Updated: 2025-08-20 00:11:22.508043
Description:
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 5.0 |
| CVSS Version 3.x | HIGH | 7.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | vim | 7.4.629 | 7.5 | HIGH | Released | CLSA-2022:1653006752 | 2022-05-26 16:03:16 | |
| CloudLinux 6 ELS | vim | 7.4.629 | 7.5 | HIGH | Released | CLSA-2022:1653326657 | 2022-05-26 16:03:15 | |
| Debian 10 ELS | vim | 8.1.0875 | 7.5 | HIGH | Released | CLSA-2025:1761576318 | 2025-10-28 00:34:42 | |
| Oracle Linux 6 ELS | vim | 7.4.629 | 7.5 | HIGH | Released | CLSA-2022:1653328424 | 2022-05-23 16:30:10 | |
| Ubuntu 16.04 ELS | vim | 7.4.1689-3 | 7.5 | HIGH | Released | CLSA-2022:1653329020 | 2022-05-23 16:30:09 |