Base Score

HIGH7.8

CVE-2022-1160

heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647.

VectorLOCAL

Published Bysecurity@huntr.dev

Published DateMar 30, 2022, 19:15

Weakness Type (CWE):CWE-122

CVSS Metrics

Base Score

7.8

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH

References

https://github.com/vim/vim/commit/2bdad6126778f907c0b98002bfebf0e611a3f5db
https://huntr.dev/bounties/a6f3222d-2472-439d-8881-111138a5694c
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/
https://security.gentoo.org/glsa/202208-32
https://security.gentoo.org/glsa/202305-16

Base Score

HIGH7.8

Weakness Type (CWE):CWE-122

CVSS Metrics

Base Score

7.8

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH