Lucene search

[email protected]CVE-2022-3234

HistorySep 17, 2022 - 10:15 p.m.

CVE-2022-3234

2022-09-1722:15:09

CWE-787

CWE-122

[email protected]

web.nvd.nist.gov

127

cve-2022-3234

buffer overflow

github repository

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.7%

JSON

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.

Affected configurations

NVD

Node

vimvimRange<9.0.0483

Node

fedoraprojectfedoraMatch35

fedoraprojectfedoraMatch36

fedoraprojectfedoraMatch37

Node

debiandebian_linuxMatch10.0

CPENameOperatorVersion
vim:vimvimlt9.0.0483

CPE	Name	Operator	Version
vim:vim	vim	lt	9.0.0483

CNA Affected

[
  {
    "vendor": "vim",
    "product": "vim/vim",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "9.0.0483",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/vim/vim/commit/c249913edc35c0e666d783bfc21595cf9f7d9e0d

huntr.dev/bounties/90fdf374-bf04-4386-8a23-38c83b88f0da

lists.debian.org/debian-lts-announce/2022/11/msg00009.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/

security.gentoo.org/glsa/202305-16

Social References

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.7%

JSON

Related for CVE-2022-3234

alpinelinux1 nessus32 slackware1 openvas26 redhatcve1 cbl_mariner2 prion1 huntr1 debiancve1 cvelist1 nvd1 veracode1 osv3 ubuntucve1 redos1 fedora3 ubuntu1 cloudfoundry1 amazon1 debian1 mageia1 photon2 gentoo1