CVE-2022-0128

Опубликовано: 06 янв. 2022

Источник: redhat

CVSS3: 6.1

Описание

vim is vulnerable to Out-of-bounds Read

A heap-based out-of-bounds read flaw was found in vim. This issue allows an attacker to input a specially crafted file causing an application to crash, leading to a denial of service and possibly disclosing a small amount of memory.

Меры по смягчению последствий

Untrusted vim scripts with -s [scriptin] are not recommended to run.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	vim	Not affected
Red Hat Enterprise Linux 7	vim	Not affected
Red Hat Enterprise Linux 8	vim	Not affected
Red Hat Enterprise Linux 9	vim	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=2044954vim: a heap-based OOB read of size 1

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2022-0128

CVSS3: 7.8

ubuntu

около 4 лет назад

vim is vulnerable to Out-of-bounds Read

CVE-2022-0128

CVSS3: 7.8

nvd

около 4 лет назад

vim is vulnerable to Out-of-bounds Read

CVE-2022-0128

CVSS3: 7.8

msrc

около 4 лет назад

Описание отсутствует

CVE-2022-0128

CVSS3: 7.8

debian

около 4 лет назад

vim is vulnerable to Out-of-bounds Read

GHSA-xvgc-v9fj-5m69

CVSS3: 7.8

github

около 4 лет назад

vim is vulnerable to Out-of-bounds Read

6.1 Medium

CVSS3