Vulnerabilites related to vim - vim/vim
cve-2022-2849
Vulnerability from cvelistv5
Published
2022-08-17 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:58.772Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0220", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e" }, { "url": "https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "389aeccd-deb9-49ae-9b6a-24c12d79b02e", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2849", "datePublished": "2022-08-17T00:00:00", "dateReserved": "2022-08-16T00:00:00", "dateUpdated": "2024-08-03T00:52:58.772Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1154
Vulnerability from cvelistv5
Published
2022-03-30 00:00
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:55:24.251Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5" }, { "name": "FEDORA-2022-d776fcfe60", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/" }, { "name": "FEDORA-2022-e62adccfca", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4646", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425" }, { "url": "https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5" }, { "name": "FEDORA-2022-d776fcfe60", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/" }, { "name": "FEDORA-2022-e62adccfca", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "7f0ec6bc-ea0e-45b0-8128-caac72d23425", "discovery": "EXTERNAL" }, "title": "Use after free in utf_ptr2char in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1154", "datePublished": "2022-03-30T00:00:00", "dateReserved": "2022-03-29T00:00:00", "dateUpdated": "2024-08-02T23:55:24.251Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0512
Vulnerability from cvelistv5
Published
2023-01-26 00:00
Modified
2024-08-02 05:17
Severity ?
EPSS score ?
Summary
Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:17:49.385Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/de83736a-1936-4872-830b-f1e9b0ad2a74" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/870219c58c0804bdc55419b2e455c06ac715a835" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213677" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213675" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/18" }, { "name": "20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/21" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1247", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero in GitHub repository vim/vim prior to 9.0.1247." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/de83736a-1936-4872-830b-f1e9b0ad2a74" }, { "url": "https://github.com/vim/vim/commit/870219c58c0804bdc55419b2e455c06ac715a835" }, { "url": "https://support.apple.com/kb/HT213677" }, { "url": "https://support.apple.com/kb/HT213675" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/18" }, { "name": "20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/21" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "de83736a-1936-4872-830b-f1e9b0ad2a74", "discovery": "EXTERNAL" }, "title": "Divide By Zero in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0512", "datePublished": "2023-01-26T00:00:00", "dateReserved": "2023-01-26T00:00:00", "dateUpdated": "2024-08-02T05:17:49.385Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1725
Vulnerability from cvelistv5
Published
2022-05-16 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:58.809Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/4363cf07-233e-4d0a-a1d5-c731a400525c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/b62dc5e7825bc195efe3041d5b3a9f1528359e1c" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4959", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/4363cf07-233e-4d0a-a1d5-c731a400525c" }, { "url": "https://github.com/vim/vim/commit/b62dc5e7825bc195efe3041d5b3a9f1528359e1c" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "4363cf07-233e-4d0a-a1d5-c731a400525c", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1725", "datePublished": "2022-05-16T00:00:00", "dateReserved": "2022-05-15T00:00:00", "dateUpdated": "2024-08-03T00:16:58.809Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2264
Vulnerability from cvelistv5
Published
2022-07-01 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.533Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/2241c773-02c9-4708-b63e-54aef99afa6c" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/d25f003342aca9889067f2e839963dfeccf1fe05" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/2241c773-02c9-4708-b63e-54aef99afa6c" }, { "url": "https://github.com/vim/vim/commit/d25f003342aca9889067f2e839963dfeccf1fe05" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "2241c773-02c9-4708-b63e-54aef99afa6c", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2264", "datePublished": "2022-07-01T00:00:00", "dateReserved": "2022-06-30T00:00:00", "dateUpdated": "2024-08-03T00:32:09.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2816
Vulnerability from cvelistv5
Published
2022-08-15 00:00
Modified
2024-08-03 00:52
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:58.831Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666" }, { "name": "FEDORA-2022-6f5e420e52", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0212", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58" }, { "url": "https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666" }, { "name": "FEDORA-2022-6f5e420e52", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHFAR6OY6G77M6GXCJT75A4KITLNR6GO/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "e2a83037-fcf9-4218-b2b9-b7507dacde58", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2816", "datePublished": "2022-08-15T00:00:00", "dateReserved": "2022-08-14T00:00:00", "dateUpdated": "2024-08-03T00:52:58.831Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0128
Vulnerability from cvelistv5
Published
2022-01-06 16:45
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
vim is vulnerable to Out-of-bounds Read
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a | x_refsource_MISC | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://support.apple.com/kb/HT213183 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Mar/29 | mailing-list, x_refsource_FULLDISC | |
https://support.apple.com/kb/HT213256 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/May/35 | mailing-list, x_refsource_FULLDISC | |
https://support.apple.com/kb/HT213343 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Jul/14 | mailing-list, x_refsource_FULLDISC | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:41.963Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Out-of-bounds Read" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:07:43", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "63f51299-008a-4112-b85b-1e904aadd4ba", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-0128", "STATE": "PUBLIC", "TITLE": "Out-of-bounds Read in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Out-of-bounds Read" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125 Out-of-bounds Read" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba" }, { "name": "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213256", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "https://support.apple.com/kb/HT213343", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "63f51299-008a-4112-b85b-1e904aadd4ba", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0128", "datePublished": "2022-01-06T16:45:14", "dateReserved": "2022-01-05T00:00:00", "dateUpdated": "2024-08-02T23:18:41.963Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3875
Vulnerability from cvelistv5
Published
2021-10-15 13:40
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.583Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3489", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:08:24", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "5cdbc168-6ba1-4bc2-ba6c-28be12166a53", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3875", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3489" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53" }, { "name": "https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f" }, { "name": "FEDORA-2021-84f4cf3244", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "5cdbc168-6ba1-4bc2-ba6c-28be12166a53", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3875", "datePublished": "2021-10-15T13:40:20", "dateReserved": "2021-10-09T00:00:00", "dateUpdated": "2024-08-03T17:09:09.583Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3973
Vulnerability from cvelistv5
Published
2021-11-19 11:35
