Base Score

MEDIUM5.5

CVE-2022-4293

Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.

VectorLOCAL

Published Bysecurity@huntr.dev

Published DateDec 05, 2022, 19:15

Weakness Type (CWE):CWE-1077

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH

References

https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b
https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143
https://security.gentoo.org/glsa/202305-16
https://security.netapp.com/advisory/ntap-20230203-0007/

Base Score

MEDIUM5.5

Weakness Type (CWE):CWE-1077

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH