CVE-2022-1381 HIGH

CVE-2022-1381: global heap buffer overflow in skip_range in vim/vim

Vendor Vim
Product vim/vim
Weakness CWE-122
Published April 17, 2022
Last update August 3, 2024

CVSS base score

7.8/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

What the vulnerability does

01Description

global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

Key dates

02Disclosure timeline

April 17, 2022 CVE published
August 3, 2024 Record updated