CVE-2022-1733

Опубликовано: 17 мая 2022

Источник: redhat

CVSS3: 5.5

Описание

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.

A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a heap buffer overflow vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution.

Меры по смягчению последствий

Untrusted vim scripts with -s [scriptin] are not recommended to run.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	vim	Not affected
Red Hat Enterprise Linux 7	vim	Not affected
Red Hat Enterprise Linux 8	vim	Not affected
Red Hat Enterprise Linux 9	vim	Not affected
Red Hat Virtualization 4	vim	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=2087600vim: Heap-based Buffer Overflow in cindent.c

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-1733

CVSS3: 7.8

ubuntu

около 3 лет назад

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.

CVE-2022-1733

CVSS3: 7.8

nvd

около 3 лет назад

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.

CVE-2022-1733

CVSS3: 7.8

msrc

около 3 лет назад

Описание отсутствует

CVE-2022-1733

CVSS3: 7.8

debian

около 3 лет назад

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ...

GHSA-x282-2jwx-hvgg

CVSS3: 7.8

github

около 3 лет назад

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

5.5 Medium

CVSS3