAL" }, "title": "Buffer Over-read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2175", "datePublished": "2022-06-23T00:00:00", "dateReserved": "2022-06-22T00:00:00", "dateUpdated": "2024-08-03T00:32:09.074Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4781
Vulnerability from cvelistv5
Published
2023-09-05 18:32
Modified
2024-08-02 07:38
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:38:00.741Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1873", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-05T18:32:30.859Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883" }, { "url": "https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "c867eb0a-aa8b-4946-a621-510350673883", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4781", "datePublished": "2023-09-05T18:32:30.859Z", "dateReserved": "2023-09-05T18:32:20.319Z", "dateUpdated": "2024-08-02T07:38:00.741Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2946
Vulnerability from cvelistv5
Published
2022-08-23 00:00
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:53:00.389Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/adce965162dd89bf29ee0e5baf53652e7515762c" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0246", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0246." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5" }, { "url": "https://github.com/vim/vim/commit/adce965162dd89bf29ee0e5baf53652e7515762c" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "5d389a18-5026-47df-a5d0-1548a9b555d5", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2946", "datePublished": "2022-08-23T00:00:00", "dateReserved": "2022-08-22T00:00:00", "dateUpdated": "2024-08-03T00:53:00.389Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3973
Vulnerability from cvelistv5
Published
2021-11-19 11:35
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.694Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3611", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T06:10:54", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "ce6e8609-77c6-4e17-b9fc-a2e5abed052e", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3973", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3611" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e" }, { "name": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847" }, { "name": "FEDORA-2021-5cd9df120e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "ce6e8609-77c6-4e17-b9fc-a2e5abed052e", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3973", "datePublished": "2021-11-19T11:35:11", "dateReserved": "2021-11-17T00:00:00", "dateUpdated": "2024-08-03T17:09:09.694Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1733
Vulnerability from cvelistv5
Published
2022-05-17 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:59.835Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/6ff03b27-472b-4bef-a2bf-410fae65ff0a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/60ae0e71490c97f2871a6344aca61cacf220f813" }, { "name": "FEDORA-2022-d6d1ac4ca7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/" }, { "name": "FEDORA-2022-74b9e404c1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/" }, { "name": "FEDORA-2022-d044e7e0b4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4968", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/6ff03b27-472b-4bef-a2bf-410fae65ff0a" }, { "url": "https://github.com/vim/vim/commit/60ae0e71490c97f2871a6344aca61cacf220f813" }, { "name": "FEDORA-2022-d6d1ac4ca7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/" }, { "name": "FEDORA-2022-74b9e404c1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/" }, { "name": "FEDORA-2022-d044e7e0b4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "6ff03b27-472b-4bef-a2bf-410fae65ff0a", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1733", "datePublished": "2022-05-17T00:00:00", "dateReserved": "2022-05-16T00:00:00", "dateUpdated": "2024-08-03T00:16:59.835Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3974
Vulnerability from cvelistv5
Published
2021-11-19 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.885Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/e402cb2c-8ec4-4828-a692-c95f8e0de6d4" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/64066b9acd9f8cffdf4840f797748f938a13f2d6" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3612", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use After Free" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/e402cb2c-8ec4-4828-a692-c95f8e0de6d4" }, { "url": "https://github.com/vim/vim/commit/64066b9acd9f8cffdf4840f797748f938a13f2d6" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "e402cb2c-8ec4-4828-a692-c95f8e0de6d4", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3974", "datePublished": "2021-11-19T00:00:00", "dateReserved": "2021-11-17T00:00:00", "dateUpdated": "2024-08-03T17:09:09.885Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0213
Vulnerability from cvelistv5
Published
2022-01-14 00:00
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:42.888Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed" }, { "url": "https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "f3afe1a5-e6f8-4579-b68a-6e5c7e39afed", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0213", "datePublished": "2022-01-14T00:00:00", "dateReserved": "2022-01-13T00:00:00", "dateUpdated": "2024-08-02T23:18:42.888Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3968
Vulnerability from cvelistv5
Published
2021-11-19 11:40
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.784Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3610", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:09:19", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "00d62924-a7b4-4a61-ba29-acab2eaa1528", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3968", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3610" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528" }, { "name": "https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69" }, { "name": "FEDORA-2021-5cd9df120e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "00d62924-a7b4-4a61-ba29-acab2eaa1528", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3968", "datePublished": "2021-11-19T11:40:12", "dateReserved": "2021-11-17T00:00:00", "dateUpdated": "2024-08-03T17:09:09.784Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3778
Vulnerability from cvelistv5
Published
2021-09-15 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:08.823Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f" }, { "name": "[oss-security] 20210930 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "name": "FEDORA-2021-968f57ec98", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221118-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3409", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-18T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273" }, { "url": "https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f" }, { "name": "[oss-security] 20210930 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "name": "FEDORA-2021-968f57ec98", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://security.netapp.com/advisory/ntap-20221118-0003/" } ], "source": { "advisory": "d9c17308-2c99-4f9f-a706-f7f72c24c273", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3778", "datePublished": "2021-09-15T00:00:00", "dateReserved": "2021-09-07T00:00:00", "dateUpdated": "2024-08-03T17:09:08.823Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2206
Vulnerability from cvelistv5
Published
2022-06-26 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.643Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/01d01e74-55d0-4d9e-878e-79ba599be668" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e178af5a586ea023622d460779fdcabbbfac0908" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/01d01e74-55d0-4d9e-878e-79ba599be668" }, { "url": "https://github.com/vim/vim/commit/e178af5a586ea023622d460779fdcabbbfac0908" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "01d01e74-55d0-4d9e-878e-79ba599be668", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2206", "datePublished": "2022-06-26T00:00:00", "dateReserved": "2022-06-25T00:00:00", "dateUpdated": "2024-08-03T00:32:08.643Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0158
Vulnerability from cvelistv5
Published
2022-01-10 15:25
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/ | vendor-advisory, x_refsource_FEDORA | |
https://support.apple.com/kb/HT213183 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Mar/29 | mailing-list, x_refsource_FULLDISC | |
https://support.apple.com/kb/HT213344 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Jul/13 | mailing-list, x_refsource_FULLDISC | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:42.015Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39" }, { "name": "FEDORA-2022-20e66c6698", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:11:19", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39" }, { "name": "FEDORA-2022-20e66c6698", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "ac5d7005-07c6-4a0a-b251-ba9cdbf6738b", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-0158", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b" }, { "name": "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39" }, { "name": "FEDORA-2022-20e66c6698", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213344", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "ac5d7005-07c6-4a0a-b251-ba9cdbf6738b", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0158", "datePublished": "2022-01-10T15:25:35", "dateReserved": "2022-01-09T00:00:00", "dateUpdated": "2024-08-02T23:18:42.015Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1381
Vulnerability from cvelistv5
Published
2022-04-17 00:00
Modified
2024-08-03 00:03
Severity ?
EPSS score ?
Summary
global heap buffer overflow in skip_range in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:03:05.959Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/55f9c0e8-c221-48b6-a00e-bdcaebaba4a4" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/f50808ed135ab973296bca515ae4029b321afe47" }, { "name": "FEDORA-2022-e304fffd34", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/" }, { "name": "FEDORA-2022-b605768c94", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4763", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/55f9c0e8-c221-48b6-a00e-bdcaebaba4a4" }, { "url": "https://github.com/vim/vim/commit/f50808ed135ab973296bca515ae4029b321afe47" }, { "name": "FEDORA-2022-e304fffd34", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/" }, { "name": "FEDORA-2022-b605768c94", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "55f9c0e8-c221-48b6-a00e-bdcaebaba4a4", "discovery": "EXTERNAL" }, "title": "global heap buffer overflow in skip_range in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1381", "datePublished": "2022-04-17T00:00:00", "dateReserved": "2022-04-16T00:00:00", "dateUpdated": "2024-08-03T00:03:05.959Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2284
Vulnerability from cvelistv5
Published
2022-07-02 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.615Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/571d25ce-8d53-4fa0-b620-27f2a8a14874" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/3d51ce18ab1be4f9f6061568a4e7fabf00b21794" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/571d25ce-8d53-4fa0-b620-27f2a8a14874" }, { "url": "https://github.com/vim/vim/commit/3d51ce18ab1be4f9f6061568a4e7fabf00b21794" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "571d25ce-8d53-4fa0-b620-27f2a8a14874", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2284", "datePublished": "2022-07-02T00:00:00", "dateReserved": "2022-07-01T00:00:00", "dateUpdated": "2024-08-03T00:32:09.615Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2287
Vulnerability from cvelistv5
Published
2022-07-02 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.365Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/654aa069-3a9d-45d3-9a52-c1cf3490c284" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/5e59ea54c0c37c2f84770f068d95280069828774" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/654aa069-3a9d-45d3-9a52-c1cf3490c284" }, { "url": "https://github.com/vim/vim/commit/5e59ea54c0c37c2f84770f068d95280069828774" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "654aa069-3a9d-45d3-9a52-c1cf3490c284", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2287", "datePublished": "2022-07-02T00:00:00", "dateReserved": "2022-07-01T00:00:00", "dateUpdated": "2024-08-03T00:32:09.365Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3296
Vulnerability from cvelistv5
Published
2022-09-25 00:00
Modified
2024-08-03 01:07
Severity ?
EPSS score ?
Summary
Stack-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:07:06.473Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/96b9bf8f74af8abf1e30054f996708db7dc285be" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0577", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077" }, { "url": "https://github.com/vim/vim/commit/96b9bf8f74af8abf1e30054f996708db7dc285be" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "958866b8-526a-4979-9471-39392e0c9077", "discovery": "EXTERNAL" }, "title": "Stack-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3296", "datePublished": "2022-09-25T00:00:00", "dateReserved": "2022-09-24T00:00:00", "dateUpdated": "2024-08-03T01:07:06.473Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1720
Vulnerability from cvelistv5
Published
2022-05-16 00:00
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
Buffer Over-read in function grab_file_name in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:10:03.797Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/5ccfb386-7eb9-46e5-98e5-243ea4b358a8" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/395bd1f6d3edc9f7edb5d1f2d7deaf5a9e3ab93c" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213443" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4956", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/5ccfb386-7eb9-46e5-98e5-243ea4b358a8" }, { "url": "https://github.com/vim/vim/commit/395bd1f6d3edc9f7edb5d1f2d7deaf5a9e3ab93c" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "5ccfb386-7eb9-46e5-98e5-243ea4b358a8", "discovery": "EXTERNAL" }, "title": "Buffer Over-read in function grab_file_name in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1720", "datePublished": "2022-05-16T00:00:00", "dateReserved": "2022-05-14T00:00:00", "dateUpdated": "2024-08-03T00:10:03.797Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2610
Vulnerability from cvelistv5
Published
2023-05-09 00:00
Modified
2024-11-29 12:04
Severity ?
EPSS score ?
