Lucene search

@huntrdevCVELIST:CVE-2022-0351

HistoryJan 25, 2022 - 12:00 a.m.

CVE-2022-0351 Access of Memory Location Before Start of Buffer in vim/vim

2022-01-2500:00:00

CWE-786

@huntrdev

www.cve.org

cve-2022-0351

memory location

buffer overflow

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

33.3%

JSON

Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.

CNA Affected

[
  {
    "vendor": "vim",
    "product": "vim/vim",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "8.2",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

seclists.org/fulldisclosure/2022/Oct/28

seclists.org/fulldisclosure/2022/Oct/41

seclists.org/fulldisclosure/2022/Oct/43

github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d

huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161

lists.debian.org/debian-lts-announce/2022/05/msg00022.html

lists.debian.org/debian-lts-announce/2022/11/msg00009.html

security.gentoo.org/glsa/202208-32

support.apple.com/kb/HT213444

support.apple.com/kb/HT213488

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

33.3%

JSON

Related for CVELIST:CVE-2022-0351