vim/vim is vulnerable to denial of service. The vulnerability exists due to a null pointer dereference in eval.c
which allows an attacker to cause an application crash.
CPE | Name | Operator | Version |
---|---|---|---|
vim:sid | eq | 2:8.2.2434-3 | |
vim:sid | eq | 2:8.2.1913-1+b2 | |
vim:sid | eq | 2:8.2.2434-3 | |
vim:sid | eq | 2:8.2.1913-1+b2 |
github.com/vim/vim/commit/79481367a457951aabd9501b510fd7e3eb29c3d8
huntr.dev/bounties/8dae6ab4-7a7a-4716-a65c-9b090fa057b5
lists.fedoraproject.org/archives/list/[email protected]/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/
lists.fedoraproject.org/archives/list/[email protected]/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/
security-tracker.debian.org/tracker/CVE-2022-2231
security.gentoo.org/glsa/202208-32
security.gentoo.org/glsa/202305-16