GoogleOSV:CVE-2022-1620CVE-2022-1620
0.003 Low
EPSS
Percentile
69.3%
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.
| CPE | Name | Operator | Version |
|---|---|---|---|
| vim | eq | 7.3.1070-r0 | |
| vim | eq | 7.3.82-r0 | |
| vim | eq | 8.2.3779-r1 | |
| vim | eq | 8.2.1168-r0 | |
| vim | eq | 8.2.3156-r0 | |
| vim | eq | 8.2.3500-r0 | |
| vim | eq | 8.0.0027-r0 | |
| vim | eq | 7.3.515-r0 | |
| vim | eq | 8.1.0022-r0 | |
| vim | eq | 8.0.0460-r0 |
References
seclists.org/fulldisclosure/2022/Oct/28
seclists.org/fulldisclosure/2022/Oct/41
github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f
huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51
lists.fedoraproject.org/archives/list/[email protected]/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/
lists.fedoraproject.org/archives/list/[email protected]/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/
lists.fedoraproject.org/archives/list/[email protected]/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/
security.gentoo.org/glsa/202208-32
security.gentoo.org/glsa/202305-16
support.apple.com/kb/HT213488
Related