Summary
Integer Overflow or Wraparound in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-29T12:04:37.443Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a" }, { "name": "FEDORA-2023-99d2eaac80", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" }, { "url": "https://security.netapp.com/advisory/ntap-20241129-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1532", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-23T07:06:26.300355", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d" }, { "url": "https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a" }, { "name": "FEDORA-2023-99d2eaac80", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" } ], "source": { "advisory": "31e67340-935b-4f6c-a923-f7246bc29c7d", "discovery": "EXTERNAL" }, "title": "Integer Overflow or Wraparound in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2023-2610", "datePublished": "2023-05-09T00:00:00", "dateReserved": "2023-05-09T00:00:00", "dateUpdated": "2024-11-29T12:04:37.443Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1927
Vulnerability from cvelistv5
Published
2022-05-29 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Buffer Over-read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.945Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer Over-read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777" }, { "url": "https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "945107ef-0b27-41c7-a03c-db99def0e777", "discovery": "EXTERNAL" }, "title": "Buffer Over-read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1927", "datePublished": "2022-05-29T00:00:00", "dateReserved": "2022-05-28T00:00:00", "dateUpdated": "2024-08-03T00:17:00.945Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4136
Vulnerability from cvelistv5
Published
2021-12-19 17:00
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.242Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/5c6b93c1-2d27-4e98-a931-147877b8c938" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/605ec91e5a7330d61be313637e495fa02a6dc264" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3846", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T07:07:32", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/5c6b93c1-2d27-4e98-a931-147877b8c938" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/605ec91e5a7330d61be313637e495fa02a6dc264" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "5c6b93c1-2d27-4e98-a931-147877b8c938", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-4136", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3846" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/5c6b93c1-2d27-4e98-a931-147877b8c938", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/5c6b93c1-2d27-4e98-a931-147877b8c938" }, { "name": "https://github.com/vim/vim/commit/605ec91e5a7330d61be313637e495fa02a6dc264", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/605ec91e5a7330d61be313637e495fa02a6dc264" }, { "name": "FEDORA-2022-a3d70b50f0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213256", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "https://support.apple.com/kb/HT213343", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "5c6b93c1-2d27-4e98-a931-147877b8c938", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4136", "datePublished": "2021-12-19T17:00:10", "dateReserved": "2021-12-18T00:00:00", "dateUpdated": "2024-08-03T17:16:04.242Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0443
Vulnerability from cvelistv5
Published
2022-02-02 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.652Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51" }, { "url": "https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "b987c8cb-bbbe-4601-8a6c-54ff907c6b51", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0443", "datePublished": "2022-02-02T00:00:00", "dateReserved": "2022-02-01T00:00:00", "dateUpdated": "2024-08-02T23:25:40.652Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2889
Vulnerability from cvelistv5
Published
2022-08-19 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.666Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/d1ac9817-825d-49ce-b514-1d5b12b6bdaa" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/91c7cbfe31bbef57d5fcf7d76989fc159f73ef15" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0225", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0225." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/d1ac9817-825d-49ce-b514-1d5b12b6bdaa" }, { "url": "https://github.com/vim/vim/commit/91c7cbfe31bbef57d5fcf7d76989fc159f73ef15" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "d1ac9817-825d-49ce-b514-1d5b12b6bdaa", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2889", "datePublished": "2022-08-19T00:00:00", "dateReserved": "2022-08-18T00:00:00", "dateUpdated": "2024-08-03T00:52:59.666Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1154
Vulnerability from cvelistv5
Published
2022-03-30 00:00
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
Use after free in utf_ptr2char in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:55:24.251Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5" }, { "name": "FEDORA-2022-d776fcfe60", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/" }, { "name": "FEDORA-2022-e62adccfca", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4646", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425" }, { "url": "https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5" }, { "name": "FEDORA-2022-d776fcfe60", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/" }, { "name": "FEDORA-2022-e62adccfca", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "7f0ec6bc-ea0e-45b0-8128-caac72d23425", "discovery": "EXTERNAL" }, "title": "Use after free in utf_ptr2char in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1154", "datePublished": "2022-03-30T00:00:00", "dateReserved": "2022-03-29T00:00:00", "dateUpdated": "2024-08-02T23:55:24.251Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2231
Vulnerability from cvelistv5
Published
2022-06-28 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.511Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8dae6ab4-7a7a-4716-a65c-9b090fa057b5" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/79481367a457951aabd9501b510fd7e3eb29c3d8" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8dae6ab4-7a7a-4716-a65c-9b090fa057b5" }, { "url": "https://github.com/vim/vim/commit/79481367a457951aabd9501b510fd7e3eb29c3d8" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8dae6ab4-7a7a-4716-a65c-9b090fa057b5", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2231", "datePublished": "2022-06-28T00:00:00", "dateReserved": "2022-06-27T00:00:00", "dateUpdated": "2024-08-03T00:32:09.511Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2207
Vulnerability from cvelistv5
Published
2022-06-27 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.718Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/05bc6051-4dc3-483b-ae56-cf23346b97b9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/0971c7a4e537ea120a6bb2195960be8d0815e97b" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/05bc6051-4dc3-483b-ae56-cf23346b97b9" }, { "url": "https://github.com/vim/vim/commit/0971c7a4e537ea120a6bb2195960be8d0815e97b" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "05bc6051-4dc3-483b-ae56-cf23346b97b9", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2207", "datePublished": "2022-06-27T00:00:00", "dateReserved": "2022-06-26T00:00:00", "dateUpdated": "2024-08-03T00:32:08.718Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2581
Vulnerability from cvelistv5
Published
2022-08-01 14:12
Modified
2024-08-03 00:39
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/0bedbae2-82ae-46ae-aa68-1c28b309b60b | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/f50940531dd57135fe60aa393ac9d3281f352d88 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:39:08.042Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/0bedbae2-82ae-46ae-aa68-1c28b309b60b" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/f50940531dd57135fe60aa393ac9d3281f352d88" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0104", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-01T14:12:51", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/0bedbae2-82ae-46ae-aa68-1c28b309b60b" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/f50940531dd57135fe60aa393ac9d3281f352d88" } ], "source": { "advisory": "0bedbae2-82ae-46ae-aa68-1c28b309b60b", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-2581", "STATE": "PUBLIC", "TITLE": "Out-of-bounds Read in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "9.0.0104" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125 Out-of-bounds Read" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/0bedbae2-82ae-46ae-aa68-1c28b309b60b", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/0bedbae2-82ae-46ae-aa68-1c28b309b60b" }, { "name": "https://github.com/vim/vim/commit/f50940531dd57135fe60aa393ac9d3281f352d88", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/f50940531dd57135fe60aa393ac9d3281f352d88" } ] }, "source": { "advisory": "0bedbae2-82ae-46ae-aa68-1c28b309b60b", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2581", "datePublished": "2022-08-01T14:12:51", "dateReserved": "2022-07-29T00:00:00", "dateUpdated": "2024-08-03T00:39:08.042Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2845
Vulnerability from cvelistv5
Published
2022-08-17 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Improper Validation of Specified Quantity in Input in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:58.914Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/3e1d31ac-1cfd-4a9f-bc5c-213376b69445" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e98c88c44c308edaea5994b8ad4363e65030968c" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0218", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eImproper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.\u003c/p\u003e" } ], "value": "Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1284", "description": "CWE-1284 Improper Validation of Specified Quantity in Input", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-10T07:47:29.572Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/3e1d31ac-1cfd-4a9f-bc5c-213376b69445" }, { "url": "https://github.com/vim/vim/commit/e98c88c44c308edaea5994b8ad4363e65030968c" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "3e1d31ac-1cfd-4a9f-bc5c-213376b69445", "discovery": "EXTERNAL" }, "title": "Improper Validation of Specified Quantity in Input in vim/vim", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2845", "datePublished": "2022-08-17T00:00:00", "dateReserved": "2022-08-16T00:00:00", "dateUpdated": "2024-08-03T00:52:58.914Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3770
Vulnerability from cvelistv5
Published
2021-09-06 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:08.768Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/016ad2f2-07c1-4d14-a8ce-6eed10729365" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9" }, { "name": "FEDORA-2021-5fa81a2b04", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2CJLY3CF55I2ULG2X4ENXLSXAXYW5J4/" }, { "name": "FEDORA-2021-4a43cbe0b4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4FFQARG3LGREPDZRI4C7ERQL3RJKEWQ/" }, { "name": "FEDORA-2021-e982f972f2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFNTMVZCN4TRTTCAXRLVQ7H2P7FYAIZQ/" }, { "name": "[oss-security] 20210930 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221124-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3403", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-24T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/016ad2f2-07c1-4d14-a8ce-6eed10729365" }, { "url": "https://github.com/vim/vim/commit/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9" }, { "name": "FEDORA-2021-5fa81a2b04", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2CJLY3CF55I2ULG2X4ENXLSXAXYW5J4/" }, { "name": "FEDORA-2021-4a43cbe0b4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4FFQARG3LGREPDZRI4C7ERQL3RJKEWQ/" }, { "name": "FEDORA-2021-e982f972f2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFNTMVZCN4TRTTCAXRLVQ7H2P7FYAIZQ/" }, { "name": "[oss-security] 20210930 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://security.netapp.com/advisory/ntap-20221124-0003/" } ], "source": { "advisory": "016ad2f2-07c1-4d14-a8ce-6eed10729365", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3770", "datePublished": "2021-09-06T00:00:00", "dateReserved": "2021-09-05T00:00:00", "dateUpdated": "2024-08-03T17:09:08.768Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2817
Vulnerability from cvelistv5
Published
2022-08-15 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:58.962Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a7b7d242-3d88-4bde-a681-6c986aff886f" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/249e1b903a9c0460d618f6dcc59aeb8c03b24b20" }, { "name": "FEDORA-2022-6f5e420e52", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0213", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0213." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a7b7d242-3d88-4bde-a681-6c986aff886f" }, { "url": "https://github.com/vim/vim/commit/249e1b903a9c0460d618f6dcc59aeb8c03b24b20" }, { "name": "FEDORA-2022-6f5e420e52", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "a7b7d242-3d88-4bde-a681-6c986aff886f", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2817", "datePublished": "2022-08-15T00:00:00", "dateReserved": "2022-08-14T00:00:00", "dateUpdated": "2024-08-03T00:52:58.962Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1420
Vulnerability from cvelistv5
Published
2022-04-21 00:00
Modified
2024-08-03 00:03
Severity ?
EPSS score ?
Summary
Use of Out-of-range Pointer Offset in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:03:06.320Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a4323ef8-90ea-4e1c-90e9-c778f0ecf326" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8b91e71441069b1dde9ac9ff9d9a829b1b4aecca" }, { "name": "FEDORA-2022-e304fffd34", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/" }, { "name": "FEDORA-2022-b605768c94", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4774", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE-823 Use of Out-of-range Pointer Offset", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a4323ef8-90ea-4e1c-90e9-c778f0ecf326" }, { "url": "https://github.com/vim/vim/commit/8b91e71441069b1dde9ac9ff9d9a829b1b4aecca" }, { "name": "FEDORA-2022-e304fffd34", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/" }, { "name": "FEDORA-2022-b605768c94", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "a4323ef8-90ea-4e1c-90e9-c778f0ecf326", "discovery": "EXTERNAL" }, "title": "Use of Out-of-range Pointer Offset in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1420", "datePublished": "2022-04-21T00:00:00", "dateReserved": "2022-04-21T00:00:00", "dateUpdated": "2024-08-03T00:03:06.320Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5344
Vulnerability from cvelistv5
Published
2023-10-02 19:20
Modified
2024-08-02 07:52
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:52:08.576Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/3bd7fa12e146c6051490d048a4acbfba974eeb04" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZOXBUJLJ5VSPN3YXWN7XZA4JDYKNE7GZ/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT214038" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT214036" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT214037" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Dec/9" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Dec/10" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Dec/11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1969", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-02T19:20:30.352Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf" }, { "url": "https://github.com/vim/vim/commit/3bd7fa12e146c6051490d048a4acbfba974eeb04" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZOXBUJLJ5VSPN3YXWN7XZA4JDYKNE7GZ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/" }, { "url": "https://support.apple.com/kb/HT214038" }, { "url": "https://support.apple.com/kb/HT214036" }, { "url": "https://support.apple.com/kb/HT214037" }, { "url": "http://seclists.org/fulldisclosure/2023/Dec/9" }, { "url": "http://seclists.org/fulldisclosure/2023/Dec/10" }, { "url": "http://seclists.org/fulldisclosure/2023/Dec/11" } ], "source": { "advisory": "530cb762-899e-48d7-b50e-dad09eb775bf", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-5344", "datePublished": "2023-10-02T19:20:30.352Z", "dateReserved": "2023-10-02T19:20:20.807Z", "dateUpdated": "2024-08-02T07:52:08.576Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1942
Vulnerability from cvelistv5
Published
2022-05-31 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:42.635Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071" }, { "url": "https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "67ca4d3b-9175-43c1-925c-72a7091bc071", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1942", "datePublished": "2022-05-31T00:00:00", "dateReserved": "2022-05-30T00:00:00", "dateUpdated": "2024-08-03T00:24:42.635Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2288
Vulnerability from cvelistv5
Published
2022-07-03 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.377Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a71bdcb7-4e9b-4650-ab6a-fe8e3e9852ad" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c6fdb15d423df22e1776844811d082322475e48a" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a71bdcb7-4e9b-4650-ab6a-fe8e3e9852ad" }, { "url": "https://github.com/vim/vim/commit/c6fdb15d423df22e1776844811d082322475e48a" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "a71bdcb7-4e9b-4650-ab6a-fe8e3e9852ad", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2288", "datePublished": "2022-07-03T00:00:00", "dateReserved": "2022-07-02T00:00:00", "dateUpdated": "2024-08-03T00:32:09.377Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1620
Vulnerability from cvelistv5
Published
2022-05-08 00:00
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:10:03.680Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f" }, { "name": "FEDORA-2022-e92c3ce170", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/" }, { "name": "FEDORA-2022-f0db3943d9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4901", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51" }, { "url": "https://github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f" }, { "name": "FEDORA-2022-e92c3ce170", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/" }, { "name": "FEDORA-2022-f0db3943d9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "7a4c59f3-fcc0-4496-995d-5ca6acd2da51", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1620", "datePublished": "2022-05-08T00:00:00", "dateReserved": "2022-05-07T00:00:00", "dateUpdated": "2024-08-03T00:10:03.680Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3984
Vulnerability from cvelistv5
Published
2021-12-01 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.762Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/b114b5a2-18e2-49f0-b350-15994d71426a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/2de9b7c7c8791da8853a9a7ca9c467867465b655" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3625", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/b114b5a2-18e2-49f0-b350-15994d71426a" }, { "url": "https://github.com/vim/vim/commit/2de9b7c7c8791da8853a9a7ca9c467867465b655" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "b114b5a2-18e2-49f0-b350-15994d71426a", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3984", "datePublished": "2021-12-01T00:00:00", "dateReserved": "2021-11-19T00:00:00", "dateUpdated": "2024-08-03T17:09:09.762Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0359
Vulnerability from cvelistv5
Published
2022-01-26 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.517Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def" }, { "url": "https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "a3192d90-4f82-4a67-b7a6-37046cc88def", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0359", "datePublished": "2022-01-26T00:00:00", "dateReserved": "2022-01-25T00:00:00", "dateUpdated": "2024-08-02T23:25:40.517Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1898
Vulnerability from cvelistv5
Published
2022-05-27 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.923Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/45aad635-c2f1-47ca-a4f9-db5b25979cea" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e2fa213cf571041dbd04ab0329303ffdc980678a" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/45aad635-c2f1-47ca-a4f9-db5b25979cea" }, { "url": "https://github.com/vim/vim/commit/e2fa213cf571041dbd04ab0329303ffdc980678a" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "45aad635-c2f1-47ca-a4f9-db5b25979cea", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1898", "datePublished": "2022-05-27T00:00:00", "dateReserved": "2022-05-26T00:00:00", "dateUpdated": "2024-08-03T00:17:00.923Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0318
Vulnerability from cvelistv5
Published
2022-01-21 00:00
Modified
2024-11-15 13:08
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-15T13:08:06.801Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "url": "https://security.netapp.com/advisory/ntap-20241115-0004/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-24T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08" }, { "url": "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "source": { "advisory": "0d10ba02-b138-4e68-a284-67f781a62d08", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0318", "datePublished": "2022-01-21T00:00:00", "dateReserved": "2022-01-20T00:00:00", "dateUpdated": "2024-11-15T13:08:06.801Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4752
Vulnerability from cvelistv5
Published
2023-09-04 13:46
Modified
2024-08-02 07:38
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:38:00.703Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1858", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.1858." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-04T13:46:57.231Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757" }, { "url": "https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "85f62dd7-ed84-4fa2-b265-8a369a318757", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4752", "datePublished": "2023-09-04T13:46:57.231Z", "dateReserved": "2023-09-03T19:27:38.107Z", "dateUpdated": "2024-08-02T07:38:00.703Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3234
Vulnerability from cvelistv5
Published
2022-09-17 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.976Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/90fdf374-bf04-4386-8a23-38c83b88f0da" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c249913edc35c0e666d783bfc21595cf9f7d9e0d" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0483", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/90fdf374-bf04-4386-8a23-38c83b88f0da" }, { "url": "https://github.com/vim/vim/commit/c249913edc35c0e666d783bfc21595cf9f7d9e0d" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "90fdf374-bf04-4386-8a23-38c83b88f0da", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3234", "datePublished": "2022-09-17T00:00:00", "dateReserved": "2022-09-16T00:00:00", "dateUpdated": "2024-08-03T01:00:10.976Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3324
Vulnerability from cvelistv5
Published
2022-09-27 00:00
Modified
2024-08-03 01:07
Severity ?
