CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
84.7%
vim is vulnerable to out of bounds read (CVE-2022-0213) Heap-based Buffer Overflow in block_insert() in src/ops.c (CVE-2022-0261) a heap-based OOB read of size 1 (CVE-2022-0128) heap-based buffer overflow in utf_head_off() in mbyte.c (CVE-2022-0318) access of memory location before start of buffer (CVE-2022-0351) heap-based buffer overflow in init_ccline() in ex_getln.c (CVE-2022-0359) Stack-based Buffer Overflow in spellsuggest.c (CVE-2022-0408) use after free in src/ex_cmds.c (CVE-2022-0413) out-of-bounds read in delete_buff_tail() in getchar.c (CVE-2022-0393) heap-based-buffer-overflow in ex_retab() of src/indent.c (CVE-2022-0417) heap-use-after-free in enter_buffer() of src/buffer.c (CVE-2022-0443) heap overflow in ex_retab() may lead to crash (CVE-2022-0572) Stack-based Buffer Overflow in vim prior to 8.2. (CVE-2022-0629) NULL Pointer Dereference in vim prior to 8.2 (CVE-2022-0696) buffer overflow (CVE-2022-0714) Use of Out-of-range Pointer Offset (CVE-2022-0729) Use of Out-of-range Pointer Offset in vim (CVE-2022-0685) Use of Out-of-range Pointer Offset in vim (CVE-2022-0554) Heap-based Buffer Overflow occurs in vim (CVE-2022-0943) heap buffer overflow in get_one_sourceline (CVE-2022-1160) use after free in utf_ptr2char (CVE-2022-1154) global heap buffer overflow in skip_range (CVE-2022-1381) Out-of-range Pointer Offset (CVE-2022-1420) heap-buffer-overflow in append_command of src/ex_docmd.c (CVE-2022-1616) heap-buffer-overflow in cmdline_erase_chars of ex_getln.c (CVE-2022-1619) NULL Pointer Dereference in vim_regexec_string() of regexp.c (CVE-2022-1620) heap buffer overflow (CVE-2022-1621) buffer over-read (CVE-2022-1629) NULL pointer dereference in vim_regexec_string() of regexp.c (CVE-2022-1674) a buffer over-read found in scriptfile.c (CVE-2022-1769) Heap-based Buffer Overflow in cindent.c (CVE-2022-1733)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | vim | < 8.2.4975-1 | vim-8.2.4975-1.mga8 |
bugs.mageia.org/show_bug.cgi?id=29972
bugzilla.redhat.com/show_bug.cgi?id=2083924
lists.fedoraproject.org/archives/list/[email protected]/thread/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/
lists.fedoraproject.org/archives/list/[email protected]/thread/7JBXG3MU6EZWJGJD6UTHHONHGJBYPQQT/
lists.fedoraproject.org/archives/list/[email protected]/thread/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
lists.fedoraproject.org/archives/list/[email protected]/thread/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/
lists.fedoraproject.org/archives/list/[email protected]/thread/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/
lists.fedoraproject.org/archives/list/[email protected]/thread/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2/
lists.fedoraproject.org/archives/list/[email protected]/thread/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/
lists.fedoraproject.org/archives/list/[email protected]/thread/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/
lists.fedoraproject.org/archives/list/[email protected]/thread/IUPOLEX5GXC733HL4EFYMHFU7NISJJZG/
lists.fedoraproject.org/archives/list/[email protected]/thread/ODXVYZC5Z4XRRZK7CK6B6IURYVYHA25U/
lists.fedoraproject.org/archives/list/[email protected]/thread/QKIX5HYKWXWG6QBCPPTPQ53GNOFHSAIS/
lists.fedoraproject.org/archives/list/[email protected]/thread/UCWG5L6CRQWACGVP7CYGESUB3G6QJ3GS/
lists.fedoraproject.org/archives/list/[email protected]/thread/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/
lists.fedoraproject.org/archives/list/[email protected]/thread/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/
lists.fedoraproject.org/archives/list/[email protected]/thread/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/
lists.opensuse.org/archives/list/[email protected]/thread/FDNZ3N5S7UGKPUUKPGOQQGPJJK3YTW37/
www.debian.org/lts/security/2022/dla-3011
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
84.7%