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.694Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3611", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T06:10:54", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "ce6e8609-77c6-4e17-b9fc-a2e5abed052e", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3973", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3611" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/ce6e8609-77c6-4e17-b9fc-a2e5abed052e" }, { "name": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/615ddd5342b50a6878a907062aa471740bd9a847" }, { "name": "FEDORA-2021-5cd9df120e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "ce6e8609-77c6-4e17-b9fc-a2e5abed052e", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3973", "datePublished": "2021-11-19T11:35:11", "dateReserved": "2021-11-17T00:00:00", "dateUpdated": "2024-08-03T17:09:09.694Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2304
Vulnerability from cvelistv5
Published
2022-07-05 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.329Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/eb7402f3-025a-402f-97a7-c38700d9548a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/54e5fed6d27b747ff152cdb6edfb72ff60e70939" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/eb7402f3-025a-402f-97a7-c38700d9548a" }, { "url": "https://github.com/vim/vim/commit/54e5fed6d27b747ff152cdb6edfb72ff60e70939" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "eb7402f3-025a-402f-97a7-c38700d9548a", "discovery": "EXTERNAL" }, "title": "Stack-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2304", "datePublished": "2022-07-05T00:00:00", "dateReserved": "2022-07-04T00:00:00", "dateUpdated": "2024-08-03T00:32:09.329Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3928
Vulnerability from cvelistv5
Published
2021-11-05 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Use of Uninitialized Variable
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.704Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/29c3ebd2-d601-481c-bf96-76975369d0cd" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732" }, { "name": "FEDORA-2021-58ab85548d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGW56Z6IN4UVM3E5RXXF4G7LGGTRBI5C/" }, { "name": "FEDORA-2021-cfadac570a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCQWPEY2AEYBELCMJYHYWYCD3PZVD2H7/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3582", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use of Uninitialized Variable" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-457", "description": "CWE-457 Use of Uninitialized Variable", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/29c3ebd2-d601-481c-bf96-76975369d0cd" }, { "url": "https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732" }, { "name": "FEDORA-2021-58ab85548d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGW56Z6IN4UVM3E5RXXF4G7LGGTRBI5C/" }, { "name": "FEDORA-2021-cfadac570a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCQWPEY2AEYBELCMJYHYWYCD3PZVD2H7/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "29c3ebd2-d601-481c-bf96-76975369d0cd", "discovery": "EXTERNAL" }, "title": "Use of Uninitialized Variable in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3928", "datePublished": "2021-11-05T00:00:00", "dateReserved": "2021-11-04T00:00:00", "dateUpdated": "2024-08-03T17:09:09.704Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0359
Vulnerability from cvelistv5
Published
2022-01-26 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.517Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def" }, { "url": "https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "a3192d90-4f82-4a67-b7a6-37046cc88def", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0359", "datePublished": "2022-01-26T00:00:00", "dateReserved": "2022-01-25T00:00:00", "dateUpdated": "2024-08-02T23:25:40.517Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3984
Vulnerability from cvelistv5
Published
2021-12-01 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.762Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/b114b5a2-18e2-49f0-b350-15994d71426a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/2de9b7c7c8791da8853a9a7ca9c467867465b655" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3625", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/b114b5a2-18e2-49f0-b350-15994d71426a" }, { "url": "https://github.com/vim/vim/commit/2de9b7c7c8791da8853a9a7ca9c467867465b655" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "b114b5a2-18e2-49f0-b350-15994d71426a", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3984", "datePublished": "2021-12-01T00:00:00", "dateReserved": "2021-11-19T00:00:00", "dateUpdated": "2024-08-03T17:09:09.762Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2286
Vulnerability from cvelistv5
Published
2022-07-02 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.551Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/fe7681fb-2318-436b-8e65-daf66cd597d8" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/f12129f1714f7d2301935bb21d896609bdac221c" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/fe7681fb-2318-436b-8e65-daf66cd597d8" }, { "url": "https://github.com/vim/vim/commit/f12129f1714f7d2301935bb21d896609bdac221c" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "fe7681fb-2318-436b-8e65-daf66cd597d8", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2286", "datePublished": "2022-07-02T00:00:00", "dateReserved": "2022-07-01T00:00:00", "dateUpdated": "2024-08-03T00:32:09.551Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2343
Vulnerability from cvelistv5
Published
2022-07-08 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.611Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/2ecb4345-2fc7-4e7f-adb0-83a20bb458f5" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/caea66442d86e7bbba3bf3dc202c3c0d549b9853" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0044", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/2ecb4345-2fc7-4e7f-adb0-83a20bb458f5" }, { "url": "https://github.com/vim/vim/commit/caea66442d86e7bbba3bf3dc202c3c0d549b9853" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "2ecb4345-2fc7-4e7f-adb0-83a20bb458f5", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2343", "datePublished": "2022-07-08T00:00:00", "dateReserved": "2022-07-07T00:00:00", "dateUpdated": "2024-08-03T00:32:09.611Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4736
Vulnerability from cvelistv5
Published
2023-09-02 18:02
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.663Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1833", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-426", "description": "CWE-426 Untrusted Search Path", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-02T18:02:05.557Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71" }, { "url": "https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "e1ce0995-4df4-4dec-9cd7-3136ac3e8e71", "discovery": "EXTERNAL" }, "title": "Untrusted Search Path in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4736", "datePublished": "2023-09-02T18:02:05.557Z", "dateReserved": "2023-09-02T18:01:52.802Z", "dateUpdated": "2024-08-02T07:37:59.663Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4752
Vulnerability from cvelistv5
Published
2023-09-04 13:46
Modified
2024-08-02 07:38
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 9.0.1858.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:38:00.703Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1858", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.1858." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-04T13:46:57.231Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757" }, { "url": "https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "85f62dd7-ed84-4fa2-b265-8a369a318757", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4752", "datePublished": "2023-09-04T13:46:57.231Z", "dateReserved": "2023-09-03T19:27:38.107Z", "dateUpdated": "2024-08-02T07:38:00.703Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-4738
Vulnerability from cvelistv5
Published
2023-09-02 19:39
Modified
2024-08-02 07:37
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:37:59.639Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213984" }, { "tags": [ "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1848", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-02T19:39:14.290Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612" }, { "url": "https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1" }, { "url": "https://support.apple.com/kb/HT213984" }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/24" } ], "source": { "advisory": "9fc7dced-a7bb-4479-9718-f956df20f612", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-4738", "datePublished": "2023-09-02T19:39:14.290Z", "dateReserved": "2023-09-02T19:39:04.775Z", "dateUpdated": "2024-08-02T07:37:59.639Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5441
Vulnerability from cvelistv5
Published
2023-10-05 20:30
Modified
2024-09-19 18:15