EPSS score ?
Summary
Stack-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:07:06.474Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/e414e55b-f332-491f-863b-c18dca97403c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8279af514ca7e5fd3c31cf13b0864163d1a0bfeb" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0598", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/e414e55b-f332-491f-863b-c18dca97403c" }, { "url": "https://github.com/vim/vim/commit/8279af514ca7e5fd3c31cf13b0864163d1a0bfeb" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "e414e55b-f332-491f-863b-c18dca97403c", "discovery": "EXTERNAL" }, "title": "Stack-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3324", "datePublished": "2022-09-27T00:00:00", "dateReserved": "2022-09-26T00:00:00", "dateUpdated": "2024-08-03T01:07:06.474Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4750
Vulnerability from cvelistv5
Published
2023-09-04 13:47
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.540Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1857", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.1857." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-04T13:47:02.921Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea" }, { "url": "https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "1ab3ebdf-fe7d-4436-b483-9a586e03b0ea", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4750", "datePublished": "2023-09-04T13:47:02.921Z", "dateReserved": "2023-09-03T18:26:35.226Z", "dateUpdated": "2024-08-02T07:37:59.540Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2609
Vulnerability from cvelistv5
Published
2023-05-09 00:00
Modified
2024-08-02 06:26
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:26:09.713Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/1679be5a-565f-4a44-a430-836412a0b622" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/d1ae8366aff286d41e7f5bc513cc0a1af5130aad" }, { "name": "FEDORA-2023-99d2eaac80", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1531", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-23T07:06:22.968939", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.dev/bounties/1679be5a-565f-4a44-a430-836412a0b622" }, { "url": "https://github.com/vim/vim/commit/d1ae8366aff286d41e7f5bc513cc0a1af5130aad" }, { "name": "FEDORA-2023-99d2eaac80", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" } ], "source": { "advisory": "1679be5a-565f-4a44-a430-836412a0b622", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2023-2609", "datePublished": "2023-05-09T00:00:00", "dateReserved": "2023-05-09T00:00:00", "dateUpdated": "2024-08-02T06:26:09.713Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4193
Vulnerability from cvelistv5
Published
2021-12-31 00:00
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.259Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3901", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Out-of-bounds Read" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0" }, { "url": "https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "92c1940d-8154-473f-84ce-0de43b0c2eb0", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4193", "datePublished": "2021-12-31T00:00:00", "dateReserved": "2021-12-30T00:00:00", "dateUpdated": "2024-08-03T17:16:04.259Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0156
Vulnerability from cvelistv5
Published
2022-01-10 15:26
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/ | vendor-advisory, x_refsource_FEDORA | |
https://support.apple.com/kb/HT213183 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Mar/29 | mailing-list, x_refsource_FULLDISC | |
https://support.apple.com/kb/HT213344 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Jul/13 | mailing-list, x_refsource_FULLDISC | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:41.990Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f" }, { "name": "FEDORA-2022-20e66c6698", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use After Free" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:08:55", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f" }, { "name": "FEDORA-2022-20e66c6698", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "47dded34-3767-4725-8c7c-9dcb68c70b36", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-0156", "STATE": "PUBLIC", "TITLE": "Use After Free in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Use After Free" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-416 Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36" }, { "name": "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f" }, { "name": "FEDORA-2022-20e66c6698", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213344", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "47dded34-3767-4725-8c7c-9dcb68c70b36", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0156", "datePublished": "2022-01-10T15:26:33", "dateReserved": "2022-01-08T00:00:00", "dateUpdated": "2024-08-02T23:18:41.990Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2980
Vulnerability from cvelistv5
Published
2022-08-25 00:00
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:53:00.834Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/6e7b12a5-242c-453d-b39e-9625d563b0ea" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/80525751c5ce9ed82c41d83faf9ef38667bf61b1" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0259", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/6e7b12a5-242c-453d-b39e-9625d563b0ea" }, { "url": "https://github.com/vim/vim/commit/80525751c5ce9ed82c41d83faf9ef38667bf61b1" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "6e7b12a5-242c-453d-b39e-9625d563b0ea", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2980", "datePublished": "2022-08-25T00:00:00", "dateReserved": "2022-08-24T00:00:00", "dateUpdated": "2024-08-03T00:53:00.834Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1264
Vulnerability from cvelistv5
Published
2023-03-07 00:00
Modified
2024-08-02 05:40
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:40:59.781Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/b2989095-88f3-413a-9a39-c1c58a6e6815" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/7ac5023a5f1a37baafbe1043645f97ba3443d9f6" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1392", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/b2989095-88f3-413a-9a39-c1c58a6e6815" }, { "url": "https://github.com/vim/vim/commit/7ac5023a5f1a37baafbe1043645f97ba3443d9f6" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "b2989095-88f3-413a-9a39-c1c58a6e6815", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1264", "datePublished": "2023-03-07T00:00:00", "dateReserved": "2023-03-07T00:00:00", "dateUpdated": "2024-08-02T05:40:59.781Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2344
Vulnerability from cvelistv5
Published
2022-07-08 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.510Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/4a095ed9-3125-464a-b656-c31b437e1996" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/baefde14550231f6468ac2ed2ed495bc381c0c92" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0045", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/4a095ed9-3125-464a-b656-c31b437e1996" }, { "url": "https://github.com/vim/vim/commit/baefde14550231f6468ac2ed2ed495bc381c0c92" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "4a095ed9-3125-464a-b656-c31b437e1996", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2344", "datePublished": "2022-07-08T00:00:00", "dateReserved": "2022-07-07T00:00:00", "dateUpdated": "2024-08-03T00:32:09.510Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2285
Vulnerability from cvelistv5
Published
2022-07-02 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Integer Overflow or Wraparound in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.379Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/64574b28-1779-458d-a221-06c434042736" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/27efc62f5d86afcb2ecb7565587fe8dea4b036fe" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/64574b28-1779-458d-a221-06c434042736" }, { "url": "https://github.com/vim/vim/commit/27efc62f5d86afcb2ecb7565587fe8dea4b036fe" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "64574b28-1779-458d-a221-06c434042736", "discovery": "EXTERNAL" }, "title": "Integer Overflow or Wraparound in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2285", "datePublished": "2022-07-02T00:00:00", "dateReserved": "2022-07-01T00:00:00", "dateUpdated": "2024-08-03T00:32:09.379Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0261
Vulnerability from cvelistv5
Published
2022-01-18 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:39.618Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82" }, { "url": "https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "fa795954-8775-4f23-98c6-d4d4d3fe8a82", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0261", "datePublished": "2022-01-18T00:00:00", "dateReserved": "2022-01-17T00:00:00", "dateUpdated": "2024-08-02T23:25:39.618Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1769
Vulnerability from cvelistv5
Published
2022-05-17 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
Buffer Over-read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:59.943Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/522076b2-96cb-4df6-a504-e6e2f64c171c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/4748c4bd64610cf943a431d215bb1aad51f8d0b4" }, { "name": "FEDORA-2022-d6d1ac4ca7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/" }, { "name": "FEDORA-2022-74b9e404c1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/" }, { "name": "FEDORA-2022-d044e7e0b4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4974", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/522076b2-96cb-4df6-a504-e6e2f64c171c" }, { "url": "https://github.com/vim/vim/commit/4748c4bd64610cf943a431d215bb1aad51f8d0b4" }, { "name": "FEDORA-2022-d6d1ac4ca7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/" }, { "name": "FEDORA-2022-74b9e404c1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/" }, { "name": "FEDORA-2022-d044e7e0b4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "522076b2-96cb-4df6-a504-e6e2f64c171c", "discovery": "EXTERNAL" }, "title": "Buffer Over-read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1769", "datePublished": "2022-05-17T00:00:00", "dateReserved": "2022-05-17T00:00:00", "dateUpdated": "2024-08-03T00:16:59.943Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2923
Vulnerability from cvelistv5
Published
2022-08-22 00:00
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:53:00.468Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/fd3a3ab8-ab0f-452f-afea-8c613e283fd2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/6669de1b235843968e88844ca6d3c8dec4b01a9e" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0240", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/fd3a3ab8-ab0f-452f-afea-8c613e283fd2" }, { "url": "https://github.com/vim/vim/commit/6669de1b235843968e88844ca6d3c8dec4b01a9e" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "fd3a3ab8-ab0f-452f-afea-8c613e283fd2", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2923", "datePublished": "2022-08-22T00:00:00", "dateReserved": "2022-08-21T00:00:00", "dateUpdated": "2024-08-03T00:53:00.468Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0393
Vulnerability from cvelistv5
Published
2022-01-28 21:30
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/ | vendor-advisory, x_refsource_FEDORA | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.452Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T07:08:26", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "ecc8f488-01a0-477f-848f-e30b8e524bba", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-0393", "STATE": "PUBLIC", "TITLE": "Out-of-bounds Read in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125 Out-of-bounds Read" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba" }, { "name": "https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323" }, { "name": "FEDORA-2022-da2fb07efb", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "ecc8f488-01a0-477f-848f-e30b8e524bba", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0393", "datePublished": "2022-01-28T21:30:26", "dateReserved": "2022-01-27T00:00:00", "dateUpdated": "2024-08-02T23:25:40.452Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0392
Vulnerability from cvelistv5
Published
2022-01-28 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.387Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-24T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126" }, { "url": "https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "source": { "advisory": "d00a2acd-1935-4195-9d5b-4115ef6b3126", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0392", "datePublished": "2022-01-28T00:00:00", "dateReserved": "2022-01-27T00:00:00", "dateUpdated": "2024-08-02T23:25:40.387Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3256
Vulnerability from cvelistv5
Published
2022-09-22 00:00
Modified
2024-08-03 01:07
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:07:05.916Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8336a3df-212a-4f8d-ae34-76ef1f936bb3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8ecfa2c56b4992c7f067b92488aa9acea5a454ad" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0530", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0530." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8336a3df-212a-4f8d-ae34-76ef1f936bb3" }, { "url": "https://github.com/vim/vim/commit/8ecfa2c56b4992c7f067b92488aa9acea5a454ad" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8336a3df-212a-4f8d-ae34-76ef1f936bb3", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3256", "datePublished": "2022-09-22T00:00:00", "dateReserved": "2022-09-21T00:00:00", "dateUpdated": "2024-08-03T01:07:05.916Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4187
Vulnerability from cvelistv5
Published
2021-12-29 17:10
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.239Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/a8bee03a-6e2e-43bf-bee3-4968c5386a2e" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/4bf1006cae7e87259ccd5219128c3dba75774441" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use After Free" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:06:36", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/a8bee03a-6e2e-43bf-bee3-4968c5386a2e" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/4bf1006cae7e87259ccd5219128c3dba75774441" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "a8bee03a-6e2e-43bf-bee3-4968c5386a2e", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-4187", "STATE": "PUBLIC", "TITLE": "Use After Free in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Use After Free" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-416 Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/a8bee03a-6e2e-43bf-bee3-4968c5386a2e", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/a8bee03a-6e2e-43bf-bee3-4968c5386a2e" }, { "name": "https://github.com/vim/vim/commit/4bf1006cae7e87259ccd5219128c3dba75774441", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/4bf1006cae7e87259ccd5219128c3dba75774441" }, { "name": "FEDORA-2022-a3d70b50f0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213256", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "https://support.apple.com/kb/HT213343", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "a8bee03a-6e2e-43bf-bee3-4968c5386a2e", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4187", "datePublished": "2021-12-29T17:10:09", "dateReserved": "2021-12-28T00:00:00", "dateUpdated": "2024-08-03T17:16:04.239Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2345
