CVE-2022-0685

AST

High

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.

CVSS

7.8

High

EPSS

0.02

p75

Published

2022-01-01

Updated

2022-01-01

Description

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.

Tags · CWE

CWE-125

CWE-823

CAPEC-129

CAPEC-540

Affected products

Debian_linux

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Timeline

2022-01-01

Published

2022-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: L

Local (L)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: R

Required (R)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.018 · p75

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Группа Астра (РусБИТех)

Product	Vendor	Status
vim		Tracked
vim		Tracked
vim		Tracked
vim		Tracked
vim		Tracked
vim		Tracked
vim		Tracked
vim		Tracked
vim		Tracked
vim		Tracked
vim		Tracked
vim		Tracked
debian_linux	*	Tracked
fedora	*	Tracked
macos	*	Tracked
vim	*	Tracked

Source databases

AST

DEB

CVE

UBU

Related vulnerabilities

BDU:2022-05979