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:59:44.646Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/b54cbdf5-3e85-458d-bb38-9ea2c0b669f2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/20d161ace307e28690229b68584f2d84556f8960" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDDWD25AZIHBAA44HQT75OWLQ5UMDKU3/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGTVLUV7UCXXCZAIQIUCLG6JXAVYT3HE/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-5441", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-19T18:15:24.944541Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-19T18:15:40.773Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "20d161ace307e28690229b68584f2d84556f8960", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-05T20:30:09.121Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/b54cbdf5-3e85-458d-bb38-9ea2c0b669f2" }, { "url": "https://github.com/vim/vim/commit/20d161ace307e28690229b68584f2d84556f8960" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDDWD25AZIHBAA44HQT75OWLQ5UMDKU3/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGTVLUV7UCXXCZAIQIUCLG6JXAVYT3HE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/" } ], "source": { "advisory": "b54cbdf5-3e85-458d-bb38-9ea2c0b669f2", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-5441", "datePublished": "2023-10-05T20:30:09.121Z", "dateReserved": "2023-10-05T20:29:56.622Z", "dateUpdated": "2024-09-19T18:15:40.773Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1733
Vulnerability from cvelistv5
Published
2022-05-17 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:59.835Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/6ff03b27-472b-4bef-a2bf-410fae65ff0a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/60ae0e71490c97f2871a6344aca61cacf220f813" }, { "name": "FEDORA-2022-d6d1ac4ca7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/" }, { "name": "FEDORA-2022-74b9e404c1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/" }, { "name": "FEDORA-2022-d044e7e0b4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4968", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/6ff03b27-472b-4bef-a2bf-410fae65ff0a" }, { "url": "https://github.com/vim/vim/commit/60ae0e71490c97f2871a6344aca61cacf220f813" }, { "name": "FEDORA-2022-d6d1ac4ca7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/" }, { "name": "FEDORA-2022-74b9e404c1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/" }, { "name": "FEDORA-2022-d044e7e0b4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFAZTAT5CZC2R6KYDYA2HBAVEDSIX6MW/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "6ff03b27-472b-4bef-a2bf-410fae65ff0a", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1733", "datePublished": "2022-05-17T00:00:00", "dateReserved": "2022-05-16T00:00:00", "dateUpdated": "2024-08-03T00:16:59.835Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2231
Vulnerability from cvelistv5
Published
2022-06-28 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.511Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8dae6ab4-7a7a-4716-a65c-9b090fa057b5" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/79481367a457951aabd9501b510fd7e3eb29c3d8" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8dae6ab4-7a7a-4716-a65c-9b090fa057b5" }, { "url": "https://github.com/vim/vim/commit/79481367a457951aabd9501b510fd7e3eb29c3d8" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8dae6ab4-7a7a-4716-a65c-9b090fa057b5", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2231", "datePublished": "2022-06-28T00:00:00", "dateReserved": "2022-06-27T00:00:00", "dateUpdated": "2024-08-03T00:32:09.511Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3491
Vulnerability from cvelistv5
Published
2022-12-03 00:00
Modified
2024-08-03 01:14
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:14:01.548Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/6e6e05c2-2cf7-4aa5-a817-a62007bf92cb" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/3558afe9e9e904cabb8475392d859f2d2fc21041" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0742", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/6e6e05c2-2cf7-4aa5-a817-a62007bf92cb" }, { "url": "https://github.com/vim/vim/commit/3558afe9e9e904cabb8475392d859f2d2fc21041" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "6e6e05c2-2cf7-4aa5-a817-a62007bf92cb", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3491", "datePublished": "2022-12-03T00:00:00", "dateReserved": "2022-10-13T00:00:00", "dateUpdated": "2024-08-03T01:14:01.548Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-0049
Vulnerability from cvelistv5
Published
2023-01-04 00:00
Modified
2025-01-17 20:02
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2025-01-17T20:02:48.933Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/7b17eb4b063a234376c1ec909ee293e42cff290c" }, { "name": "FEDORA-2023-0f6a9433cf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3Y752EAVACVC5XY2TMGGOAIU25VQRPDW/" }, { "name": "FEDORA-2023-208f2107d5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T33LLWHLH63XDCO5OME7NWN63RA4U5HF/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" }, { "url": "https://security.netapp.com/advisory/ntap-20250117-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1143", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9" }, { "url": "https://github.com/vim/vim/commit/7b17eb4b063a234376c1ec909ee293e42cff290c" }, { "name": "FEDORA-2023-0f6a9433cf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3Y752EAVACVC5XY2TMGGOAIU25VQRPDW/" }, { "name": "FEDORA-2023-208f2107d5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T33LLWHLH63XDCO5OME7NWN63RA4U5HF/" }, { "url": "https://support.apple.com/kb/HT213670" }, { "name": "20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2023/Mar/17" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "5e6f325c-ba54-4bf0-b050-dca048fd3fd9", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-0049", "datePublished": "2023-01-04T00:00:00", "dateReserved": "2023-01-04T00:00:00", "dateUpdated": "2025-01-17T20:02:48.933Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1898
Vulnerability from cvelistv5
Published
2022-05-27 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.923Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/45aad635-c2f1-47ca-a4f9-db5b25979cea" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e2fa213cf571041dbd04ab0329303ffdc980678a" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/45aad635-c2f1-47ca-a4f9-db5b25979cea" }, { "url": "https://github.com/vim/vim/commit/e2fa213cf571041dbd04ab0329303ffdc980678a" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "45aad635-c2f1-47ca-a4f9-db5b25979cea", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1898", "datePublished": "2022-05-27T00:00:00", "dateReserved": "2022-05-26T00:00:00", "dateUpdated": "2024-08-03T00:17:00.923Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2042
Vulnerability from cvelistv5
Published
2022-06-10 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.172Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8628b4cd-4055-4059-aed4-64f7fdc10eba" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/2813f38e021c6e6581c0c88fcf107e41788bc835" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213443" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8628b4cd-4055-4059-aed4-64f7fdc10eba" }, { "url": "https://github.com/vim/vim/commit/2813f38e021c6e6581c0c88fcf107e41788bc835" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8628b4cd-4055-4059-aed4-64f7fdc10eba", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2042", "datePublished": "2022-06-10T00:00:00", "dateReserved": "2022-06-09T00:00:00", "dateUpdated": "2024-08-03T00:24:44.172Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1771
Vulnerability from cvelistv5
Published
2022-05-18 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:59.938Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/faa74175-5317-4b71-a363-dfc39094ecbb" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/51f0bfb88a3554ca2dde777d78a59880d1ee37a8" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4975", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-674", "description": "CWE-674 Uncontrolled Recursion", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/faa74175-5317-4b71-a363-dfc39094ecbb" }, { "url": "https://github.com/vim/vim/commit/51f0bfb88a3554ca2dde777d78a59880d1ee37a8" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "faa74175-5317-4b71-a363-dfc39094ecbb", "discovery": "EXTERNAL" }, "title": "Uncontrolled Recursion in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1771", "datePublished": "2022-05-18T00:00:00", "dateReserved": "2022-05-17T00:00:00", "dateUpdated": "2024-08-03T00:16:59.938Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-4293
Vulnerability from cvelistv5
Published
2022-12-05 00:00
Modified
2024-08-03 01:34
Severity ?
EPSS score ?
Summary
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:34:50.155Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230203-0007/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0804", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1077", "description": "CWE-1077 Floating Point Comparison with Incorrect Operator", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143" }, { "url": "https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b" }, { "url": "https://security.netapp.com/advisory/ntap-20230203-0007/" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "385a835f-6e33-4d00-acce-ac99f3939143", "discovery": "EXTERNAL" }, "title": "Floating Point Comparison with Incorrect Operator in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-4293", "datePublished": "2022-12-05T00:00:00", "dateReserved": "2022-12-05T00:00:00", "dateUpdated": "2024-08-03T01:34:50.155Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1886
Vulnerability from cvelistv5
Published
2022-05-26 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.984Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/fa0ad526-b608-45b3-9ebc-f2b607834d6a" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/2a585c85013be22f59f184d49612074fd9b115d7" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/fa0ad526-b608-45b3-9ebc-f2b607834d6a" }, { "url": "https://github.com/vim/vim/commit/2a585c85013be22f59f184d49612074fd9b115d7" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "fa0ad526-b608-45b3-9ebc-f2b607834d6a", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1886", "datePublished": "2022-05-26T00:00:00", "dateReserved": "2022-05-25T00:00:00", "dateUpdated": "2024-08-03T00:17:00.984Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0156
Vulnerability from cvelistv5
Published
2022-01-10 15:26
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
vim is vulnerable to Use After Free
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/ | vendor-advisory, x_refsource_FEDORA | |
https://support.apple.com/kb/HT213183 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Mar/29 | mailing-list, x_refsource_FULLDISC | |
https://support.apple.com/kb/HT213344 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Jul/13 | mailing-list, x_refsource_FULLDISC | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:41.990Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f" }, { "name": "FEDORA-2022-20e66c6698", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use After Free" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:08:55", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f" }, { "name": "FEDORA-2022-20e66c6698", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "47dded34-3767-4725-8c7c-9dcb68c70b36", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-0156", "STATE": "PUBLIC", "TITLE": "Use After Free in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Use After Free" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-416 Use After Free" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36" }, { "name": "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f" }, { "name": "FEDORA-2022-20e66c6698", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213344", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "47dded34-3767-4725-8c7c-9dcb68c70b36", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0156", "datePublished": "2022-01-10T15:26:33", "dateReserved": "2022-01-08T00:00:00", "dateUpdated": "2024-08-02T23:18:41.990Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1927
Vulnerability from cvelistv5
Published
2022-05-29 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.945Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer Over-read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777" }, { "url": "https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "945107ef-0b27-41c7-a03c-db99def0e777", "discovery": "EXTERNAL" }, "title": "Buffer Over-read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1927", "datePublished": "2022-05-29T00:00:00", "dateReserved": "2022-05-28T00:00:00", "dateUpdated": "2024-08-03T00:17:00.945Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4166
Vulnerability from cvelistv5
Published
2021-12-25 18:15
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
vim is vulnerable to Out-of-bounds Read
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.277Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Out-of-bounds Read" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T06:14:34", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682" }, { "name": "FEDORA-2022-a3d70b50f0", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "229df5dd-5507-44e9-832c-c70364bdf035", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-4166", "STATE": "PUBLIC", "TITLE": "Out-of-bounds Read in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Out-of-bounds Read" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125 Out-of-bounds Read" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035" }, { "name": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682" }, { "name": "FEDORA-2022-a3d70b50f0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213256", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213256" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "https://support.apple.com/kb/HT213343", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213343" }, { "name": "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/14" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "229df5dd-5507-44e9-832c-c70364bdf035", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4166", "datePublished": "2021-12-25T18:15:09", "dateReserved": "2021-12-24T00:00:00", "dateUpdated": "2024-08-03T17:16:04.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3974
Vulnerability from cvelistv5
Published
2021-11-19 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Use After Free
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.885Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/e402cb2c-8ec4-4828-a692-c95f8e0de6d4" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/64066b9acd9f8cffdf4840f797748f938a13f2d6" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3612", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Use After Free" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/e402cb2c-8ec4-4828-a692-c95f8e0de6d4" }, { "url": "https://github.com/vim/vim/commit/64066b9acd9f8cffdf4840f797748f938a13f2d6" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "e402cb2c-8ec4-4828-a692-c95f8e0de6d4", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3974", "datePublished": "2021-11-19T00:00:00", "dateReserved": "2021-11-17T00:00:00", "dateUpdated": "2024-08-03T17:09:09.885Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1127
Vulnerability from cvelistv5
Published
2023-03-01 00:00
Modified
2024-08-02 05:32
Severity ?
EPSS score ?
