Undefined Behavior for Input to API

CVE-2022-2598

Medium

5.5/10

Summary

Undefined Behavior for Input to API in vim versions prior to 9.0.0101.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-475 - Undefined Behavior for Input to API

The behavior of this function is undefined unless its control parameter is set to a specific value.

References

Advisory Timeline

Published Aug 01, 2022