First published: Thu Sep 08 2022(Updated: )
Last updated 24 July 2024
Credit: security@huntr.dev security@huntr.dev
Affected Software | Affected Version | How to fix |
---|---|---|
Vim Vim | <9.0.0404 | |
debian/vim | <=2:8.2.2434-3+deb11u1 | 2:9.0.1378-2 2:9.1.0777-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-3153 is a vulnerability that involves a NULL pointer dereference in the GitHub repository vim/vim prior to version 9.0.0404.
The Ubuntu package vim version 2:8.2.3995-1ubuntu2.11 and the Debian package vim versions 2:8.1.0875-5+deb10u2, 2:8.1.0875-5+deb10u5, and 2:8.2.2434-3+deb11u1 are affected by CVE-2022-3153.
To fix CVE-2022-3153, you should update your Ubuntu vim package to version 2:8.2.3995-1ubuntu2.11 or update your Debian vim package to versions 2:8.1.0875-5+deb10u2, 2:8.1.0875-5+deb10u5, or 2:8.2.2434-3+deb11u1.
The CWE of CVE-2022-3153 is CWE-476, which is NULL Pointer Dereference.
You can find more information about CVE-2022-3153 on the MITRE CVE website, Ubuntu Security Notices, and NVD (National Vulnerability Database) websites.