CVE-2022-0714

Name

CVE-2022-0714

Description

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

Exploits

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
Patch	https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa
Exploit	https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
Mailing List	https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html
Third Party Advisory	https://security.gentoo.org/glsa/202208-32
Third Party Advisory	https://support.apple.com/kb/HT213488
FULLDISC	http://seclists.org/fulldisclosure/2022/Oct/41
FULLDISC	http://seclists.org/fulldisclosure/2022/Oct/28
MLIST	https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:vim:vim::::::::`	vim	>= None	<= 8.2.4436

Source package	Branch	Version	Maintainer	Status