LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2001-0408
CVE STATUS: Patched
CVE SUMMARY: vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes.
CVSS v2 BASE SCORE: 5.1
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:H/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2001-0408

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2001-0409
CVE STATUS: Patched
CVE SUMMARY: vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.
CVSS v2 BASE SCORE: 2.1
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:N/I:P/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2001-0409

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2002-1377
CVE STATUS: Patched
CVE SUMMARY: vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2002-1377

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2004-1138
CVE STATUS: Patched
CVE SUMMARY: VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu.
CVSS v2 BASE SCORE: 7.2
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2004-1138

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2005-0069
CVE STATUS: Patched
CVE SUMMARY: The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2005-0069

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2005-2368
CVE STATUS: Patched
CVE SUMMARY: vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2005-2368

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2007-2438
CVE STATUS: Patched
CVE SUMMARY: The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
CVSS v2 BASE SCORE: 7.6
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:H/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2007-2438

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2007-2953
CVE STATUS: Patched
CVE SUMMARY: Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2007-2953

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-2712
CVE STATUS: Patched
CVE SUMMARY: Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw.  NOTE: the originally reported version was 7.1.314, but the researcher actually found this set of issues in 7.1.298.  NOTE: the zipplugin issue (originally vector 2 in this identifier) has been subsumed by CVE-2008-3075.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-2712

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3074
CVE STATUS: Patched
CVE SUMMARY: The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases.  NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3075.  NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3074

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3075
CVE STATUS: Patched
CVE SUMMARY: The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive, which is not properly handled by zip.vim in the VIM ZIP plugin (zipPlugin.vim) v.11 through v.21, as demonstrated by the zipplugin and zipplugin.v2 test cases.  NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.  NOTE: this issue has the same root cause as CVE-2008-3074.  NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3075

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3076
CVE STATUS: Patched
CVE SUMMARY: The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases.  NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3076

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3294
CVE STATUS: Patched
CVE SUMMARY: src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
CVSS v2 BASE SCORE: 3.7
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:H/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3294

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-3432
CVE STATUS: Patched
CVE SUMMARY: Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-3432

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-4101
CVE STATUS: Patched
CVE SUMMARY: Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-4101

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2008-6235
CVE STATUS: Patched
CVE SUMMARY: The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2008-6235

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2009-0316
CVE STATUS: Patched
CVE SUMMARY: Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair.
CVSS v2 BASE SCORE: 6.9
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2009-0316

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2016-1248
CVE STATUS: Patched
CVE SUMMARY: vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2016-1248

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-1000382
CVE STATUS: Patched
CVE SUMMARY: VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.
CVSS v2 BASE SCORE: 2.1
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-1000382

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-11109
CVE STATUS: Patched
CVE SUMMARY: Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. NOTE: there might be a limited number of scenarios in which this has security relevance.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-11109

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-17087
CVE STATUS: Patched
CVE SUMMARY: fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382.
CVSS v2 BASE SCORE: 2.1
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-17087

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-5953
CVE STATUS: Patched
CVE SUMMARY: vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-5953

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-6349
CVE STATUS: Patched
CVE SUMMARY: An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-6349

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2017-6350
CVE STATUS: Patched
CVE SUMMARY: An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-6350

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2019-12735
CVE STATUS: Patched
CVE SUMMARY: getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 8.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-12735

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2019-14957
CVE STATUS: Patched
CVE SUMMARY: The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository.
CVSS v2 BASE SCORE: 5.0
CVSS v3 BASE SCORE: 5.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-14957

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2019-20079
CVE STATUS: Patched
CVE SUMMARY: The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-20079

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2019-20807
CVE STATUS: Patched
CVE SUMMARY: In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 5.3
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2019-20807

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2020-20703
CVE STATUS: Patched
CVE SUMMARY: Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2020-20703

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-28832
CVE STATUS: Patched
CVE SUMMARY: VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-28832