Summary
Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:32:46.417Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/2d4d309e-4c96-415f-9070-36d0815f1beb" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/e0f869196930ef5f25a0ac41c9215b09c9ce2d3c" }, { "name": "FEDORA-2023-27958e9307", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/" }, { "name": "FEDORA-2023-ccf283d7e1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJ6TMKKBXHGVUHWFGM4X46VIJO7ZAG2W/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1367", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Divide By Zero in GitHub repository vim/vim prior to 9.0.1367." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-369", "description": "CWE-369 Divide By Zero", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/2d4d309e-4c96-415f-9070-36d0815f1beb" }, { "url": "https://github.com/vim/vim/commit/e0f869196930ef5f25a0ac41c9215b09c9ce2d3c" }, { "name": "FEDORA-2023-27958e9307", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/" }, { "name": "FEDORA-2023-ccf283d7e1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJ6TMKKBXHGVUHWFGM4X46VIJO7ZAG2W/" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "2d4d309e-4c96-415f-9070-36d0815f1beb", "discovery": "EXTERNAL" }, "title": "Divide By Zero in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1127", "datePublished": "2023-03-01T00:00:00", "dateReserved": "2023-03-01T00:00:00", "dateUpdated": "2024-08-02T05:32:46.417Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0392
Vulnerability from cvelistv5
Published
2022-01-28 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.387Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-24T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126" }, { "url": "https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "source": { "advisory": "d00a2acd-1935-4195-9d5b-4115ef6b3126", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0392", "datePublished": "2022-01-28T00:00:00", "dateReserved": "2022-01-27T00:00:00", "dateUpdated": "2024-08-02T23:25:40.387Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3520
Vulnerability from cvelistv5
Published
2022-12-02 00:00
Modified
2024-11-15 13:08
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-15T13:08:08.336Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/c1db3b70-f4fe-481f-8a24-0b1449c94246" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/36343ae0fb7247e060abfd35fb8e4337b33abb4b" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" }, { "url": "https://security.netapp.com/advisory/ntap-20241115-0010/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0765", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/c1db3b70-f4fe-481f-8a24-0b1449c94246" }, { "url": "https://github.com/vim/vim/commit/36343ae0fb7247e060abfd35fb8e4337b33abb4b" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "c1db3b70-f4fe-481f-8a24-0b1449c94246", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3520", "datePublished": "2022-12-02T00:00:00", "dateReserved": "2022-10-15T00:00:00", "dateUpdated": "2024-11-15T13:08:08.336Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0629
Vulnerability from cvelistv5
Published
2022-02-17 00:00
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:32:46.445Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc" }, { "name": "FEDORA-2022-8622ebdebb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-24T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877" }, { "url": "https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc" }, { "name": "FEDORA-2022-8622ebdebb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" } ], "source": { "advisory": "95e2b0da-e480-4ee8-9324-a93a2ab0a877", "discovery": "EXTERNAL" }, "title": "Stack-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0629", "datePublished": "2022-02-17T00:00:00", "dateReserved": "2022-02-16T00:00:00", "dateUpdated": "2024-08-02T23:32:46.445Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1897
Vulnerability from cvelistv5
Published
2022-05-27 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.925Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118" }, { "url": "https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "82c12151-c283-40cf-aa05-2e39efa89118", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Write in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1897", "datePublished": "2022-05-27T00:00:00", "dateReserved": "2022-05-26T00:00:00", "dateUpdated": "2024-08-03T00:17:00.925Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2124
Vulnerability from cvelistv5
Published
2022-06-19 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:44.258Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8e9e056d-f733-4540-98b6-414bf36e0b42" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/2f074f4685897ab7212e25931eeeb0212292829f" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213443" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer Over-read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-126", "description": "CWE-126 Buffer Over-read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8e9e056d-f733-4540-98b6-414bf36e0b42" }, { "url": "https://github.com/vim/vim/commit/2f074f4685897ab7212e25931eeeb0212292829f" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213443" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/45" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8e9e056d-f733-4540-98b6-414bf36e0b42", "discovery": "EXTERNAL" }, "title": "Buffer Over-read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2124", "datePublished": "2022-06-19T00:00:00", "dateReserved": "2022-06-18T00:00:00", "dateUpdated": "2024-08-03T00:24:44.258Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2610
Vulnerability from cvelistv5
Published
2023-05-09 00:00
Modified
2024-11-29 12:04
Severity ?
EPSS score ?
Summary
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-11-29T12:04:37.443Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a" }, { "name": "FEDORA-2023-99d2eaac80", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213844" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213845" }, { "url": "https://security.netapp.com/advisory/ntap-20241129-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1532", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-23T07:06:26.300355", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d" }, { "url": "https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a" }, { "name": "FEDORA-2023-99d2eaac80", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/" }, { "name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html" }, { "url": "https://support.apple.com/kb/HT213844" }, { "url": "https://support.apple.com/kb/HT213845" } ], "source": { "advisory": "31e67340-935b-4f6c-a923-f7246bc29c7d", "discovery": "EXTERNAL" }, "title": "Integer Overflow or Wraparound in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2023-2610", "datePublished": "2023-05-09T00:00:00", "dateReserved": "2023-05-09T00:00:00", "dateUpdated": "2024-11-29T12:04:37.443Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1851
Vulnerability from cvelistv5
Published
2022-05-25 00:00
Modified
2024-08-03 00:17
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.640Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d" }, { "url": "https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad" }, { "name": "FEDORA-2022-5ce148636b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMFHBC5OQXDPV2SDYA2JUQGVCPYASTJB/" }, { "name": "FEDORA-2022-d94440bf0e", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OZSLFIKFYU5Y2KM5EJKQNYHWRUBDQ4GJ/" }, { "name": "FEDORA-2022-bb2daad935", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "f8af901a-9a46-440d-942a-8f815b59394d", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1851", "datePublished": "2022-05-25T00:00:00", "dateReserved": "2022-05-24T00:00:00", "dateUpdated": "2024-08-03T00:17:00.640Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1968
Vulnerability from cvelistv5
Published
2022-06-02 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:43.777Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/949090e5-f4ea-4edf-bd79-cd98f0498a5b" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/409510c588b1eec1ae33511ae97a21eb8e110895" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/949090e5-f4ea-4edf-bd79-cd98f0498a5b" }, { "url": "https://github.com/vim/vim/commit/409510c588b1eec1ae33511ae97a21eb8e110895" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "949090e5-f4ea-4edf-bd79-cd98f0498a5b", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1968", "datePublished": "2022-06-02T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T00:24:43.777Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2946
Vulnerability from cvelistv5
Published
2022-08-23 00:00
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 9.0.0246.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:53:00.389Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/adce965162dd89bf29ee0e5baf53652e7515762c" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0246", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0246." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5" }, { "url": "https://github.com/vim/vim/commit/adce965162dd89bf29ee0e5baf53652e7515762c" }, { "name": "FEDORA-2022-3b33d04743", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "5d389a18-5026-47df-a5d0-1548a9b555d5", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2946", "datePublished": "2022-08-23T00:00:00", "dateReserved": "2022-08-22T00:00:00", "dateUpdated": "2024-08-03T00:53:00.389Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4019
Vulnerability from cvelistv5
Published
2021-12-01 00:00
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.360Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/bd228fd097b41a798f90944b5d1245eddd484142" }, { "name": "FEDORA-2021-469afb66c9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DRPAI5JVZLI7WHWSBR6NWAPBQAYUQREW/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3669", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92" }, { "url": "https://github.com/vim/vim/commit/bd228fd097b41a798f90944b5d1245eddd484142" }, { "name": "FEDORA-2021-469afb66c9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DRPAI5JVZLI7WHWSBR6NWAPBQAYUQREW/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "d8798584-a6c9-4619-b18f-001b9a6fca92", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-4019", "datePublished": "2021-12-01T00:00:00", "dateReserved": "2021-11-25T00:00:00", "dateUpdated": "2024-08-03T17:16:04.360Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2257
Vulnerability from cvelistv5
Published
2022-06-30 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.557Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/ca581f80-03ba-472a-b820-78f7fd05fe89" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/083692d598139228e101b8c521aaef7bcf256e9a" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/ca581f80-03ba-472a-b820-78f7fd05fe89" }, { "url": "https://github.com/vim/vim/commit/083692d598139228e101b8c521aaef7bcf256e9a" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "ca581f80-03ba-472a-b820-78f7fd05fe89", "discovery": "EXTERNAL" }, "title": "Out-of-bounds Read in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2257", "datePublished": "2022-06-30T00:00:00", "dateReserved": "2022-06-29T00:00:00", "dateUpdated": "2024-08-03T00:32:09.557Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3099
Vulnerability from cvelistv5
Published
2022-09-03 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 9.0.0360.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.845Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "FEDORA-2022-3f5099bcc9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DVWBI4BVTBUMNW4NMB3WZZDQJBKIGXI3/" }, { "name": "FEDORA-2022-c28b637883", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LLK2RMZEECKKWUQK7J46D2FQZOXFQLTC/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0360", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0360." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e" }, { "url": "https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c" }, { "name": "FEDORA-2022-b9edf60581", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWOJOA7PZZAMBI5GFTL6PWHXMWSDLUXL/" }, { "name": "FEDORA-2022-3f5099bcc9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DVWBI4BVTBUMNW4NMB3WZZDQJBKIGXI3/" }, { "name": "FEDORA-2022-c28b637883", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LLK2RMZEECKKWUQK7J46D2FQZOXFQLTC/" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "403210c7-6cc7-4874-8934-b57f88bd4f5e", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3099", "datePublished": "2022-09-03T00:00:00", "dateReserved": "2022-09-02T00:00:00", "dateUpdated": "2024-08-03T01:00:10.845Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1420
Vulnerability from cvelistv5
Published
2022-04-21 00:00
Modified
2024-08-03 00:03
Severity ?
