CVE-2022-2125

HIGH7.8JSON export Create alert

Description

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

CVSS breakdown

CVSS 3.0

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

vim / vim/vimunspecified – 8.2

References

MISChttps://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705
PATCHhttps://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f
MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFD2A4YLBR7OIRHTL7CK6YNMEIQ264CN/
MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U743FMJGFQ35GBPCQ6OWMVZEJPDFVEWM/
MISChttps://security.gentoo.org/glsa/202208-32
VENDOR_ADVISORYhttps://support.apple.com/kb/HT213443
VENDOR_ADVISORYhttps://support.apple.com/kb/HT213444
VENDOR_ADVISORYhttps://support.apple.com/kb/HT213488
MAILING_LISThttp://seclists.org/fulldisclosure/2022/Oct/41
MAILING_LISThttp://seclists.org/fulldisclosure/2022/Oct/28
MAILING_LISThttp://seclists.org/fulldisclosure/2022/Oct/43
MAILING_LISThttp://seclists.org/fulldisclosure/2022/Oct/45
MISChttps://security.gentoo.org/glsa/202305-16