CVE-2022-1619 vulnerability in Vim and Other Products
Published on May 8, 2022
Heap-based Buffer Overflow in function cmdline_erase_chars in vim/vim
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution
Weakness Type
Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Products Associated with CVE-2022-1619
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-1619 are published in these products:
Affected Versions
vim/vim:- Version unspecified and below 8.2.4899 is affected.
Exploit Probability
EPSS
0.50%
Percentile
65.97%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.