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3236
CVE STATUS: Patched
CVE SUMMARY: vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3236

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3770
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 8.6
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3770

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3778
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3778

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3796
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.2
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3796

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3872
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3872

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3875
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3875

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3903
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3903

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3927
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3927

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3928
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use of Uninitialized Variable
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3928

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3968
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 8.5
CVSS v3 BASE SCORE: 8.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:S/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3968

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3973
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 9.3
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:C/I:C/A:C
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3973

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3974
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3974

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-3984
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-3984

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4019
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4019

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4069
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4069

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4136
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4136

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4166
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Out-of-bounds Read
CVSS v2 BASE SCORE: 5.8
CVSS v3 BASE SCORE: 7.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4166

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4173
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4173

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4187
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4187

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4192
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4192

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2021-4193
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Out-of-bounds Read
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2021-4193

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0128
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Out-of-bounds Read
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0128

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0156
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Use After Free
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0156

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0158
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0158

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0213
CVE STATUS: Patched
CVE SUMMARY: vim is vulnerable to Heap-based Buffer Overflow
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0213

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0261
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0261

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0318
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0318

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0319
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0319

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0351
CVE STATUS: Patched
CVE SUMMARY: Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 8.4
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0351

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0359
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0359

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0361
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0361

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0368
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0368

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0392
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0392

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0393
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 5.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0393

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0407
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 5.7
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0407

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0408
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0408

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0413
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0413

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0417
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0417

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0443
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0443

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0554
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0554

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0572
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0572

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0629
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0629

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0685
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0685

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0696
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.2
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0696

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0714
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 8.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0714

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0729
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.
CVSS v2 BASE SCORE: 6.5
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:S/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0729

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-0943
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 8.4
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-0943

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1154
CVE STATUS: Patched
CVE SUMMARY: Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1154

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1160
CVE STATUS: Patched
CVE SUMMARY: heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1160

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1381
CVE STATUS: Patched
CVE SUMMARY: global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1381

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1420
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1420

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1616
CVE STATUS: Patched
CVE SUMMARY: Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1616

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1619
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1619

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1620
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.
CVSS v2 BASE SCORE: 5.0
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1620

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1621
CVE STATUS: Patched
CVE SUMMARY: Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.3
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1621

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1629
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1629

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1674
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1674

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1720
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1720

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1725
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1725

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1733
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1733

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1735
CVE STATUS: Patched
CVE SUMMARY: Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1735

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1769
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1769

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1771
CVE STATUS: Patched
CVE SUMMARY: Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 5.5
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1771

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1785
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1785

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1796
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.4979.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 6.6
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1796

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1851
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1851

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1886
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.1
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1886

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1897
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1897

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1898
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1898

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1927
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1927

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1942
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1942

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-1968
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-1968

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2000
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2000

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2042
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.4
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2042

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2124
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2124

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2125
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2125

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2126
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2126

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2129
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2129

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2175
CVE STATUS: Patched
CVE SUMMARY: Buffer Over-read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2175

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2182
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2182

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2183
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2183

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2206
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2206

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2207
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2207

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2208
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2208

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2210
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2210

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2231
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.
CVSS v2 BASE SCORE: 4.3
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2231

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2257
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2257

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2264
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2264

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2284
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2284

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2285
CVE STATUS: Patched
CVE SUMMARY: Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2285

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2286
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2286

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2287
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 5.8
CVSS v3 BASE SCORE: 8.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2287

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2288
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2288

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2289
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2289

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2304
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2304

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2343
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2343

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2344
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2344

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2345
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0046.
CVSS v2 BASE SCORE: 6.8
CVSS v3 BASE SCORE: 7.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:M/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2345

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2522
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2522

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2571
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2571

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2580
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2580

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2581
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2581

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2598
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.


CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2598

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2816
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2816

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2817
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0213.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2817

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2819
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2819

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2845
CVE STATUS: Patched
CVE SUMMARY: Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.


CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2845

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2849
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2849

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2862
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0221.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.6
VECTOR: NETWORK
VECTORSTRING: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2862

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2874
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2874

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2889
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0225.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2889

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2923
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2923

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2946
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0246.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2946

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2980
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0259.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2980

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-2982
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0260.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.6
VECTOR: NETWORK
VECTORSTRING: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-2982

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3016
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0286.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3016

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3037
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0322.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3037

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3099
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0360.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3099

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3134
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0389.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3134

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3153
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.1
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3153

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3234
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3234

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3235
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0490.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3235

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3256
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0530.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3256

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3278
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.8
VECTOR: NETWORK
VECTORSTRING: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3278

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3296
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3296

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3297
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0579.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3297

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3324
CVE STATUS: Patched
CVE SUMMARY: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3324

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3352
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0614.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3352

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3491
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.0
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3491

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3520
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3520

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3591
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0789.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3591

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-3705
CVE STATUS: Patched
CVE SUMMARY: A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-212324.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.5
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-3705

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-4141
CVE STATUS: Patched
CVE SUMMARY: Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-4141

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-4292
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.0882.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-4292

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-4293
CVE STATUS: Patched
CVE SUMMARY: Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-4293

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2022-47024
CVE STATUS: Patched
CVE SUMMARY: A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2022-47024

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0049
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0049

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0051
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0051

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0054
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0054

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0288
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0288

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0433
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0433

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-0512
CVE STATUS: Patched
CVE SUMMARY: Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-0512

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1127
CVE STATUS: Patched
CVE SUMMARY: Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1127

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1170
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1170

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1175
CVE STATUS: Patched
CVE SUMMARY: Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1175

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1264
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.6
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1264

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-1355
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1402.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 8.4
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1355

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-2426
CVE STATUS: Patched
CVE SUMMARY: Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-2426

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-2609
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-2609

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-2610
CVE STATUS: Patched
CVE SUMMARY: Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-2610

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-3896
CVE STATUS: Patched
CVE SUMMARY: Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3

CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-3896

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-46246
CVE STATUS: Patched
CVE SUMMARY: Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it's possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068.

CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.5
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-46246

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4733
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.1840.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.3
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4733

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4734
CVE STATUS: Patched
CVE SUMMARY: Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4734

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4735
CVE STATUS: Patched
CVE SUMMARY: Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4735

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4736
CVE STATUS: Patched
CVE SUMMARY: Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4736

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4738
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4738

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4750
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.1857.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4750

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4751
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4751

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4752
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to 9.0.1858.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4752

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-4781
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4781

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48231
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48231

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48232
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the 'cpo' setting includes the 'n' flag. Only users with non-default settings are affected and the exception should only result in a crash. This issue has been addressed in commit `cb0b99f0` which has been included in release version 9.0.2107. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48232

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48233
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with e_value_too_large. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `ac6378773` which has been included in release version 9.0.2108. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48233

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48234
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `58f9befca1` which has been included in release version 9.0.2109. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48234

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48235
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an
overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will cause the overflow. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `060623e` which has been included in release version 9.0.2110. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48235

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48236
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger
than MAX_INT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerability has been addressed in commit `73b2d379` which has been included in release version 9.0.2111. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48236

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48237
CVE STATUS: Patched
CVE SUMMARY: Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `6bf131888` which has been included in version 9.0.2112. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48237

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-48706
CVE STATUS: Patched
CVE SUMMARY: Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.7
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-48706

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-5344
CVE STATUS: Patched
CVE SUMMARY: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 4.0
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-5344

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-5441
CVE STATUS: Patched
CVE SUMMARY: NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 6.2
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-5441

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2023-5535
CVE STATUS: Patched
CVE SUMMARY: Use After Free in GitHub repository vim/vim prior to v9.0.2010.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-5535

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.0114
CVE: CVE-2024-22667
CVE STATUS: Patched
CVE SUMMARY: Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.8
VECTOR: LOCAL
VECTORSTRING: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2024-22667