QID 353954

a heap based out-of-bounds write flaw was found in vims ops.c.
This flaw allows an attacker to trick a user to open a crafted file triggering an out-of-bounds write.
This vulnerability is capable of crashing software, modify memory, and possible code execution. (
( CVE-2022-0261) a flaw was found in vim.
the vulnerability occurs due to reading beyond the end of a line in the utf_head_off function, which can lead to a heap buffer overflow.
This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (
( CVE-2022-0318) a flaw was found in vim.
The vulnerability occurs due to illegal memory access with large tabstop in ex mode, which can lead to a heap buffer overflow.
( CVE-2022-0359) heap-based buffer overflow in github repository vim/vim prior to 8.2. (
( CVE-2022-0361) heap-based buffer overflow in github repository vim/vim prior to 8.2. (
( CVE-2022-0392) a flaw was found in vim.
The vulnerability occurs due to using freed memory when the substitute uses a recursive function call, resulting in a use-after-free vulnerability.
( CVE-2022-0413) a heap-based buffer overflow flaw was found in vims ex_retab() function of indent.c file.
This flaw occurs when repeatedly using :retab.
This flaw allows an attacker to trick a user into opening a crafted file triggering a heap-overflow.

Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.