GoogleOSV:CVE-2022-2946CVE-2022-2946
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
31.5%
Use After Free in GitHub repository vim/vim prior to 9.0.0246.
| CPE | Name | Operator | Version |
|---|---|---|---|
| vim | eq | 8.2.4969-r0 | |
| vim | eq | 8.2.2137-r0 | |
| vim | eq | 7.3.547-r0 | |
| vim | eq | 8.2.4542-r0 | |
| vim | eq | 8.2.2404-r0 | |
| vim | eq | 8.2.3567-r0 | |
| vim | eq | 8.2.5000-r1 | |
| vim | eq | 7.4.861-r0 | |
| vim | eq | 8.0.1359-r0 | |
| vim | eq | 8.0.1240-r0 |
References
github.com/vim/vim/commit/adce965162dd89bf29ee0e5baf53652e7515762c
huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5
lists.debian.org/debian-lts-announce/2022/11/msg00009.html
lists.fedoraproject.org/archives/list/[email protected]/message/C72HDIMR3KTTAO7QGTXWUMPBNFUFIBRD/
security.gentoo.org/glsa/202305-16
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
31.5%