CVE-2022-2923

Опубликовано: 22 авг. 2022

Источник: redhat

CVSS3: 5.5

Описание

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.

A flaw was found in vim, where it is vulnerable to a NULL pointer dereference in the sug_filltree function. This flaw allows a specially crafted file to crash the software.

Отчет

Red Hat Product Security has rated this issue as having a Low security impact, because the "victim" has to run an untrusted file IN SCRIPT MODE. Someone who is running untrusted files in script mode is equivalent to someone just taking a random python script and running it.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	vim	Out of support scope
Red Hat Enterprise Linux 7	vim	Out of support scope
Red Hat Enterprise Linux 8	vim	Fix deferred
Red Hat Enterprise Linux 9	vim	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=2120989vim: null pointer dereference in function sug_filltree

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-2923

CVSS3: 5.5

ubuntu

почти 3 года назад

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.

CVE-2022-2923

CVSS3: 5.5

nvd

почти 3 года назад

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.

CVE-2022-2923

CVSS3: 5.5

msrc

почти 3 года назад

Описание отсутствует

CVE-2022-2923

CVSS3: 5.5

debian

почти 3 года назад

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.024 ...

GHSA-x4xp-cxhx-c924

CVSS3: 5.5

github

почти 3 года назад

NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0239.

5.5 Medium

CVSS3