CVE - CVE-2022-1619

CVE-ID
CVE-2022-1619	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://security.netapp.com/advisory/ntap-20220930-0007/ CONFIRM:https://support.apple.com/kb/HT213488 CONFIRM:https://huntr.dev/bounties/b3200483-624e-4c76-a070-e246f62a7450 URL:https://huntr.dev/bounties/b3200483-624e-4c76-a070-e246f62a7450 FEDORA:FEDORA-2022-8df66cdbef URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/ FEDORA:FEDORA-2022-e92c3ce170 URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/ FEDORA:FEDORA-2022-f0db3943d9 URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/ FULLDISC:20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13 URL:http://seclists.org/fulldisclosure/2022/Oct/28 FULLDISC:20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13 URL:http://seclists.org/fulldisclosure/2022/Oct/41 GENTOO:GLSA-202208-32 URL:https://security.gentoo.org/glsa/202208-32 GENTOO:GLSA-202305-16 URL:https://security.gentoo.org/glsa/202305-16 MISC:https://github.com/vim/vim/commit/ef02f16609ff0a26ffc6e20263523424980898fe URL:https://github.com/vim/vim/commit/ef02f16609ff0a26ffc6e20263523424980898fe MLIST:[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update URL:https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html MLIST:[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update URL:https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html
Assigning CNA
Protect AI
Date Record Created
20220507	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20220507)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)