Lucene search

[email protected]CVE-2022-4292

HistoryDec 05, 2022 - 7:15 p.m.

CVE-2022-4292

2022-12-0519:15:10

CWE-416

[email protected]

web.nvd.nist.gov

122

github

vim

use after free

cve-2022-4292

nvd

security vulnerability

9.0.0882

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

48.9%

JSON

Use After Free in GitHub repository vim/vim prior to 9.0.0882.

Affected configurations

NVD

Node

vimvimRange<9.0.0882

Node

netappontap_select_deploy_administration_utilityMatch-

CNA Affected

[
  {
    "vendor": "vim",
    "product": "vim/vim",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "9.0.0882",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/vim/vim/commit/c3d27ada14acd02db357f2d16347acc22cb17e93

huntr.dev/bounties/da3d4c47-e57a-451e-993d-9df0ed31f57b

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/

security.gentoo.org/glsa/202305-16

security.netapp.com/advisory/ntap-20230113-0005/

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

48.9%

JSON

Related for CVE-2022-4292

veracode1 prion1 debiancve1 redhatcve1 cloudlinux1 cvelist1 nvd1 huntr1 ubuntucve1 alpinelinux1 osv2 nessus31 amazon2 fedora1 openvas21 slackware1 photon2 ubuntu1 cloudfoundry1 gentoo1