Improper Handling of URL Encoding (Hex Encoding)

CVE-2022-4293

Medium

5.5/10

Summary

Floating Point Comparison with Incorrect Operator in vim prior to 9.0.0804.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-177 - Improper Handling of URL Encoding (Hex Encoding)

The software does not properly handle when all or part of an input has been URL encoded.

References

Advisory Timeline

Published Dec 05, 2022