EPSS score ?
Summary
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:03:06.320Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/a4323ef8-90ea-4e1c-90e9-c778f0ecf326" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8b91e71441069b1dde9ac9ff9d9a829b1b4aecca" }, { "name": "FEDORA-2022-e304fffd34", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/" }, { "name": "FEDORA-2022-b605768c94", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4774", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE-823 Use of Out-of-range Pointer Offset", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/a4323ef8-90ea-4e1c-90e9-c778f0ecf326" }, { "url": "https://github.com/vim/vim/commit/8b91e71441069b1dde9ac9ff9d9a829b1b4aecca" }, { "name": "FEDORA-2022-e304fffd34", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/" }, { "name": "FEDORA-2022-b605768c94", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "a4323ef8-90ea-4e1c-90e9-c778f0ecf326", "discovery": "EXTERNAL" }, "title": "Use of Out-of-range Pointer Offset in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1420", "datePublished": "2022-04-21T00:00:00", "dateReserved": "2022-04-21T00:00:00", "dateUpdated": "2024-08-03T00:03:06.320Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0158
Vulnerability from cvelistv5
Published
2022-01-10 15:25
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/ | vendor-advisory, x_refsource_FEDORA | |
https://support.apple.com/kb/HT213183 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Mar/29 | mailing-list, x_refsource_FULLDISC | |
https://support.apple.com/kb/HT213344 | x_refsource_CONFIRM | |
http://seclists.org/fulldisclosure/2022/Jul/13 | mailing-list, x_refsource_FULLDISC | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:42.015Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39" }, { "name": "FEDORA-2022-20e66c6698", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:11:19", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39" }, { "name": "FEDORA-2022-20e66c6698", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "ac5d7005-07c6-4a0a-b251-ba9cdbf6738b", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-0158", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b" }, { "name": "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39" }, { "name": "FEDORA-2022-20e66c6698", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "FEDORA-2022-48b86d586f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/" }, { "name": "https://support.apple.com/kb/HT213183", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213183" }, { "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Mar/29" }, { "name": "https://support.apple.com/kb/HT213344", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT213344" }, { "name": "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Jul/13" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "ac5d7005-07c6-4a0a-b251-ba9cdbf6738b", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0158", "datePublished": "2022-01-10T15:25:35", "dateReserved": "2022-01-09T00:00:00", "dateUpdated": "2024-08-02T23:18:42.015Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2182
Vulnerability from cvelistv5
Published
2022-06-23 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.598Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/238d8650-3beb-4831-a8f7-6f0b597a6fb8" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/f7c7c3fad6d2135d558f3b36d0d1a943118aeb5e" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/238d8650-3beb-4831-a8f7-6f0b597a6fb8" }, { "url": "https://github.com/vim/vim/commit/f7c7c3fad6d2135d558f3b36d0d1a943118aeb5e" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "238d8650-3beb-4831-a8f7-6f0b597a6fb8", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2182", "datePublished": "2022-06-23T00:00:00", "dateReserved": "2022-06-22T00:00:00", "dateUpdated": "2024-08-03T00:32:08.598Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0685
Vulnerability from cvelistv5
Published
2022-02-20 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:03.355Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4418", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-823", "description": "CWE-823 Use of Out-of-range Pointer Offset", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782" }, { "url": "https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "27230da3-9b1a-4d5d-8cdf-4b1e62fcd782", "discovery": "EXTERNAL" }, "title": "Use of Out-of-range Pointer Offset in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0685", "datePublished": "2022-02-20T00:00:00", "dateReserved": "2022-02-19T00:00:00", "dateUpdated": "2024-08-02T23:40:03.355Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3872
Vulnerability from cvelistv5
Published
2021-10-19 12:30
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.591Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3487", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T07:07:02", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b" }, { "name": "FEDORA-2021-84f4cf3244", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "c958013b-1c09-4939-92ca-92f50aa169e8", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3872", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3487" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8" }, { "name": "https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b" }, { "name": "FEDORA-2021-84f4cf3244", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S42L4Z4DTW4LHLQ4FJ33VEOXRCBE7WN4/" }, { "name": "FEDORA-2021-6988830606", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7K4JJBIH3OQSZRVTWKCJCDLGMFGQ5DOH/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "c958013b-1c09-4939-92ca-92f50aa169e8", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3872", "datePublished": "2021-10-19T12:30:34", "dateReserved": "2021-10-08T00:00:00", "dateUpdated": "2024-08-03T17:09:09.591Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-1355
Vulnerability from cvelistv5
Published
2023-03-11 00:00
Modified
2024-08-02 05:41
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:41:00.310Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/4d0a9615-d438-4f5c-8dd6-aa22f4b716d9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/d13dd30240e32071210f55b587182ff48757ea46" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.1402", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-02T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/4d0a9615-d438-4f5c-8dd6-aa22f4b716d9" }, { "url": "https://github.com/vim/vim/commit/d13dd30240e32071210f55b587182ff48757ea46" }, { "name": "FEDORA-2023-030318ca00", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/" } ], "source": { "advisory": "4d0a9615-d438-4f5c-8dd6-aa22f4b716d9", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2023-1355", "datePublished": "2023-03-11T00:00:00", "dateReserved": "2023-03-11T00:00:00", "dateUpdated": "2024-08-02T05:41:00.310Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2284
Vulnerability from cvelistv5
Published
2022-07-02 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.615Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/571d25ce-8d53-4fa0-b620-27f2a8a14874" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/3d51ce18ab1be4f9f6061568a4e7fabf00b21794" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/571d25ce-8d53-4fa0-b620-27f2a8a14874" }, { "url": "https://github.com/vim/vim/commit/3d51ce18ab1be4f9f6061568a4e7fabf00b21794" }, { "name": "FEDORA-2022-b06fbea2c7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXPO5EHDV6J4B27E65DOQGZFELUFPRSK/" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "571d25ce-8d53-4fa0-b620-27f2a8a14874", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2284", "datePublished": "2022-07-02T00:00:00", "dateReserved": "2022-07-01T00:00:00", "dateUpdated": "2024-08-03T00:32:09.615Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3134
Vulnerability from cvelistv5
Published
2022-09-06 00:00
