CVE-2022-4293
MEDIUMvim < 9.0.0804 - Floating Point Comparison with Incorrect Operator
Title source: llmDescription
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
References (4)
Core 4
Core References
Patch, Third Party Advisory
https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b
Exploit, Patch, Third Party Advisory
https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230203-0007/
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202305-16
Scores
CVSS v3
5.5
EPSS
0.0046
EPSS Percentile
36.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-697
CWE-1077
Status
published
Products (1)
vim/vim
< 9.0.0804
Published
Dec 05, 2022
Tracked Since
Feb 18, 2026