Home > Vulnerability Database > CVE-2022-1620

Mend.io Vulnerability Database

CVE-2022-1620

Good to know:

Date: May 8, 2022

NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.

Language: VIM SCRIPT

Severity Score

7.5

Related Resources (16)

Url: https://support.apple.com/kb/HT213488

Url: https://access.redhat.com/security/cve/CVE-2022-1620

Url: https://security-tracker.debian.org/tracker/CVE-2022-1620

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JUN33257RUM4RS2I4GZETKFSAXPETATG/

Url: https://security.gentoo.org/glsa/202208-32

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2022-1620

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-1620

Url: http://seclists.org/fulldisclosure/2022/Oct/28

Url: https://security.alpinelinux.org/vuln/CVE-2022-1620

Url: http://seclists.org/fulldisclosure/2022/Oct/41

Url: https://security.gentoo.org/glsa/202305-16

Url: https://github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH/

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI/

Url: https://huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51

Url: https://www.mend.io/vulnerability-database/CVE-2022-1620

Severity Score

7.5

Weakness Type (CWE)

NULL Pointer Dereference

CWE-476

Top Fix

Upgrade Version

Upgrade to version v8.2.4901

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2022-1620

Good to know:

Date: May 8, 2022

Language: VIM SCRIPT

Severity Score

Related Resources (16)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?