global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2022/Oct/28 | |
http://seclists.org/fulldisclosure/2022/Oct/41 | Mailing List Release Notes Third Party Advisory |
https://github.com/vim/vim/commit/f50808ed135ab973296bca515ae4029b321afe47 | Patch Third Party Advisory |
https://huntr.dev/bounties/55f9c0e8-c221-48b6-a00e-bdcaebaba4a4 | Exploit Patch Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/ | |
https://security.gentoo.org/glsa/202208-32 | Third Party Advisory |
https://security.gentoo.org/glsa/202305-16 | |
https://support.apple.com/kb/HT213488 | Release Notes Third Party Advisory |
Configurations
History
07 Nov 2023, 03:41
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 May 2023, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Nov 2022, 17:10
Type | Values Removed | Values Added |
---|---|---|
References | (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/41 - Mailing List, Release Notes, Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT213488 - Release Notes, Third Party Advisory |
30 Oct 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Oct 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://support.apple.com/kb/HT213488 - Third Party Advisory | |
CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | |
First Time |
Apple macos
Apple |
25 Oct 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Sep 2022, 16:54
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KVPZVE2CIE2NGCHZDMEHPBWN3LK2UQAA/ - Mailing List, Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202208-32 - Third Party Advisory |
21 Aug 2022, 06:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-122 | |
References |
|
30 Apr 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Apr 2022, 16:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6E457NYOIRWBJHKB7ON44UY5AVTG4HU/ - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://huntr.dev/bounties/55f9c0e8-c221-48b6-a00e-bdcaebaba4a4 - Exploit, Patch, Third Party Advisory | |
References | (MISC) https://github.com/vim/vim/commit/f50808ed135ab973296bca515ae4029b321afe47 - Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
First Time |
Fedoraproject
Fedoraproject fedora Vim vim Vim |
|
CWE | CWE-787 |
23 Apr 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Apr 2022, 10:15
Type | Values Removed | Values Added |
---|---|---|
Summary | global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution |
18 Apr 2022, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-18 01:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-1381
Mitre link : CVE-2022-1381
CVE.ORG link : CVE-2022-1381
JSON object : View
Products Affected
fedoraproject
- fedora
apple
- macos
vim
- vim