LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2001-0408
CVE STATUS: Patched
CVE SUMMARY: vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes.
CVSS v2 BASE SCORE: 5.1
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:H/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2001-0408
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2001-0409
CVE STATUS: Patched
CVE SUMMARY: vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.
CVSS v2 BASE SCORE: 2.1
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:N/I:P/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2001-0409
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2002-1377
CVE STATUS: Patched
CVE SUMMARY: vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2002-1377
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2004-1138
CVE STATUS: Patched
CVE SUMMARY: VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu.
CVSS v2 BASE SCORE: 7.2
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2004-1138
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2005-0069
CVE STATUS: Patched
CVE SUMMARY: The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2005-0069
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2005-2368
CVE STATUS: Patched
CVE SUMMARY: vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2005-2368
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2007-2438
CVE STATUS: Patched
CVE SUMMARY: The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
CVSS v2 BASE SCORE: 7.6
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:H/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2007-2438
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2007-2953
CVE STATUS: Patched
CVE SUMMARY: Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2007-2953
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-2712
CVE STATUS: Patched
CVE SUMMARY: Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw. NOTE: the originally reported version was 7.1.314, but the researcher actually found this set of issues in 7.1.298. NOTE: the zipplugin issue (originally vector 2 in this identifier) has been subsumed by CVE-2008-3075.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-2712
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3074
CVE STATUS: Patched
CVE SUMMARY: The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3075. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3074
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3075
CVE STATUS: Patched
CVE SUMMARY: The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive, which is not properly handled by zip.vim in the VIM ZIP plugin (zipPlugin.vim) v.11 through v.21, as demonstrated by the zipplugin and zipplugin.v2 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3074. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3075
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3076
CVE STATUS: Patched
CVE SUMMARY: The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3076
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3294
CVE STATUS: Patched
CVE SUMMARY: src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
CVSS v2 BASE SCORE: 3.7
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:H/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3294
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3432
CVE STATUS: Patched
CVE SUMMARY: Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3432
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-4101
CVE STATUS: Patched
CVE SUMMARY: Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-4101
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-6235
CVE STATUS: Patched
CVE SUMMARY: The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-6235
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2009-0316
CVE STATUS: Patched
CVE SUMMARY: Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair.
CVSS v2 BASE SCORE: 6.9
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2009-0316
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2016-1248
CVE STATUS: Patched
CVE SUMMARY: vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2016-1248
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-1000382
CVE STATUS: Patched
CVE SUMMARY: VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.
CVSS v2 BASE SCORE: 2.1
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-1000382
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-11109
CVE STATUS: Patched
CVE SUMMARY: Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. NOTE: there might be a limited number of scenarios in which this has security relevance.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-11109
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-17087
CVE STATUS: Patched
CVE SUMMARY: fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382.
CVSS v2 BASE SCORE: 2.1
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-17087
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-5953
CVE STATUS: Patched
CVE SUMMARY: vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-5953
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-6349
CVE STATUS: Patched
CVE SUMMARY: An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-6349
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-6350
CVE STATUS: Patched
CVE SUMMARY: An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-6350
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2019-12735
CVE STATUS: Patched
CVE SUMMARY: getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 8.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-12735
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2019-14957
CVE STATUS: Patched
CVE SUMMARY: The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository.
CVSS v2 BASE SCORE: 5.0
CVSS v3 BASE SCORE: 5.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-14957
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2019-20079
CVE STATUS: Patched
CVE SUMMARY: The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-20079
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2019-20807
CVE STATUS: Patched
CVE SUMMARY: In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 5.3
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-20807
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2020-20703
CVE STATUS: Patched
CVE SUMMARY: Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2020-20703
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-28832
CVE STATUS: Patched
CVE SUMMARY: VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-28832
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3236
CVE STATUS: Patched
CVE SUMMARY: vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3236
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3770
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 8.6
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3770
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3778
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3778
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3796
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.2
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3796
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3872
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3872
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3875
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3875
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3903
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3903
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3927
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3927
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3928
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use of Uninitialized Variable
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3928
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3968
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 8.5
CVSS v3 BASE SCORE: 8.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:S/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3968
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3973
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3973
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3974
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3974
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3984
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3984
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4019
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4019
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4069
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4069
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4136
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4136
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4166
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Out-of-bounds Read
CVSS v2 BASE SCORE: 5.8
CVSS v3 BASE SCORE: 7.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4166
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4173
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4173
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4187
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4187
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4192
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4192
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4193
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Out-of-bounds Read
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4193
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0128
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Out-of-bounds Read
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0128
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0156
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0156
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0158
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0158
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0213
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0213
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0261
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0261
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0318
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0318
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0319
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0319
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0351
CVE STATUS: Patched
CVE SUMMARY: Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 8.4
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0351
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0359
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0359
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0361
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0361
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0368
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0368
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0392
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0392
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0393
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 5.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0393
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0407
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 5.7
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0407
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0408
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0408
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0413
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0413
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0417
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0417
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0443
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0443
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0554
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0554
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0572
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0572
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0629
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0629
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0685
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0685
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0696
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.2
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0696
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0714
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0714
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0729
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.
