CVE-2022-3234

Name

CVE-2022-3234

Description

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

Exploits

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
MISC	https://github.com/vim/vim/commit/c249913edc35c0e666d783bfc21595cf9f7d9e0d
CONFIRM	https://huntr.dev/bounties/90fdf374-bf04-4386-8a23-38c83b88f0da
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/
MLIST	https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html
FEDORA	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:vim:vim::::::::`	vim	>= None	< 9.0.0483

Source package	Branch	Version	Maintainer	Status
vim	3.16-main	8.2.5000-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	3.15-main	8.2.4836-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	3.14-main	8.2.4836-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	3.13-main	8.2.4836-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable