Skip to main content

Buffer Over-read

CVE-2022-1720

Severity High
Score 7.8/10

Summary

Buffer Over-read in function "grab_file_name" in vim versions prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

  • LOW
  • LOCAL
  • HIGH
  • UNCHANGED
  • REQUIRED
  • NONE
  • HIGH
  • HIGH

CWE-126 - Buffer Over-read

The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

Advisory Timeline

  • Published