CVE-2022-1720

Опубликовано: 20 июн. 2022

Источник: debian

EPSS Низкий

Описание

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
vim	fixed	2:9.0.0135-1		package

Примечания

https://huntr.dev/bounties/5ccfb386-7eb9-46e5-98e5-243ea4b358a8
https://github.com/vim/vim/commit/395bd1f6d3edc9f7edb5d1f2d7deaf5a9e3ab93c (v8.2.4956)
Crash in CLI tool, no security impact

EPSS

Процентиль: 66%

0.00519

Низкий

Связанные уязвимости

CVE-2022-1720

CVSS3: 7.8

ubuntu

больше 3 лет назад

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

CVE-2022-1720

CVSS3: 6.1

redhat

больше 3 лет назад

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

CVE-2022-1720

CVSS3: 7.8

nvd

больше 3 лет назад

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

GHSA-r7j4-vhf6-j4qx

CVSS3: 7.8

github

больше 3 лет назад

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

BDU:2022-04217

CVSS3: 3.1

fstec

больше 3 лет назад

Уязвимость комопнента normal.c текстового редактора Vim, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 66%

0.00519

Низкий