Vulnerability from cvelistv5
Published
2022-07-08 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.701Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/1eed7009-db6d-487b-bc41-8f2fd260483f" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/32acf1f1a72ebb9d8942b9c9d80023bf1bb668ea" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0046", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0046." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/1eed7009-db6d-487b-bc41-8f2fd260483f" }, { "url": "https://github.com/vim/vim/commit/32acf1f1a72ebb9d8942b9c9d80023bf1bb668ea" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "1eed7009-db6d-487b-bc41-8f2fd260483f", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2345", "datePublished": "2022-07-08T00:00:00", "dateReserved": "2022-07-07T00:00:00", "dateUpdated": "2024-08-03T00:32:09.701Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4069
Vulnerability from cvelistv5
Published
2021-12-06 00:00
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:03.614Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/0efd6d23-2259-4081-9ff1-3ade26907d74" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9" }, { "name": "FEDORA-2021-541ddd1f94", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYB2LLNUFJUKJJ5HYCZ6MV3Z6YX3U5BN/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use After Free" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/0efd6d23-2259-4081-9ff1-3ade26907d74" }, { "url": "https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9" }, { "name": "FEDORA-2021-541ddd1f94", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYB2LLNUFJUKJJ5HYCZ6MV3Z6YX3U5BN/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "0efd6d23-2259-4081-9ff1-3ade26907d74", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4069", "datePublished": "2021-12-06T00:00:00", "dateReserved": "2021-12-05T00:00:00", "dateUpdated": "2024-08-03T17:16:03.614Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1851
Vulnerability from cvelistv5
Published
2022-05-25 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.640Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d" }, { "url": "https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "f8af901a-9a46-440d-942a-8f815b59394d", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1851", "datePublished": "2022-05-25T00:00:00", "dateReserved": "2022-05-24T00:00:00", "dateUpdated": "2024-08-03T00:17:00.640Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3875
Vulnerability from cvelistv5
Published
2021-10-15 13:40
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.583Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3489", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:08:24", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "5cdbc168-6ba1-4bc2-ba6c-28be12166a53", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3875", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3489" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53" }, { "name": "https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f" }, { "name": "FEDORA-2021-84f4cf3244", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "5cdbc168-6ba1-4bc2-ba6c-28be12166a53", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3875", "datePublished": "2021-10-15T13:40:20", "dateReserved": "2021-10-09T00:00:00", "dateUpdated": "2024-08-03T17:09:09.583Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0554
Vulnerability from cvelistv5
Published
2022-02-10 00:00
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Use of Out-of-range Pointer Offset in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:32:46.316Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE-823 Use of Out-of-range Pointer Offset", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71" }, { "url": "https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71", "discovery": "EXTERNAL" }, "title": "Use of Out-of-range Pointer Offset in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0554", "datePublished": "2022-02-10T00:00:00", "dateReserved": "2022-02-09T00:00:00", "dateUpdated": "2024-08-02T23:32:46.316Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3591
Vulnerability from cvelistv5
Published
2022-12-02 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:02.489Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a5a998c2-4b07-47a7-91be-dbc1886b3921" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8f3c3c6cd044e3b5bf08dbfa3b3f04bb3f711bad" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0789", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0789." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a5a998c2-4b07-47a7-91be-dbc1886b3921" }, { "url": "https://github.com/vim/vim/commit/8f3c3c6cd044e3b5bf08dbfa3b3f04bb3f711bad" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "a5a998c2-4b07-47a7-91be-dbc1886b3921", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3591", "datePublished": "2022-12-02T00:00:00", "dateReserved": "2022-10-18T00:00:00", "dateUpdated": "2024-08-03T01:14:02.489Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2849
Vulnerability from cvelistv5
Published
2022-08-17 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:58.772Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0220", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e" }, { "url": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "389aeccd-deb9-49ae-9b6a-24c12d79b02e", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2849", "datePublished": "2022-08-17T00:00:00", "dateReserved": "2022-08-16T00:00:00", "dateUpdated": "2024-08-03T00:52:58.772Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4019
Vulnerability from cvelistv5
Published
2021-12-01 00:00
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.360Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/bd228fd097b41a798f90944b5d1245eddd484142" }, { "name": "FEDORA-2021-469afb66c9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DRPAI5JVZLI7WHWSBR6NWAPBQAYUQREW/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3669", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92" }, { "url": "https://github.com/vim/vim/commit/bd228fd097b41a798f90944b5d1245eddd484142" }, { "name": "FEDORA-2021-469afb66c9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DRPAI5JVZLI7WHWSBR6NWAPBQAYUQREW/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "d8798584-a6c9-4619-b18f-001b9a6fca92", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4019", "datePublished": "2021-12-01T00:00:00", "dateReserved": "2021-11-25T00:00:00", "dateUpdated": "2024-08-03T17:16:04.360Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0629
Vulnerability from cvelistv5
Published
2022-02-17 00:00
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Stack-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:32:46.445Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc" }, { "name": "FEDORA-2022-8622ebdebb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-24T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877" }, { "url": "https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc" }, { "name": "FEDORA-2022-8622ebdebb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "source": { "advisory": "95e2b0da-e480-4ee8-9324-a93a2ab0a877", "discovery": "EXTERNAL" }, "title": "Stack-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0629", "datePublished": "2022-02-17T00:00:00", "dateReserved": "2022-02-16T00:00:00", "dateUpdated": "2024-08-02T23:32:46.445Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3520
Vulnerability from cvelistv5
Published
2022-12-02 00:00
Modified
2024-11-15 13:08
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-15T13:08:08.336Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/c1db3b70-f4fe-481f-8a24-0b1449c94246" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/36343ae0fb7247e060abfd35fb8e4337b33abb4b" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" }, { "url": "https://security.netapp.com/advisory/ntap-20241115-0010/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0765", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/c1db3b70-f4fe-481f-8a24-0b1449c94246" }, { "url": "https://github.com/vim/vim/commit/36343ae0fb7247e060abfd35fb8e4337b33abb4b" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "c1db3b70-f4fe-481f-8a24-0b1449c94246", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3520", "datePublished": "2022-12-02T00:00:00", "dateReserved": "2022-10-15T00:00:00", "dateUpdated": "2024-11-15T13:08:08.336Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4738
Vulnerability from cvelistv5
Published
2023-09-02 19:39
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.639Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1848", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-02T19:39:14.290Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612" }, { "url": "https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "9fc7dced-a7bb-4479-9718-f956df20f612", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4738", "datePublished": "2023-09-02T19:39:14.290Z", "dateReserved": "2023-09-02T19:39:04.775Z", "dateUpdated": "2024-08-02T07:37:59.639Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1616
Vulnerability from cvelistv5
Published
2022-05-07 00:00
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
Use after free in append_command in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:10:03.606Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/40f1d75f-fb2f-4281-b585-a41017f217e2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/d88934406c5375d88f8f1b65331c9f0cab68cc6c" }, { "name": "FEDORA-2022-e92c3ce170", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/" }, { "name": "FEDORA-2022-f0db3943d9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4895", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/40f1d75f-fb2f-4281-b585-a41017f217e2" }, { "url": "https://github.com/vim/vim/commit/d88934406c5375d88f8f1b65331c9f0cab68cc6c" }, { "name": "FEDORA-2022-e92c3ce170", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/" }, { "name": "FEDORA-2022-f0db3943d9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "40f1d75f-fb2f-4281-b585-a41017f217e2", "discovery": "EXTERNAL" }, "title": "Use after free in append_command in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1616", "datePublished": "2022-05-07T00:00:00", "dateReserved": "2022-05-06T00:00:00", "dateUpdated": "2024-08-03T00:10:03.606Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0051
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-02 04:54
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T04:54:32.840Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/1c8686db-baa6-42dc-ba45-aed322802de9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c32949b0779106ed5710ae3bffc5053e49083ab4" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1144", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/1c8686db-baa6-42dc-ba45-aed322802de9" }, { "url": "https://github.com/vim/vim/commit/c32949b0779106ed5710ae3bffc5053e49083ab4" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "1c8686db-baa6-42dc-ba45-aed322802de9", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0051", "datePublished": "2023-01-04T00:00:00", "dateReserved": "2023-01-04T00:00:00", "dateUpdated": "2024-08-02T04:54:32.840Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0729
Vulnerability from cvelistv5
Published
2022-02-23 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Use of Out-of-range Pointer Offset in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:03.531Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "FEDORA-2022-63ca9a1129", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4440", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE-823 Use of Out-of-range Pointer Offset", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea" }, { "url": "https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "FEDORA-2022-63ca9a1129", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea", "discovery": "EXTERNAL" }, "title": "Use of Out-of-range Pointer Offset in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0729", "datePublished": "2022-02-23T00:00:00", "dateReserved": "2022-02-22T00:00:00", "dateUpdated": "2024-08-02T23:40:03.531Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2343
Vulnerability from cvelistv5
Published
2022-07-08 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.611Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/2ecb4345-2fc7-4e7f-adb0-83a20bb458f5" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/caea66442d86e7bbba3bf3dc202c3c0d549b9853" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0044", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/2ecb4345-2fc7-4e7f-adb0-83a20bb458f5" }, { "url": "https://github.com/vim/vim/commit/caea66442d86e7bbba3bf3dc202c3c0d549b9853" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "2ecb4345-2fc7-4e7f-adb0-83a20bb458f5", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2343", "datePublished": "2022-07-08T00:00:00", "dateReserved": "2022-07-07T00:00:00", "dateUpdated": "2024-08-03T00:32:09.611Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0685
Vulnerability from cvelistv5
Published
2022-02-20 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Use of Out-of-range Pointer Offset in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:03.355Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4418", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE-823 Use of Out-of-range Pointer Offset", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782" }, { "url": "https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "27230da3-9b1a-4d5d-8cdf-4b1e62fcd782", "discovery": "EXTERNAL" }, "title": "Use of Out-of-range Pointer Offset in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0685", "datePublished": "2022-02-20T00:00:00", "dateReserved": "2022-02-19T00:00:00", "dateUpdated": "2024-08-02T23:40:03.355Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0512
Vulnerability from cvelistv5
Published
2023-01-26 00:00
Modified
2024-08-02 05:17
Severity ?
EPSS score ?
