{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-1621", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "dateUpdated": "2024-08-03T00:10:03.947Z", "dateReserved": "2022-05-08T00:00:00", "datePublished": "2022-05-09T00:00:00"}, "containers": {"cna": {"title": "Heap buffer overflow in vim_strncpy find_word in vim/vim", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev", "dateUpdated": "2023-05-03T00:00:00"}, "descriptions": [{"lang": "en", "value": "Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution"}], "affected": [{"vendor": "vim", "product": "vim/vim", "versions": [{"version": "unspecified", "lessThan": "8.2.4919", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb"}, {"url": "https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b"}, {"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html"}, {"name": "FEDORA-2022-8df66cdbef", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/"}, {"name": "GLSA-202208-32", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202208-32"}, {"url": "https://support.apple.com/kb/HT213488"}, {"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Oct/41"}, {"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Oct/28"}, {"name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"}, {"name": "GLSA-202305-16", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202305-16"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-122 Heap-based Buffer Overflow", "cweId": "CWE-122"}]}], "source": {"advisory": "520ce714-bfd2-4646-9458-f52cd22bb2fb", "discovery": "EXTERNAL"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:10:03.947Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb", "tags": ["x_transferred"]}, {"url": "https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html"}, {"name": "FEDORA-2022-8df66cdbef", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/"}, {"name": "GLSA-202208-32", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202208-32"}, {"url": "https://support.apple.com/kb/HT213488", "tags": ["x_transferred"]}, {"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/Oct/41"}, {"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/Oct/28"}, {"name": "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"}, {"name": "GLSA-202305-16", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202305-16"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF072C31-D320-47CE-B39B-F45447D70BD9", "versionEndExcluding": "8.2.4919", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC", "versionEndExcluding": "13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution"}, {"lang": "es", "value": "Un Desbordamiento del b\u00fafer de pila en vim_strncpy find_word en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4919. Esta vulnerabilidad es capaz de bloquear el software, Omitir el Mecanismo de Protecci\u00f3n, Modificar la Memoria y una posible ejecuci\u00f3n remota"}], "id": "CVE-2022-1621", "lastModified": "2023-11-07T03:42:03.430", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.5, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-05-10T14:15:08.460", "references": [{"source": "security@huntr.dev", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Oct/28"}, {"source": "security@huntr.dev", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Oct/41"}, {"source": "security@huntr.dev", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb"}, {"source": "security@huntr.dev", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html"}, {"source": "security@huntr.dev", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html"}, {"source": "security@huntr.dev", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/"}, {"source": "security@huntr.dev", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202208-32"}, {"source": "security@huntr.dev", "url": "https://security.gentoo.org/glsa/202305-16"}, {"source": "security@huntr.dev", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213488"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "security@huntr.dev", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2022:5319", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "vim-2:8.0.1763-19.el8_6.2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-06-30T00:00:00Z"}, {"advisory": "RHSA-2022:5319", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "vim-2:8.0.1763-19.el8_6.2", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-06-30T00:00:00Z"}, {"advisory": "RHSA-2022:5242", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "vim-2:8.2.2637-16.el9_0.2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-07-01T00:00:00Z"}, {"advisory": "RHSA-2022:5242", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "vim-2:8.2.2637-16.el9_0.2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-07-01T00:00:00Z"}, {"advisory": "RHSA-2022:5319", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "vim-2:8.0.1763-19.el8_6.2", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2022-06-30T00:00:00Z"}], "bugzilla": {"description": "vim: heap buffer overflow in vim_strncpy", "id": "2083924", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083924"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H", "status": "verified"}, "cwe": "CWE-787", "details": ["Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution", "A flaw was found in vim, where it is vulnerable to a heap buffer overflow in the vim_strncpy find_word function. This flaw allows a specially crafted file to crash software, modify memory and possibly perform remote execution when opened in vim."], "name": "CVE-2022-1621", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "vim", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "vim", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2022-05-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-1621\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-1621\nhttps://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb"], "threat_severity": "Moderate", "upstream_fix": "vim 8.2.4919"}