CVSS v2 BASE SCORE: 6.5
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:S/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0729
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0943
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 8.4
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0943
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1154
CVE STATUS: Patched
CVE SUMMARY: Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1154
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1160
CVE STATUS: Patched
CVE SUMMARY: heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1160
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1381
CVE STATUS: Patched
CVE SUMMARY: global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1381
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1420
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1420
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1616
CVE STATUS: Patched
CVE SUMMARY: Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1616
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1619
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1619
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1620
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.
CVSS v2 BASE SCORE: 5.0
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1620
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1621
CVE STATUS: Patched
CVE SUMMARY: Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1621
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1629
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1629
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1674
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1674
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1720
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1720
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1725
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1725
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1733
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1733
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1735
CVE STATUS: Patched
CVE SUMMARY: Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1735
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1769
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1769
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1771
CVE STATUS: Patched
CVE SUMMARY: Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1771
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1785
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1785
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1796
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.4979.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1796
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1851
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1851
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1886
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1886
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1897
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1897
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1898
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1898
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1927
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1927
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1942
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1942
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1968
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1968
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2000
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2000
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2042
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2042
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2124
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2124
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2125
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2125
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2126
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2126
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2129
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2129
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2175
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2175
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2182
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2182
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2183
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2183
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2206
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2206
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2207
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2207
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2208
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2208
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2210
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2210
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2231
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2231
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2257
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2257
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2264
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2264
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2284
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2284
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2285
CVE STATUS: Patched
CVE SUMMARY: Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2285
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2286
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2286
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2287
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 5.8
CVSS v3 BASE SCORE: 8.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2287
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2288
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2288
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2289
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2289
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2304
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2304
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2343
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2343
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2344
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2344
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2345
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0046.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2345
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2522
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2522
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2571
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2571
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2580
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2580
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2581
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2581
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2598
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2598
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2816
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2816
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2817
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0213.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2817
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2819
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2819
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2845
CVE STATUS: Patched
CVE SUMMARY: Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2845
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2849
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2849
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2862
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0221.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.6
VECTOR: NETWORK
VECTORSTRING: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2862
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2874
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2874
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2889
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0225.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2889
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2923
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2923
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2946
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0246.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2946
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2980
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2980
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2982
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0260.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.6
VECTOR: NETWORK
VECTORSTRING: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2982
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3016
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0286.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3016
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3037
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0322.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3037
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3099
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0360.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3099
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3134
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0389.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3134
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3153
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.1
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3153
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3234
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3234
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3235
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0490.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3235
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3256
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0530.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3256
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3278
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3278
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3296
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3296
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3297
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0579.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3297
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3324
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3324
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3352
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0614.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3352
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3491
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.0
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3491
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3520
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3520
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3591
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0789.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3591
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3705
CVE STATUS: Patched
CVE SUMMARY: A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.5
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3705
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-4141
CVE STATUS: Patched
CVE SUMMARY: Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-4141
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-4292
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0882.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-4292
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-4293
CVE STATUS: Patched
CVE SUMMARY: Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-4293
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-47024
CVE STATUS: Patched
CVE SUMMARY: A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-47024
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0049
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0049
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0051
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0051
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0054
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0054
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0288
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0288
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0433
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0433
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0512
CVE STATUS: Patched
CVE SUMMARY: Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0512
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1127
CVE STATUS: Patched
CVE SUMMARY: Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1127
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1170
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1170
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1175
CVE STATUS: Patched
CVE SUMMARY: Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1175
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1264
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1264
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1355
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 8.4
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1355
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-2426
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-2426
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-2609
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-2609
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-2610
CVE STATUS: Patched
CVE SUMMARY: Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-2610
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-3896
CVE STATUS: Patched
CVE SUMMARY: Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-3896
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-46246
CVE STATUS: Patched
CVE SUMMARY: Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-46246
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4733
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.1840.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4733
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4734
CVE STATUS: Patched
CVE SUMMARY: Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4734
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4735
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4735
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4736
CVE STATUS: Patched
CVE SUMMARY: Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4736
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4738
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4738
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4750
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.1857.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4750
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4751
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4751
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4752
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.1858.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4752
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4781
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4781
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48231
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48231
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48232
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the 'cpo' setting includes the 'n' flag. Only users with non-default settings are affected and the exception should only result in a crash. This issue has been addressed in commit `cb0b99f0` which has been included in release version 9.0.2107. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48232
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48233
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with e_value_too_large. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `ac6378773` which has been included in release version 9.0.2108. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48233
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48234
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `58f9befca1` which has been included in release version 9.0.2109. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48234
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48235
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an
overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will cause the overflow. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `060623e` which has been included in release version 9.0.2110. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48235
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48236
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger
than MAX_INT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerability has been addressed in commit `73b2d379` which has been included in release version 9.0.2111. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48236
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48237
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `6bf131888` which has been included in version 9.0.2112. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48237
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48706
CVE STATUS: Patched
CVE SUMMARY: Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.7
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48706
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-5344
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.0
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-5344
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-5441
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.2
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-5441
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-5535
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to v9.0.2010.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-5535
LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2024-22667
CVE STATUS: Patched
CVE SUMMARY: Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2024-22667