Summary
Divide By Zero in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:17:49.385Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/de83736a-1936-4872-830b-f1e9b0ad2a74" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/870219c58c0804bdc55419b2e455c06ac715a835" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213677" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213675" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/18" }, { "name": "20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/21" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1247", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero in GitHub repository vim/vim prior to 9.0.1247." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/de83736a-1936-4872-830b-f1e9b0ad2a74" }, { "url": "https://github.com/vim/vim/commit/870219c58c0804bdc55419b2e455c06ac715a835" }, { "url": "https://support.apple.com/kb/HT213677" }, { "url": "https://support.apple.com/kb/HT213675" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/18" }, { "name": "20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/21" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "de83736a-1936-4872-830b-f1e9b0ad2a74", "discovery": "EXTERNAL" }, "title": "Divide By Zero in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0512", "datePublished": "2023-01-26T00:00:00", "dateReserved": "2023-01-26T00:00:00", "dateUpdated": "2024-08-02T05:17:49.385Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1355
Vulnerability from cvelistv5
Published
2023-03-11 00:00
Modified
2024-08-02 05:41
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:41:00.310Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/4d0a9615-d438-4f5c-8dd6-aa22f4b716d9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/d13dd30240e32071210f55b587182ff48757ea46" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1402", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/4d0a9615-d438-4f5c-8dd6-aa22f4b716d9" }, { "url": "https://github.com/vim/vim/commit/d13dd30240e32071210f55b587182ff48757ea46" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "4d0a9615-d438-4f5c-8dd6-aa22f4b716d9", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1355", "datePublished": "2023-03-11T00:00:00", "dateReserved": "2023-03-11T00:00:00", "dateUpdated": "2024-08-02T05:41:00.310Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1629
Vulnerability from cvelistv5
Published
2022-05-10 00:00
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
Buffer Over-read in function find_next_quote in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:10:03.941Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/e26d08d4-1886-41f0-9af4-f3e1bf3d52ee" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/53a70289c2712808e6d4e88927e03cac01b470dd" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4925", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/e26d08d4-1886-41f0-9af4-f3e1bf3d52ee" }, { "url": "https://github.com/vim/vim/commit/53a70289c2712808e6d4e88927e03cac01b470dd" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "e26d08d4-1886-41f0-9af4-f3e1bf3d52ee", "discovery": "EXTERNAL" }, "title": "Buffer Over-read in function find_next_quote in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1629", "datePublished": "2022-05-10T00:00:00", "dateReserved": "2022-05-09T00:00:00", "dateUpdated": "2024-08-03T00:10:03.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2208
Vulnerability from cvelistv5
Published
2022-06-27 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.726Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.5163", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1" }, { "url": "https://github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "7bfe3d5b-568f-4c34-908f-a39909638cc1", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2208", "datePublished": "2022-06-27T00:00:00", "dateReserved": "2022-06-26T00:00:00", "dateUpdated": "2024-08-03T00:32:08.726Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1796
Vulnerability from cvelistv5
Published
2022-05-19 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:59.889Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/28d032cc688ccfda18c5bbcab8b50aba6e18cde5" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4979", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2.4979." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e" }, { "url": "https://github.com/vim/vim/commit/28d032cc688ccfda18c5bbcab8b50aba6e18cde5" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "f6739b58-49f9-4056-a843-bf76bbc1253e", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1796", "datePublished": "2022-05-19T00:00:00", "dateReserved": "2022-05-18T00:00:00", "dateUpdated": "2024-08-03T00:16:59.889Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2289
Vulnerability from cvelistv5
Published
2022-07-03 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.390Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7447d2ea-db5b-4883-adf4-1eaf7deace64" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c5274dd12224421f2430b30c53b881b9403d649e" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7447d2ea-db5b-4883-adf4-1eaf7deace64" }, { "url": "https://github.com/vim/vim/commit/c5274dd12224421f2430b30c53b881b9403d649e" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "7447d2ea-db5b-4883-adf4-1eaf7deace64", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2289", "datePublished": "2022-07-03T00:00:00", "dateReserved": "2022-07-02T00:00:00", "dateUpdated": "2024-08-03T00:32:09.390Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0351
Vulnerability from cvelistv5
Published
2022-01-25 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Access of Memory Location Before Start of Buffer in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.065Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-786", "description": "CWE-786 Access of Memory Location Before Start of Buffer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161" }, { "url": "https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "8b36db58-b65c-4298-be7f-40b9e37fd161", "discovery": "EXTERNAL" }, "title": "Access of Memory Location Before Start of Buffer in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0351", "datePublished": "2022-01-25T00:00:00", "dateReserved": "2022-01-24T00:00:00", "dateUpdated": "2024-08-02T23:25:40.065Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2874
Vulnerability from cvelistv5
Published
2022-08-18 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.351Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/95f97dfe-247d-475d-9740-b7adc71f4c79" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/4875d6ab068f09df88d24d81de40dcd8d56e243d" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0224", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/95f97dfe-247d-475d-9740-b7adc71f4c79" }, { "url": "https://github.com/vim/vim/commit/4875d6ab068f09df88d24d81de40dcd8d56e243d" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "95f97dfe-247d-475d-9740-b7adc71f4c79", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2874", "datePublished": "2022-08-18T00:00:00", "dateReserved": "2022-08-17T00:00:00", "dateUpdated": "2024-08-03T00:52:59.351Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-4292
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 01:34
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:34:50.015Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/da3d4c47-e57a-451e-993d-9df0ed31f57b" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c3d27ada14acd02db357f2d16347acc22cb17e93" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230113-0005/" }, { "name": "FEDORA-2023-340f1d6ab9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0882", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0882." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/da3d4c47-e57a-451e-993d-9df0ed31f57b" }, { "url": "https://github.com/vim/vim/commit/c3d27ada14acd02db357f2d16347acc22cb17e93" }, { "url": "https://security.netapp.com/advisory/ntap-20230113-0005/" }, { "name": "FEDORA-2023-340f1d6ab9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "da3d4c47-e57a-451e-993d-9df0ed31f57b", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-4292", "datePublished": "2022-12-05T00:00:00", "dateReserved": "2022-12-05T00:00:00", "dateUpdated": "2024-08-03T01:34:50.015Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1968
Vulnerability from cvelistv5
Published
2022-06-02 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:43.777Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/949090e5-f4ea-4edf-bd79-cd98f0498a5b" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/409510c588b1eec1ae33511ae97a21eb8e110895" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/949090e5-f4ea-4edf-bd79-cd98f0498a5b" }, { "url": "https://github.com/vim/vim/commit/409510c588b1eec1ae33511ae97a21eb8e110895" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "949090e5-f4ea-4edf-bd79-cd98f0498a5b", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1968", "datePublished": "2022-06-02T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T00:24:43.777Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0417
Vulnerability from cvelistv5
Published
2022-02-01 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.568Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a" }, { "url": "https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "fc86bc8d-c866-4ade-8b7f-e49cec306d1a", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0417", "datePublished": "2022-02-01T00:00:00", "dateReserved": "2022-01-30T00:00:00", "dateUpdated": "2024-08-02T23:25:40.568Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5535
Vulnerability from cvelistv5
Published
2023-10-11 19:12
Modified
2024-09-17 13:49
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:59:44.812Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/2c2d85a7-1171-4014-bf7f-a2451745861f" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/41e6f7d6ba67b61d911f9b1d76325cd79224753d" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDDWD25AZIHBAA44HQT75OWLQ5UMDKU3/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGTVLUV7UCXXCZAIQIUCLG6JXAVYT3HE/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-5535", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T13:46:02.413050Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T13:49:24.509Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "v9.0.2010", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to v9.0.2010." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-11T19:12:21.957Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/2c2d85a7-1171-4014-bf7f-a2451745861f" }, { "url": "https://github.com/vim/vim/commit/41e6f7d6ba67b61d911f9b1d76325cd79224753d" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDDWD25AZIHBAA44HQT75OWLQ5UMDKU3/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGTVLUV7UCXXCZAIQIUCLG6JXAVYT3HE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/" } ], "source": { "advisory": "2c2d85a7-1171-4014-bf7f-a2451745861f", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-5535", "datePublished": "2023-10-11T19:12:21.957Z", "dateReserved": "2023-10-11T19:12:10.998Z", "dateUpdated": "2024-09-17T13:49:24.509Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1160
Vulnerability from cvelistv5
Published
2022-03-30 00:00
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
heap buffer overflow in get_one_sourceline in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:55:24.278Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a6f3222d-2472-439d-8881-111138a5694c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/2bdad6126778f907c0b98002bfebf0e611a3f5db" }, { "name": "FEDORA-2022-d776fcfe60", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/" }, { "name": "FEDORA-2022-e62adccfca", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4647", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a6f3222d-2472-439d-8881-111138a5694c" }, { "url": "https://github.com/vim/vim/commit/2bdad6126778f907c0b98002bfebf0e611a3f5db" }, { "name": "FEDORA-2022-d776fcfe60", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/" }, { "name": "FEDORA-2022-e62adccfca", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "a6f3222d-2472-439d-8881-111138a5694c", "discovery": "EXTERNAL" }, "title": "heap buffer overflow in get_one_sourceline in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1160", "datePublished": "2022-03-30T00:00:00", "dateReserved": "2022-03-29T00:00:00", "dateUpdated": "2024-08-02T23:55:24.278Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2182
Vulnerability from cvelistv5
Published
2022-06-23 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.598Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/238d8650-3beb-4831-a8f7-6f0b597a6fb8" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/f7c7c3fad6d2135d558f3b36d0d1a943118aeb5e" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/238d8650-3beb-4831-a8f7-6f0b597a6fb8" }, { "url": "https://github.com/vim/vim/commit/f7c7c3fad6d2135d558f3b36d0d1a943118aeb5e" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "238d8650-3beb-4831-a8f7-6f0b597a6fb8", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2182", "datePublished": "2022-06-23T00:00:00", "dateReserved": "2022-06-22T00:00:00", "dateUpdated": "2024-08-03T00:32:08.598Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3278
Vulnerability from cvelistv5
Published
2022-09-23 00:00
Modified
2024-08-03 01:07
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:07:05.881Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a9fad77e-f245-4ce9-ba15-c7d4c86c4612" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/69082916c8b5d321545d60b9f5facad0a2dd5a4e" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0552", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a9fad77e-f245-4ce9-ba15-c7d4c86c4612" }, { "url": "https://github.com/vim/vim/commit/69082916c8b5d321545d60b9f5facad0a2dd5a4e" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "a9fad77e-f245-4ce9-ba15-c7d4c86c4612", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3278", "datePublished": "2022-09-23T00:00:00", "dateReserved": "2022-09-22T00:00:00", "dateUpdated": "2024-08-03T01:07:05.881Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-4293
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 01:34
Severity ?
EPSS score ?
Summary
Floating Point Comparison with Incorrect Operator in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:34:50.155Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230203-0007/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0804", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1077", "description": "CWE-1077 Floating Point Comparison with Incorrect Operator", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143" }, { "url": "https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b" }, { "url": "https://security.netapp.com/advisory/ntap-20230203-0007/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "385a835f-6e33-4d00-acce-ac99f3939143", "discovery": "EXTERNAL" }, "title": "Floating Point Comparison with Incorrect Operator in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-4293", "datePublished": "2022-12-05T00:00:00", "dateReserved": "2022-12-05T00:00:00", "dateUpdated": "2024-08-03T01:34:50.155Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2125
Vulnerability from cvelistv5
Published
2022-06-19 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.280Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213443" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705" }, { "url": "https://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "17dab24d-beec-464d-9a72-5b6b11283705", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2125", "datePublished": "2022-06-19T00:00:00", "dateReserved": "2022-06-18T00:00:00", "dateUpdated": "2024-08-03T00:24:44.280Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2257
Vulnerability from cvelistv5
Published
2022-06-30 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/ca581f80-03ba-472a-b820-78f7fd05fe89" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/083692d598139228e101b8c521aaef7bcf256e9a" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/ca581f80-03ba-472a-b820-78f7fd05fe89" }, { "url": "https://github.com/vim/vim/commit/083692d598139228e101b8c521aaef7bcf256e9a" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "ca581f80-03ba-472a-b820-78f7fd05fe89", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2257", "datePublished": "2022-06-30T00:00:00", "dateReserved": "2022-06-29T00:00:00", "dateUpdated": "2024-08-03T00:32:09.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2598
Vulnerability from cvelistv5
Published
2022-08-01 00:00
Modified
2024-08-03 00:46
Severity ?
EPSS score ?
