Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-2816
HistoryAug 15, 2022 - 12:00 a.m.

CVE-2022-2816

2022-08-1500:00:00
ubuntu.com
ubuntu.com
21
github repository vim
out-of-bounds read
vulnerability
version 9.0.0212

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

39.3%

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.

Notes

Author Note
rodrigo-zaiden the faulty method check_vim9_unlet was added in version 8.2.0601 with commit d72c1bf0a, so, versions earlier than that are not affected.
OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchvim< 2:8.2.3995-1ubuntu2.11UNKNOWN

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

39.3%