CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
39.3%
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
Author | Note |
---|---|
rodrigo-zaiden | faulty code was added in version 8.2.2672, with commit b2cb6c8b, so, versions earlier than that are not affected. there is a possibility that version 8.2.2301 (commit 752fc692) is also affected, but the PoC provided didn’t reproduce in this version. Anyway, at least versions prior to 8.2.2301 are not affected. |
github.com/vim/vim/commit/d1d8f6bacb489036d0fd479c9dd3c0102c988889
huntr.dev/bounties/0a9bd71e-66b8-4eb1-9566-7dfd9b097e59
launchpad.net/bugs/cve/CVE-2022-2819
nvd.nist.gov/vuln/detail/CVE-2022-2819
security-tracker.debian.org/tracker/CVE-2022-2819
ubuntu.com/security/notices/USN-6302-1
www.cve.org/CVERecord?id=CVE-2022-2819