Lucene search

K

[email protected]NVD:CVE-2022-3297

HistorySep 25, 2022 - 7:15 p.m.

CVE-2022-3297

2022-09-2519:15:09

CWE-416

[email protected]

web.nvd.nist.gov

1

github repository

vim

vulnerability

version 9.0.0579

use after free

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

47.2%

Use After Free in GitHub repository vim/vim prior to 9.0.0579.

Affected configurations

NVD

Node

vimvimRange<9.0.0579

Node

fedoraprojectfedoraMatch35

OR

fedoraprojectfedoraMatch36

OR

fedoraprojectfedoraMatch37

References

github.com/vim/vim/commit/0ff01835a40f549c5c4a550502f62a2ac9ac447c

huntr.dev/bounties/1aa9ec92-0355-4710-bf85-5bce9effa01c

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/

security.gentoo.org/glsa/202305-16

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

47.2%

Related for NVD:CVE-2022-3297

cvelist1 cbl_mariner2 redhatcve1 huntr1 nessus28 veracode1 alpinelinux1 debiancve1 cve1 ubuntucve1 cnvd1 prion1 redos1 openvas24 fedora3 osv1 ubuntu1 cloudfoundry1 ibm1 amazon1 photon2 mageia1 gentoo1 avleonov1