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 9.0.0389.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:00:10.348Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0389", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0389." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc" }, { "url": "https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3134", "datePublished": "2022-09-06T00:00:00", "dateReserved": "2022-09-05T00:00:00", "dateUpdated": "2024-08-03T01:00:10.348Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2345
Vulnerability from cvelistv5
Published
2022-07-08 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 9.0.0046.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:09.701Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/1eed7009-db6d-487b-bc41-8f2fd260483f" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/32acf1f1a72ebb9d8942b9c9d80023bf1bb668ea" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0046", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0046." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/1eed7009-db6d-487b-bc41-8f2fd260483f" }, { "url": "https://github.com/vim/vim/commit/32acf1f1a72ebb9d8942b9c9d80023bf1bb668ea" }, { "name": "FEDORA-2022-9d7a58e376", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/43Y3VJPOTTY3NTREDIFUPITM2POG4ZLP/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "1eed7009-db6d-487b-bc41-8f2fd260483f", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2345", "datePublished": "2022-07-08T00:00:00", "dateReserved": "2022-07-07T00:00:00", "dateUpdated": "2024-08-03T00:32:09.701Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3927
Vulnerability from cvelistv5
Published
2021-11-05 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.701Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e" }, { "name": "FEDORA-2021-58ab85548d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGW56Z6IN4UVM3E5RXXF4G7LGGTRBI5C/" }, { "name": "FEDORA-2021-cfadac570a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCQWPEY2AEYBELCMJYHYWYCD3PZVD2H7/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3581", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0" }, { "url": "https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e" }, { "name": "FEDORA-2021-58ab85548d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGW56Z6IN4UVM3E5RXXF4G7LGGTRBI5C/" }, { "name": "FEDORA-2021-cfadac570a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCQWPEY2AEYBELCMJYHYWYCD3PZVD2H7/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3927", "datePublished": "2021-11-05T00:00:00", "dateReserved": "2021-11-04T00:00:00", "dateUpdated": "2024-08-03T17:09:09.701Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0351
Vulnerability from cvelistv5
Published
2022-01-25 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.065Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213444" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-786", "description": "CWE-786 Access of Memory Location Before Start of Buffer", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161" }, { "url": "https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213444" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/43" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "8b36db58-b65c-4298-be7f-40b9e37fd161", "discovery": "EXTERNAL" }, "title": "Access of Memory Location Before Start of Buffer in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0351", "datePublished": "2022-01-25T00:00:00", "dateReserved": "2022-01-24T00:00:00", "dateUpdated": "2024-08-02T23:25:40.065Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3903
Vulnerability from cvelistv5
Published
2021-10-27 21:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.620Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43" }, { "name": "FEDORA-2021-af135cabe2", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/" }, { "name": "FEDORA-2021-a5e55a9e02", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3564", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-20T14:06:19", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43" }, { "name": "FEDORA-2021-af135cabe2", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/" }, { "name": "FEDORA-2021-a5e55a9e02", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" } ], "source": { "advisory": "35738a4f-55ce-446c-b836-2fb0b39625f8", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3903", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3564" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8" }, { "name": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43" }, { "name": "FEDORA-2021-af135cabe2", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/" }, { "name": "FEDORA-2021-a5e55a9e02", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/" }, { "name": "FEDORA-2021-b0ac29efb1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html" } ] }, "source": { "advisory": "35738a4f-55ce-446c-b836-2fb0b39625f8", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3903", "datePublished": "2021-10-27T21:00:13", "dateReserved": "2021-10-25T00:00:00", "dateUpdated": "2024-08-03T17:09:09.620Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-2208
Vulnerability from cvelistv5
Published
2022-06-27 00:00
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:32:08.726Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.5163", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1" }, { "url": "https://github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195" }, { "name": "FEDORA-2022-719f3ec21b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/" }, { "name": "FEDORA-2022-bb7f3cacbf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "7bfe3d5b-568f-4c34-908f-a39909638cc1", "discovery": "EXTERNAL" }, "title": "NULL Pointer Dereference in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-2208", "datePublished": "2022-06-27T00:00:00", "dateReserved": "2022-06-26T00:00:00", "dateUpdated": "2024-08-03T00:32:08.726Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0408
Vulnerability from cvelistv5
Published
2022-01-30 00:00
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.333Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d" }, { "url": "https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31" }, { "name": "FEDORA-2022-da2fb07efb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "5e635bad-5cf6-46cd-aeac-34ef224e179d", "discovery": "EXTERNAL" }, "title": "Stack-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0408", "datePublished": "2022-01-30T00:00:00", "dateReserved": "2022-01-28T00:00:00", "dateUpdated": "2024-08-02T23:25:40.333Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3770
Vulnerability from cvelistv5
Published
2021-09-06 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:08.768Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/016ad2f2-07c1-4d14-a8ce-6eed10729365" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9" }, { "name": "FEDORA-2021-5fa81a2b04", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2CJLY3CF55I2ULG2X4ENXLSXAXYW5J4/" }, { "name": "FEDORA-2021-4a43cbe0b4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4FFQARG3LGREPDZRI4C7ERQL3RJKEWQ/" }, { "name": "FEDORA-2021-e982f972f2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFNTMVZCN4TRTTCAXRLVQ7H2P7FYAIZQ/" }, { "name": "[oss-security] 20210930 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221124-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3403", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-24T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/016ad2f2-07c1-4d14-a8ce-6eed10729365" }, { "url": "https://github.com/vim/vim/commit/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9" }, { "name": "FEDORA-2021-5fa81a2b04", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2CJLY3CF55I2ULG2X4ENXLSXAXYW5J4/" }, { "name": "FEDORA-2021-4a43cbe0b4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4FFQARG3LGREPDZRI4C7ERQL3RJKEWQ/" }, { "name": "FEDORA-2021-e982f972f2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFNTMVZCN4TRTTCAXRLVQ7H2P7FYAIZQ/" }, { "name": "[oss-security] 20210930 3 new CVE\u0027s in vim", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2021/10/01/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://security.netapp.com/advisory/ntap-20221124-0003/" } ], "source": { "advisory": "016ad2f2-07c1-4d14-a8ce-6eed10729365", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3770", "datePublished": "2021-09-06T00:00:00", "dateReserved": "2021-09-05T00:00:00", "dateUpdated": "2024-08-03T17:09:08.768Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1796
