CVE-2022-1720

High

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the…

@huntrdev·CWE-126·Published 2022-05-16

CVSS

7.8

EPSS

0.02

KEV

Exploits

Vendor statements (4)

cve.orgen

199 chars

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

NVDes

240 chars

Una Lectura Excesiva del Búfer en la función grab_file_name en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4956. Esta vulnerabilidad es capaz de bloquear el software, modificación de la memoria y una posible ejecución remota

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.0	Primary	cve.org	6.6	—	—	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
3.0	Primary	cve.org	6.6	—	—	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
3.0	Secondary	NVD	6.6	1.8	4.7	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H