| Vulnerability Name: | CVE-2022-2980 (CCN-234499) | ||||||||||||||||||||
| Assigned: | 2022-08-23 | ||||||||||||||||||||
| Published: | 2022-08-23 | ||||||||||||||||||||
| Updated: | 2023-05-03 | ||||||||||||||||||||
| Summary: | Vim is vulnerable to a denial of service, caused by a NULL pointer dereference in function do_mouse in vim/vim. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service. | ||||||||||||||||||||
| CVSS v3 Severity: | 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) 5.0 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L/E:P/RL:O/RC:C)
| ||||||||||||||||||||
| CVSS v2 Severity: | 8.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:C/A:P)
| ||||||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2022-2980 Source: XF Type: UNKNOWN vim-cve20222980-dos(234499) Source: security@huntr.dev Type: Patch, Third Party Advisory security@huntr.dev Source: CCN Type: huntr Web site Use After Free in function qf_fill_buffer in vim/vim Source: security@huntr.dev Type: Exploit, Issue Tracking, Patch, Third Party Advisory security@huntr.dev Source: security@huntr.dev Type: Mailing List, Third Party Advisory security@huntr.dev Source: security@huntr.dev Type: UNKNOWN security@huntr.dev Source: CCN Type: Vim GIT Repository patch 9.0.0259: crash with mouse click when not initialized | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||