Vulnerability from cvelistv5
Published
2022-05-19 00:00
Modified
2024-08-03 00:16
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 8.2.4979.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:59.889Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/28d032cc688ccfda18c5bbcab8b50aba6e18cde5" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4979", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 8.2.4979." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/f6739b58-49f9-4056-a843-bf76bbc1253e" }, { "url": "https://github.com/vim/vim/commit/28d032cc688ccfda18c5bbcab8b50aba6e18cde5" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "f6739b58-49f9-4056-a843-bf76bbc1253e", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1796", "datePublished": "2022-05-19T00:00:00", "dateReserved": "2022-05-18T00:00:00", "dateUpdated": "2024-08-03T00:16:59.889Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3968
Vulnerability from cvelistv5
Published
2021-11-19 11:40
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
vim is vulnerable to Heap-based Buffer Overflow
References
▼ | URL | Tags |
---|---|---|
https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528 | x_refsource_CONFIRM | |
https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/ | vendor-advisory, x_refsource_FEDORA | |
http://www.openwall.com/lists/oss-security/2022/01/15/1 | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202208-32 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:09.784Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.3610", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-21T05:09:19", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69" }, { "name": "FEDORA-2021-5cd9df120e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-32" } ], "source": { "advisory": "00d62924-a7b4-4a61-ba29-acab2eaa1528", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@huntr.dev", "ID": "CVE-2021-3968", "STATE": "PUBLIC", "TITLE": "Heap-based Buffer Overflow in vim/vim" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "vim/vim", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.2.3610" } ] } } ] }, "vendor_name": "vim" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vim is vulnerable to Heap-based Buffer Overflow" } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122 Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/00d62924-a7b4-4a61-ba29-acab2eaa1528" }, { "name": "https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69", "refsource": "MISC", "url": "https://github.com/vim/vim/commit/a062006b9de0b2947ab5fb376c6e67ef92a8cd69" }, { "name": "FEDORA-2021-5cd9df120e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2LS2DXBTYOCWGAKFMBF3HTWWXPBEFL/" }, { "name": "FEDORA-2021-b0ac29efb1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/" }, { "name": "[oss-security] 20220114 Re: 3 new CVE\u0027s in vim", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/15/1" }, { "name": "GLSA-202208-32", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-32" } ] }, "source": { "advisory": "00d62924-a7b4-4a61-ba29-acab2eaa1528", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3968", "datePublished": "2021-11-19T11:40:12", "dateReserved": "2021-11-17T00:00:00", "dateUpdated": "2024-08-03T17:09:09.784Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0714
Vulnerability from cvelistv5
Published
2022-02-22 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:03.277Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "FEDORA-2022-63ca9a1129", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4436", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-08T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3" }, { "url": "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa" }, { "name": "FEDORA-2022-48bf3cb1c4", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/" }, { "name": "FEDORA-2022-63ca9a1129", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/" }, { "name": "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html" } ], "source": { "advisory": "db70e8db-f309-4f3c-986c-e69d2415c3b3", "discovery": "EXTERNAL" }, "title": "Heap-based Buffer Overflow in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-0714", "datePublished": "2022-02-22T00:00:00", "dateReserved": "2022-02-21T00:00:00", "dateUpdated": "2024-08-02T23:40:03.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1621
Vulnerability from cvelistv5
Published
2022-05-09 00:00
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:10:03.947Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "8.2.4919", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb" }, { "url": "https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b" }, { "name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html" }, { "name": "FEDORA-2022-8df66cdbef", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/" }, { "name": "GLSA-202208-32", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-32" }, { "url": "https://support.apple.com/kb/HT213488" }, { "name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/41" }, { "name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/Oct/28" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "520ce714-bfd2-4646-9458-f52cd22bb2fb", "discovery": "EXTERNAL" }, "title": "Heap buffer overflow in vim_strncpy find_word in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1621", "datePublished": "2022-05-09T00:00:00", "dateReserved": "2022-05-08T00:00:00", "dateUpdated": "2024-08-03T00:10:03.947Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-3256
Vulnerability from cvelistv5
Published
2022-09-22 00:00
Modified
2024-08-03 01:07
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository vim/vim prior to 9.0.0530.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T01:07:05.916Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/8336a3df-212a-4f8d-ae34-76ef1f936bb3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vim/vim/commit/8ecfa2c56b4992c7f067b92488aa9acea5a454ad" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "vim/vim", "vendor": "vim", "versions": [ { "lessThan": "9.0.0530", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Use After Free in GitHub repository vim/vim prior to 9.0.0530." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev" }, "references": [ { "url": "https://huntr.dev/bounties/8336a3df-212a-4f8d-ae34-76ef1f936bb3" }, { "url": "https://github.com/vim/vim/commit/8ecfa2c56b4992c7f067b92488aa9acea5a454ad" }, { "name": "FEDORA-2022-40161673a3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/" }, { "name": "FEDORA-2022-fff548cfab", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/" }, { "name": "FEDORA-2022-4bc60c32a2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/" }, { "name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html" }, { "name": "GLSA-202305-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202305-16" } ], "source": { "advisory": "8336a3df-212a-4f8d-ae34-76ef1f936bb3", "discovery": "EXTERNAL" }, "title": "Use After Free in vim/vim" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-3256", "datePublished": "2022-09-22T00:00:00", "dateReserved": "2022-09-21T00:00:00", "dateUpdated": "2024-08-03T01:07:05.916Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1942
Vulnerability from cvelistv5
Published
2022-05-31 00:00
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
References