Summary
Out-of-bounds Write to API in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:46:03.472Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/2f08363a-47a2-422d-a7de-ce96a89ad08e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/4e677b9c40ccbc5f090971b31dc2fe07bf05541d" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0100", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eOut-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.\u003c/p\u003e" } ], "value": "Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write to API", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-11T07:06:21.160Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/2f08363a-47a2-422d-a7de-ce96a89ad08e" }, { "url": "https://github.com/vim/vim/commit/4e677b9c40ccbc5f090971b31dc2fe07bf05541d" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "2f08363a-47a2-422d-a7de-ce96a89ad08e", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write to API in vim/vim", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2598", "datePublished": "2022-08-01T00:00:00", "dateReserved": "2022-08-01T00:00:00", "dateUpdated": "2024-08-03T00:46:03.472Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1897
Vulnerability from cvelistv5
Published
2022-05-27 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.925Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118" }, { "url": "https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "82c12151-c283-40cf-aa05-2e39efa89118", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1897", "datePublished": "2022-05-27T00:00:00", "dateReserved": "2022-05-26T00:00:00", "dateUpdated": "2024-08-03T00:17:00.925Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0413
Vulnerability from cvelistv5
Published
2022-01-30 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.374Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38" }, { "url": "https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "563d1e8f-5c3d-4669-941c-3216f4a87c38", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0413", "datePublished": "2022-01-30T00:00:00", "dateReserved": "2022-01-29T00:00:00", "dateUpdated": "2024-08-02T23:25:40.374Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0049
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-02 04:54
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T04:54:32.595Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/7b17eb4b063a234376c1ec909ee293e42cff290c" }, { "name": "FEDORA-2023-0f6a9433cf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3Y752EAVACVC5XY2TMGGOAIU25VQRPDW/" }, { "name": "FEDORA-2023-208f2107d5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T33LLWHLH63XDCO5OME7NWN63RA4U5HF/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1143", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9" }, { "url": "https://github.com/vim/vim/commit/7b17eb4b063a234376c1ec909ee293e42cff290c" }, { "name": "FEDORA-2023-0f6a9433cf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3Y752EAVACVC5XY2TMGGOAIU25VQRPDW/" }, { "name": "FEDORA-2023-208f2107d5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T33LLWHLH63XDCO5OME7NWN63RA4U5HF/" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "5e6f325c-ba54-4bf0-b050-dca048fd3fd9", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0049", "datePublished": "2023-01-04T00:00:00", "dateReserved": "2023-01-04T00:00:00", "dateUpdated": "2024-08-02T04:54:32.595Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1175
Vulnerability from cvelistv5
Published
2023-03-04 00:00
Modified
2024-08-02 05:40
Severity ?
EPSS score ?
Summary
Incorrect Calculation of Buffer Size in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:40:58.018Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7e93fc17-92eb-4ae7-b01a-93bb460b643e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/c99cbf8f289bdda5d4a77d7ec415850a520330ba" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1378", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-131", "description": "CWE-131 Incorrect Calculation of Buffer Size", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7e93fc17-92eb-4ae7-b01a-93bb460b643e" }, { "url": "https://github.com/vim/vim/commit/c99cbf8f289bdda5d4a77d7ec415850a520330ba" }, { "name": "FEDORA-2023-43cb13aefb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/" }, { "name": "FEDORA-2023-d4ebe53978", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "source": { "advisory": "7e93fc17-92eb-4ae7-b01a-93bb460b643e", "discovery": "EXTERNAL" }, "title": "Incorrect Calculation of Buffer Size in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1175", "datePublished": "2023-03-04T00:00:00", "dateReserved": "2023-03-04T00:00:00", "dateUpdated": "2024-08-02T05:40:58.018Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2183
Vulnerability from cvelistv5
Published
2022-06-23 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.693Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/d74ca3f9-380d-4c0a-b61c-11113cc98975" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8eba2bd291b347e3008aa9e565652d51ad638cfa" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/d74ca3f9-380d-4c0a-b61c-11113cc98975" }, { "url": "https://github.com/vim/vim/commit/8eba2bd291b347e3008aa9e565652d51ad638cfa" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "d74ca3f9-380d-4c0a-b61c-11113cc98975", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2183", "datePublished": "2022-06-23T00:00:00", "dateReserved": "2022-06-22T00:00:00", "dateUpdated": "2024-08-03T00:32:08.693Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1621
Vulnerability from cvelistv5
Published
2022-05-09 00:00
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
Heap buffer overflow in vim_strncpy find_word in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:10:03.947Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4919", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb" }, { "url": "https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "520ce714-bfd2-4646-9458-f52cd22bb2fb", "discovery": "EXTERNAL" }, "title": "Heap buffer overflow in vim_strncpy find_word in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1621", "datePublished": "2022-05-09T00:00:00", "dateReserved": "2022-05-08T00:00:00", "dateUpdated": "2024-08-03T00:10:03.947Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2286
Vulnerability from cvelistv5
Published
2022-07-02 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.551Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/fe7681fb-2318-436b-8e65-daf66cd597d8" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/f12129f1714f7d2301935bb21d896609bdac221c" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/fe7681fb-2318-436b-8e65-daf66cd597d8" }, { "url": "https://github.com/vim/vim/commit/f12129f1714f7d2301935bb21d896609bdac221c" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "fe7681fb-2318-436b-8e65-daf66cd597d8", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2286", "datePublished": "2022-07-02T00:00:00", "dateReserved": "2022-07-01T00:00:00", "dateUpdated": "2024-08-03T00:32:09.551Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0054
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2024-08-02 04:54
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T04:54:32.644Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1145", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-12T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d" }, { "url": "https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" } ], "source": { "advisory": "b289ee0f-fd16-4147-bd01-c6289c45e49d", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0054", "datePublished": "2023-01-04T00:00:00", "dateReserved": "2023-01-04T00:00:00", "dateUpdated": "2024-08-02T04:54:32.644Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4734
Vulnerability from cvelistv5
Published
2023-09-02 17:42
Modified
2024-08-02 07:38
Severity ?
EPSS score ?
Summary
Integer Overflow or Wraparound in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:38:00.163Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1846", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-02T17:42:18.019Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217" }, { "url": "https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "688e4382-d2b6-439a-a54e-484780f82217", "discovery": "EXTERNAL" }, "title": "Integer Overflow or Wraparound in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4734", "datePublished": "2023-09-02T17:42:18.019Z", "dateReserved": "2023-09-02T17:42:08.125Z", "dateUpdated": "2024-08-02T07:38:00.163Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2571
Vulnerability from cvelistv5
Published
2022-08-01 14:12
Modified
2024-08-03 00:39
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/2e5a1dc4-2dfb-4e5f-8c70-e1ede21f3571 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/a6f9e300161f4cb54713da22f65b261595e8e614 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:39:08.137Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/2e5a1dc4-2dfb-4e5f-8c70-e1ede21f3571" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/a6f9e300161f4cb54713da22f65b261595e8e614" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0101", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-01T14:12:09", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/2e5a1dc4-2dfb-4e5f-8c70-e1ede21f3571" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/a6f9e300161f4cb54713da22f65b261595e8e614" } ], "source": { "advisory": "2e5a1dc4-2dfb-4e5f-8c70-e1ede21f3571", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-2571", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "9.0.0101" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/2e5a1dc4-2dfb-4e5f-8c70-e1ede21f3571", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/2e5a1dc4-2dfb-4e5f-8c70-e1ede21f3571" }, { "name": "https://github.com/vim/vim/commit/a6f9e300161f4cb54713da22f65b261595e8e614", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/a6f9e300161f4cb54713da22f65b261595e8e614" } ] }, "source": { "advisory": "2e5a1dc4-2dfb-4e5f-8c70-e1ede21f3571", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2571", "datePublished": "2022-08-01T14:12:09", "dateReserved": "2022-07-28T00:00:00", "dateUpdated": "2024-08-03T00:39:08.137Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3099
Vulnerability from cvelistv5
Published
2022-09-03 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.845Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "FEDORA-2022-3f5099bcc9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DVWBI4BVTBUMNW4NMB3WZZDQJBKIGXI3/" }, { "name": "FEDORA-2022-c28b637883", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LLK2RMZEECKKWUQK7J46D2FQZOXFQLTC/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0360", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0360." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e" }, { "url": "https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "FEDORA-2022-3f5099bcc9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DVWBI4BVTBUMNW4NMB3WZZDQJBKIGXI3/" }, { "name": "FEDORA-2022-c28b637883", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LLK2RMZEECKKWUQK7J46D2FQZOXFQLTC/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "403210c7-6cc7-4874-8934-b57f88bd4f5e", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3099", "datePublished": "2022-09-03T00:00:00", "dateReserved": "2022-09-02T00:00:00", "dateUpdated": "2024-08-03T01:00:10.845Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2264
Vulnerability from cvelistv5
Published
2022-07-01 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.533Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/2241c773-02c9-4708-b63e-54aef99afa6c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/d25f003342aca9889067f2e839963dfeccf1fe05" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/2241c773-02c9-4708-b63e-54aef99afa6c" }, { "url": "https://github.com/vim/vim/commit/d25f003342aca9889067f2e839963dfeccf1fe05" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "2241c773-02c9-4708-b63e-54aef99afa6c", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2264", "datePublished": "2022-07-01T00:00:00", "dateReserved": "2022-06-30T00:00:00", "dateUpdated": "2024-08-03T00:32:09.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1785
Vulnerability from cvelistv5
Published
2022-05-19 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:59.836Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4977", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109" }, { "url": "https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8c969cba-eef2-4943-b44a-4e3089599109", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1785", "datePublished": "2022-05-19T00:00:00", "dateReserved": "2022-05-18T00:00:00", "dateUpdated": "2024-08-03T00:16:59.836Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2129
Vulnerability from cvelistv5
Published
2022-06-19 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.278Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/3aaf06e7-9ae1-454d-b8ca-8709c98e5352" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/d6211a52ab9f53b82f884561ed43d2fe4d24ff7d" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/3aaf06e7-9ae1-454d-b8ca-8709c98e5352" }, { "url": "https://github.com/vim/vim/commit/d6211a52ab9f53b82f884561ed43d2fe4d24ff7d" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "3aaf06e7-9ae1-454d-b8ca-8709c98e5352", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2129", "datePublished": "2022-06-19T00:00:00", "dateReserved": "2022-06-18T00:00:00", "dateUpdated": "2024-08-03T00:24:44.278Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2522
Vulnerability from cvelistv5
Published
2022-07-25 00:00
Modified
2024-08-03 00:39
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:39:08.000Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/3a2d83af-9542-4d93-8784-98b115135a22" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/5fa9f23a63651a8abdb074b4fc2ec9b1adc6b089" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/b9e717367c395490149495cf375911b5d9de889e" }, { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/3a2d83af-9542-4d93-8784-98b115135a22/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0061", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/3a2d83af-9542-4d93-8784-98b115135a22" }, { "url": "https://github.com/vim/vim/commit/5fa9f23a63651a8abdb074b4fc2ec9b1adc6b089" }, { "url": "https://github.com/vim/vim/commit/b9e717367c395490149495cf375911b5d9de889e" }, { "url": "https://huntr.dev/bounties/3a2d83af-9542-4d93-8784-98b115135a22/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "3a2d83af-9542-4d93-8784-98b115135a22", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2522", "datePublished": "2022-07-25T00:00:00", "dateReserved": "2022-07-23T00:00:00", "dateUpdated": "2024-08-03T00:39:08.000Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2816
Vulnerability from cvelistv5
Published
2022-08-15 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:58.831Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666" }, { "name": "FEDORA-2022-6f5e420e52", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0212", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58" }, { "url": "https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666" }, { "name": "FEDORA-2022-6f5e420e52", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "e2a83037-fcf9-4218-b2b9-b7507dacde58", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2816", "datePublished": "2022-08-15T00:00:00", "dateReserved": "2022-08-14T00:00:00", "dateUpdated": "2024-08-03T00:52:58.831Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4733
Vulnerability from cvelistv5
Published
2023-09-04 13:47
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.837Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1840", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.1840." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-04T13:47:09.888Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217" }, { "url": "https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "1ce1fd8c-050a-4373-8004-b35b61590217", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4733", "datePublished": "2023-09-04T13:47:09.888Z", "dateReserved": "2023-09-02T17:04:04.506Z", "dateUpdated": "2024-08-02T07:37:59.837Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3927
Vulnerability from cvelistv5
Published
2021-11-05 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.701Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e" }, { "name": "FEDORA-2021-58ab85548d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGW56Z6IN4UVM3E5RXXF4G7LGGTRBI5C/" }, { "name": "FEDORA-2021-cfadac570a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCQWPEY2AEYBELCMJYHYWYCD3PZVD2H7/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3581", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0" }, { "url": "https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e" }, { "name": "FEDORA-2021-58ab85548d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGW56Z6IN4UVM3E5RXXF4G7LGGTRBI5C/" }, { "name": "FEDORA-2021-cfadac570a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCQWPEY2AEYBELCMJYHYWYCD3PZVD2H7/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3927", "datePublished": "2021-11-05T00:00:00", "dateReserved": "2021-11-04T00:00:00", "dateUpdated": "2024-08-03T17:09:09.701Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0361
Vulnerability from cvelistv5
Published
2022-01-26 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.535Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b" }, { "url": "https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "a055618c-0311-409c-a78a-99477121965b", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0361", "datePublished": "2022-01-26T00:00:00", "dateReserved": "2022-01-25T00:00:00", "dateUpdated": "2024-08-02T23:25:40.535Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3928
Vulnerability from cvelistv5
Published
2021-11-05 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Use of Uninitialized Variable in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.704Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/29c3ebd2-d601-481c-bf96-76975369d0cd" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732" }, { "name": "FEDORA-2021-58ab85548d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGW56Z6IN4UVM3E5RXXF4G7LGGTRBI5C/" }, { "name": "FEDORA-2021-cfadac570a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCQWPEY2AEYBELCMJYHYWYCD3PZVD2H7/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3582", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use of Uninitialized Variable" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-457", "description": "CWE-457 Use of Uninitialized Variable", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/29c3ebd2-d601-481c-bf96-76975369d0cd" }, { "url": "https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732" }, { "name": "FEDORA-2021-58ab85548d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGW56Z6IN4UVM3E5RXXF4G7LGGTRBI5C/" }, { "name": "FEDORA-2021-cfadac570a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCQWPEY2AEYBELCMJYHYWYCD3PZVD2H7/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "29c3ebd2-d601-481c-bf96-76975369d0cd", "discovery": "EXTERNAL" }, "title": "Use of Uninitialized Variable in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3928", "datePublished": "2021-11-05T00:00:00", "dateReserved": "2021-11-04T00:00:00", "dateUpdated": "2024-08-03T17:09:09.704Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0714
Vulnerability from cvelistv5
Published
2022-02-22 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:03.277Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "FEDORA-2022-63ca9a1129", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4436", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3" }, { "url": "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "FEDORA-2022-63ca9a1129", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "db70e8db-f309-4f3c-986c-e69d2415c3b3", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0714", "datePublished": "2022-02-22T00:00:00", "dateReserved": "2022-02-21T00:00:00", "dateUpdated": "2024-08-02T23:40:03.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1735
Vulnerability from cvelistv5
Published
2022-05-17 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
Classic Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:58.902Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/c9f85608-ff11-48e4-933d-53d1759d44d9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/7ce5b2b590256ce53d6af28c1d203fb3bc1d2d97" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4969", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/c9f85608-ff11-48e4-933d-53d1759d44d9" }, { "url": "https://github.com/vim/vim/commit/7ce5b2b590256ce53d6af28c1d203fb3bc1d2d97" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "c9f85608-ff11-48e4-933d-53d1759d44d9", "discovery": "EXTERNAL" }, "title": " Classic Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1735", "datePublished": "2022-05-17T00:00:00", "dateReserved": "2022-05-16T00:00:00", "dateUpdated": "2024-08-03T00:16:58.902Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1771
Vulnerability from cvelistv5
Published
2022-05-18 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
Uncontrolled Recursion in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:59.938Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/faa74175-5317-4b71-a363-dfc39094ecbb" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/51f0bfb88a3554ca2dde777d78a59880d1ee37a8" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4975", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/faa74175-5317-4b71-a363-dfc39094ecbb" }, { "url": "https://github.com/vim/vim/commit/51f0bfb88a3554ca2dde777d78a59880d1ee37a8" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "faa74175-5317-4b71-a363-dfc39094ecbb", "discovery": "EXTERNAL" }, "title": "Uncontrolled Recursion in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1771", "datePublished": "2022-05-18T00:00:00", "dateReserved": "2022-05-17T00:00:00", "dateUpdated": "2024-08-03T00:16:59.938Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3235
Vulnerability from cvelistv5
Published
2022-09-18 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.715Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/96d5f7a0-a834-4571-b73b-0fe523b941af" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/1c3dd8ddcba63c1af5112e567215b3cec2de11d0" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0490", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0490." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/96d5f7a0-a834-4571-b73b-0fe523b941af" }, { "url": "https://github.com/vim/vim/commit/1c3dd8ddcba63c1af5112e567215b3cec2de11d0" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "96d5f7a0-a834-4571-b73b-0fe523b941af", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3235", "datePublished": "2022-09-18T00:00:00", "dateReserved": "2022-09-17T00:00:00", "dateUpdated": "2024-08-03T01:00:10.715Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2124
Vulnerability from cvelistv5
Published
2022-06-19 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Buffer Over-read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.258Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8e9e056d-f733-4540-98b6-414bf36e0b42" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/2f074f4685897ab7212e25931eeeb0212292829f" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213443" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer Over-read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8e9e056d-f733-4540-98b6-414bf36e0b42" }, { "url": "https://github.com/vim/vim/commit/2f074f4685897ab7212e25931eeeb0212292829f" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8e9e056d-f733-4540-98b6-414bf36e0b42", "discovery": "EXTERNAL" }, "title": "Buffer Over-read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2124", "datePublished": "2022-06-19T00:00:00", "dateReserved": "2022-06-18T00:00:00", "dateUpdated": "2024-08-03T00:24:44.258Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2982
Vulnerability from cvelistv5
Published
2022-08-25 00:00
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:53:00.666Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/53f53d9a-ba8a-4985-b7ba-23efbe6833be" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/d6c67629ed05aae436164eec474832daf8ba7420" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0260", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0260." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/53f53d9a-ba8a-4985-b7ba-23efbe6833be" }, { "url": "https://github.com/vim/vim/commit/d6c67629ed05aae436164eec474832daf8ba7420" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "53f53d9a-ba8a-4985-b7ba-23efbe6833be", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2982", "datePublished": "2022-08-25T00:00:00", "dateReserved": "2022-08-24T00:00:00", "dateUpdated": "2024-08-03T00:53:00.666Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4751
Vulnerability from cvelistv5
Published
2023-09-03 18:54
Modified
2024-12-03 14:59
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:38:00.594Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/db7be8d6-6cb7-4ae5-9c4e-805423afa378" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e1121b139480f53d1b06f84f3e4574048108fa0b" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-4751", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-01-05T16:57:55.979341Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-03T14:59:04.202Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1331", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-03T18:54:47.173Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/db7be8d6-6cb7-4ae5-9c4e-805423afa378" }, { "url": "https://github.com/vim/vim/commit/e1121b139480f53d1b06f84f3e4574048108fa0b" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "db7be8d6-6cb7-4ae5-9c4e-805423afa378", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4751", "datePublished": "2023-09-03T18:54:47.173Z", "dateReserved": "2023-09-03T18:54:37.128Z", "dateUpdated": "2024-12-03T14:59:04.202Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0696
Vulnerability from cvelistv5
Published
2022-02-21 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:03.225Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7416c2cb-1809-4834-8989-e84ff033f15f" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/0f6e28f686dbb59ab3b562408ab9b2234797b9b1" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4428", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-24T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7416c2cb-1809-4834-8989-e84ff033f15f" }, { "url": "https://github.com/vim/vim/commit/0f6e28f686dbb59ab3b562408ab9b2234797b9b1" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "source": { "advisory": "7416c2cb-1809-4834-8989-e84ff033f15f", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0696", "datePublished": "2022-02-21T00:00:00", "dateReserved": "2022-02-20T00:00:00", "dateUpdated": "2024-08-02T23:40:03.225Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2304
Vulnerability from cvelistv5
Published
2022-07-05 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Stack-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.329Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/eb7402f3-025a-402f-97a7-c38700d9548a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/54e5fed6d27b747ff152cdb6edfb72ff60e70939" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/eb7402f3-025a-402f-97a7-c38700d9548a" }, { "url": "https://github.com/vim/vim/commit/54e5fed6d27b747ff152cdb6edfb72ff60e70939" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "eb7402f3-025a-402f-97a7-c38700d9548a", "discovery": "EXTERNAL" }, "title": "Stack-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2304", "datePublished": "2022-07-05T00:00:00", "dateReserved": "2022-07-04T00:00:00", "dateUpdated": "2024-08-03T00:32:09.329Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3491
Vulnerability from cvelistv5
Published
2022-12-03 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:01.548Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/6e6e05c2-2cf7-4aa5-a817-a62007bf92cb" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/3558afe9e9e904cabb8475392d859f2d2fc21041" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0742", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/6e6e05c2-2cf7-4aa5-a817-a62007bf92cb" }, { "url": "https://github.com/vim/vim/commit/3558afe9e9e904cabb8475392d859f2d2fc21041" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "6e6e05c2-2cf7-4aa5-a817-a62007bf92cb", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3491", "datePublished": "2022-12-03T00:00:00", "dateReserved": "2022-10-13T00:00:00", "dateUpdated": "2024-08-03T01:14:01.548Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1886
Vulnerability from cvelistv5
Published
2022-05-26 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.984Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/fa0ad526-b608-45b3-9ebc-f2b607834d6a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/2a585c85013be22f59f184d49612074fd9b115d7" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/fa0ad526-b608-45b3-9ebc-f2b607834d6a" }, { "url": "https://github.com/vim/vim/commit/2a585c85013be22f59f184d49612074fd9b115d7" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "fa0ad526-b608-45b3-9ebc-f2b607834d6a", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1886", "datePublished": "2022-05-26T00:00:00", "dateReserved": "2022-05-25T00:00:00", "dateUpdated": "2024-08-03T00:17:00.984Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0408
Vulnerability from cvelistv5
Published
2022-01-30 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Stack-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.333Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d" }, { "url": "https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "5e635bad-5cf6-46cd-aeac-34ef224e179d", "discovery": "EXTERNAL" }, "title": "Stack-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0408", "datePublished": "2022-01-30T00:00:00", "dateReserved": "2022-01-28T00:00:00", "dateUpdated": "2024-08-02T23:25:40.333Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3037
Vulnerability from cvelistv5
Published
2022-08-30 20:35
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/af4c2f2d-d754-4607-b565-9e92f3f717b5 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/4f1b083be43f351bc107541e7b0c9655a5d2c0bb | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RY3GEN2Q46ZJKSNHTN2XB6B3VAJBEILN/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHJ6LCLHGGVI2U6ZHXHTZ2PYP4STC23N/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/ | vendor-advisory, x_refsource_FEDORA |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.487Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/af4c2f2d-d754-4607-b565-9e92f3f717b5" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/4f1b083be43f351bc107541e7b0c9655a5d2c0bb" }, { "name": "FEDORA-2022-221bd89404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RY3GEN2Q46ZJKSNHTN2XB6B3VAJBEILN/" }, { "name": "FEDORA-2022-35d9bdb7dc", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHJ6LCLHGGVI2U6ZHXHTZ2PYP4STC23N/" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0322", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0322." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-14T03:06:28", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/af4c2f2d-d754-4607-b565-9e92f3f717b5" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/4f1b083be43f351bc107541e7b0c9655a5d2c0bb" }, { "name": "FEDORA-2022-221bd89404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RY3GEN2Q46ZJKSNHTN2XB6B3VAJBEILN/" }, { "name": "FEDORA-2022-35d9bdb7dc", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHJ6LCLHGGVI2U6ZHXHTZ2PYP4STC23N/" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" } ], "source": { "advisory": "af4c2f2d-d754-4607-b565-9e92f3f717b5", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-3037", "STATE": "PUBLIC", "TITLE": "Use After Free in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "9.0.0322" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0322." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-416 Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/af4c2f2d-d754-4607-b565-9e92f3f717b5", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/af4c2f2d-d754-4607-b565-9e92f3f717b5" }, { "name": "https://github.com/vim/vim/commit/4f1b083be43f351bc107541e7b0c9655a5d2c0bb", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/4f1b083be43f351bc107541e7b0c9655a5d2c0bb" }, { "name": "FEDORA-2022-221bd89404", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RY3GEN2Q46ZJKSNHTN2XB6B3VAJBEILN/" }, { "name": "FEDORA-2022-35d9bdb7dc", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHJ6LCLHGGVI2U6ZHXHTZ2PYP4STC23N/" }, { "name": "FEDORA-2022-b9edf60581", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" } ] }, "source": { "advisory": "af4c2f2d-d754-4607-b565-9e92f3f717b5", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3037", "datePublished": "2022-08-30T20:35:10", "dateReserved": "2022-08-29T00:00:00", "dateUpdated": "2024-08-03T01:00:10.487Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3903
Vulnerability from cvelistv5
Published
2021-10-27 21:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.620Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43" }, { "name": "FEDORA-2021-af135cabe2", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/" }, { "name": "FEDORA-2021-a5e55a9e02", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3564", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-20T14:06:19", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43" }, { "name": "FEDORA-2021-af135cabe2", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/" }, { "name": "FEDORA-2021-a5e55a9e02", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" } ], "source": { "advisory": "35738a4f-55ce-446c-b836-2fb0b39625f8", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3903", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3564" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8" }, { "name": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43" }, { "name": "FEDORA-2021-af135cabe2", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/" }, { "name": "FEDORA-2021-a5e55a9e02", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/" }, { "name": "FEDORA-2021-b0ac29efb1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" } ] }, "source": { "advisory": "35738a4f-55ce-446c-b836-2fb0b39625f8", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3903", "datePublished": "2021-10-27T21:00:13", "dateReserved": "2021-10-25T00:00:00", "dateUpdated": "2024-08-03T17:09:09.620Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1674
Vulnerability from cvelistv5
Published
2022-05-12 00:00
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:10:03.912Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a74ba4a4-7a39-4a22-bde3-d2f8ee07b385" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/a59f2dfd0cf9ee1a584d3de5b7c2d47648e79060" }, { "name": "FEDORA-2022-d20b51de9c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ODXVYZC5Z4XRRZK7CK6B6IURYVYHA25U/" }, { "name": "FEDORA-2022-74b9e404c1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/" }, { "name": "FEDORA-2022-d044e7e0b4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4938", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a74ba4a4-7a39-4a22-bde3-d2f8ee07b385" }, { "url": "https://github.com/vim/vim/commit/a59f2dfd0cf9ee1a584d3de5b7c2d47648e79060" }, { "name": "FEDORA-2022-d20b51de9c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ODXVYZC5Z4XRRZK7CK6B6IURYVYHA25U/" }, { "name": "FEDORA-2022-74b9e404c1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/" }, { "name": "FEDORA-2022-d044e7e0b4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "a74ba4a4-7a39-4a22-bde3-d2f8ee07b385", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1674", "datePublished": "2022-05-12T00:00:00", "dateReserved": "2022-05-11T00:00:00", "dateUpdated": "2024-08-03T00:10:03.912Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3134
Vulnerability from cvelistv5
Published
2022-09-06 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.348Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0389", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0389." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc" }, { "url": "https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3134", "datePublished": "2022-09-06T00:00:00", "dateReserved": "2022-09-05T00:00:00", "dateUpdated": "2024-08-03T01:00:10.348Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3872
Vulnerability from cvelistv5
Published
2021-10-19 12:30
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.591Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3487", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T07:07:02", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "c958013b-1c09-4939-92ca-92f50aa169e8", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3872", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3487" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8" }, { "name": "https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b" }, { "name": "FEDORA-2021-84f4cf3244", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "c958013b-1c09-4939-92ca-92f50aa169e8", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3872", "datePublished": "2021-10-19T12:30:34", "dateReserved": "2021-10-08T00:00:00", "dateUpdated": "2024-08-03T17:09:09.591Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4735
Vulnerability from cvelistv5
Published
2023-09-02 17:46
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.938Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/fc83bde3-f621-42bd-aecb-8c1ae44cba51" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1847", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-02T17:46:39.657Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/fc83bde3-f621-42bd-aecb-8c1ae44cba51" }, { "url": "https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "fc83bde3-f621-42bd-aecb-8c1ae44cba51", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4735", "datePublished": "2023-09-02T17:46:39.657Z", "dateReserved": "2023-09-02T17:46:33.136Z", "dateUpdated": "2024-08-02T07:37:59.938Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4166
Vulnerability from cvelistv5
Published
2021-12-25 18:15
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.277Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Out-of-bounds Read" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T06:14:34", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "229df5dd-5507-44e9-832c-c70364bdf035", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-4166", "STATE": "PUBLIC", "TITLE": "Out-of-bounds Read in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Out-of-bounds Read" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125 Out-of-bounds Read" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035" }, { "name": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682" }, { "name": "FEDORA-2022-a3d70b50f0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213256", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "https://support.apple.com/kb/HT213343", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "229df5dd-5507-44e9-832c-c70364bdf035", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4166", "datePublished": "2021-12-25T18:15:09", "dateReserved": "2021-12-24T00:00:00", "dateUpdated": "2024-08-03T17:16:04.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0433
Vulnerability from cvelistv5
Published
2023-01-21 00:00
Modified
2024-08-02 05:10
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:10:56.313Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/ae933869-a1ec-402a-bbea-d51764c6618e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/11977f917506d950b7e0cae558bd9189260b253b" }, { "name": "FEDORA-2023-2db4df65c3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZWIJBSQX53P7DHV77KRXJIXA4GH7XHC/" }, { "name": "FEDORA-2023-93fb5b08eb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EX6N2DB75A73MQGVW3CS4VTNPAYVM2M/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213677" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213675" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/18" }, { "name": "20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/21" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1225", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-28T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/ae933869-a1ec-402a-bbea-d51764c6618e" }, { "url": "https://github.com/vim/vim/commit/11977f917506d950b7e0cae558bd9189260b253b" }, { "name": "FEDORA-2023-2db4df65c3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZWIJBSQX53P7DHV77KRXJIXA4GH7XHC/" }, { "name": "FEDORA-2023-93fb5b08eb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EX6N2DB75A73MQGVW3CS4VTNPAYVM2M/" }, { "url": "https://support.apple.com/kb/HT213677" }, { "url": "https://support.apple.com/kb/HT213675" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/18" }, { "name": "20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/21" } ], "source": { "advisory": "ae933869-a1ec-402a-bbea-d51764c6618e", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0433", "datePublished": "2023-01-21T00:00:00", "dateReserved": "2023-01-21T00:00:00", "dateUpdated": "2024-08-02T05:10:56.313Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0128
Vulnerability from cvelistv5
Published
2022-01-06 16:45
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a | x_refsource_MISC | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://support.apple.com/kb/HT213183 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Mar/29 | mailing-list, x_refsource_FULLDISC | |
https://support.apple.com/kb/HT213256 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/May/35 | mailing-list, x_refsource_FULLDISC | |
https://support.apple.com/kb/HT213343 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Jul/14 | mailing-list, x_refsource_FULLDISC | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:41.963Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Out-of-bounds Read" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:07:43", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "63f51299-008a-4112-b85b-1e904aadd4ba", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-0128", "STATE": "PUBLIC", "TITLE": "Out-of-bounds Read in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Out-of-bounds Read" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125 Out-of-bounds Read" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba" }, { "name": "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213256", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "https://support.apple.com/kb/HT213343", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "63f51299-008a-4112-b85b-1e904aadd4ba", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0128", "datePublished": "2022-01-06T16:45:14", "dateReserved": "2022-01-05T00:00:00", "dateUpdated": "2024-08-02T23:18:41.963Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2126
Vulnerability from cvelistv5
Published
2022-06-19 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.233Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8d196d9b-3d10-41d2-9f70-8ef0d08c946e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/156d3911952d73b03d7420dc3540215247db0fe8" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213443" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8d196d9b-3d10-41d2-9f70-8ef0d08c946e" }, { "url": "https://github.com/vim/vim/commit/156d3911952d73b03d7420dc3540215247db0fe8" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8d196d9b-3d10-41d2-9f70-8ef0d08c946e", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2126", "datePublished": "2022-06-19T00:00:00", "dateReserved": "2022-06-18T00:00:00", "dateUpdated": "2024-08-03T00:24:44.233Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4736
Vulnerability from cvelistv5
Published
2023-09-02 18:02
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
Untrusted Search Path in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.663Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1833", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-426", "description": "CWE-426 Untrusted Search Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-02T18:02:05.557Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71" }, { "url": "https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "e1ce0995-4df4-4dec-9cd7-3136ac3e8e71", "discovery": "EXTERNAL" }, "title": "Untrusted Search Path in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4736", "datePublished": "2023-09-02T18:02:05.557Z", "dateReserved": "2023-09-02T18:01:52.802Z", "dateUpdated": "2024-08-02T07:37:59.663Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3796
Vulnerability from cvelistv5
Published
2021-09-15 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:08.968Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/35a9a00afcb20897d462a766793ff45534810dc3" }, { "name": "[oss-security] 20210930 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "name": "FEDORA-2021-968f57ec98", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221118-0004/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThanOrEqual": "8.2.3428", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use After Free" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-18T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d" }, { "url": "https://github.com/vim/vim/commit/35a9a00afcb20897d462a766793ff45534810dc3" }, { "name": "[oss-security] 20210930 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "name": "FEDORA-2021-968f57ec98", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE62UMYBZE4AE53K6OBBWK32XQ7544QM/" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220110 [SECURITY] [DLA 2876-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://security.netapp.com/advisory/ntap-20221118-0004/" } ], "source": { "advisory": "ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3796", "datePublished": "2021-09-15T00:00:00", "dateReserved": "2021-09-11T00:00:00", "dateUpdated": "2024-08-03T17:09:08.968Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0407
Vulnerability from cvelistv5
Published
2022-01-30 13:45
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in vim/vim
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e | x_refsource_MISC | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.459Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:07:05", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "81822bf7-aafe-4d37-b836-1255d46e572c", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-0407", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c" }, { "name": "https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "81822bf7-aafe-4d37-b836-1255d46e572c", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0407", "datePublished": "2022-01-30T13:45:52", "dateReserved": "2022-01-28T00:00:00", "dateUpdated": "2024-08-02T23:25:40.459Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2426
Vulnerability from cvelistv5
Published
2023-04-29 00:00
Modified
2024-10-15 16:28
Severity ?
EPSS score ?
Summary
Use of Out-of-range Pointer Offset in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:19:14.987Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/3451be4c-91c8-4d08-926b-cbff7396f425" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/caf642c25de526229264cab9425e7c9979f3509b" }, { "name": "FEDORA-2023-d6baa1d93e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LOJP6M7ZTKZQYOGVOOAY6TIE6ACBJL55/" }, { "name": "FEDORA-2023-99d2eaac80", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-2426", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-22T19:41:38.134588Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-15T16:28:36.516Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1499", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE-823 Use of Out-of-range Pointer Offset", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-23T07:06:19.413263", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.dev/bounties/3451be4c-91c8-4d08-926b-cbff7396f425" }, { "url": "https://github.com/vim/vim/commit/caf642c25de526229264cab9425e7c9979f3509b" }, { "name": "FEDORA-2023-d6baa1d93e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LOJP6M7ZTKZQYOGVOOAY6TIE6ACBJL55/" }, { "name": "FEDORA-2023-99d2eaac80", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" } ], "source": { "advisory": "3451be4c-91c8-4d08-926b-cbff7396f425", "discovery": "EXTERNAL" }, "title": "Use of Out-of-range Pointer Offset in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2023-2426", "datePublished": "2023-04-29T00:00:00", "dateReserved": "2023-04-29T00:00:00", "dateUpdated": "2024-10-15T16:28:36.516Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4173
Vulnerability from cvelistv5
Published
2021-12-27 12:25
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
Use After Free in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.261Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/a1b236b9-89fb-4ccf-9689-ba11b471e766" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use After Free" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:09:07", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/a1b236b9-89fb-4ccf-9689-ba11b471e766" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "a1b236b9-89fb-4ccf-9689-ba11b471e766", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-4173", "STATE": "PUBLIC", "TITLE": "Use After Free in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Use After Free" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-416 Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/a1b236b9-89fb-4ccf-9689-ba11b471e766", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/a1b236b9-89fb-4ccf-9689-ba11b471e766" }, { "name": "https://github.com/vim/vim/commit/9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04" }, { "name": "FEDORA-2022-a3d70b50f0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213256", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "https://support.apple.com/kb/HT213343", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "a1b236b9-89fb-4ccf-9689-ba11b471e766", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4173", "datePublished": "2021-12-27T12:25:12", "dateReserved": "2021-12-26T00:00:00", "dateUpdated": "2024-08-03T17:16:04.261Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3153
Vulnerability from cvelistv5
Published
2022-09-08 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in vim/vim
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.455Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/68331124-620d-48bc-a8fa-cd947b26270a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/1540d334a04d874c2aa9d26b82dbbcd4bc5a78de" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0404", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/68331124-620d-48bc-a8fa-cd947b26270a" }, { "url": "https://github.com/vim/vim/commit/1540d334a04d874c2aa9d26b82dbbcd4bc5a78de" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "68331124-620d-48bc-a8fa-cd947b26270a", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3153", "datePublished": "2022-09-08T00:00:00", "dateReserved": "2022-09-07T00:00:00", "dateUpdated": "2024-08-03T01:00:10.455Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }