CVE-2023-1127

HIGH

Vim < 9.0.1367 - Divide By Zero

Title source: rule

Description

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.

References (5)

[Patch] https://github.com/vim/vim/commit/e0f869196930ef5f25a0ac41c9215b09c9ce2d3c

View Patch ZIP pw:eip

[Exploit, Third Party Advisory] https://huntr.dev/bounties/2d4d309e-4c96-415f-9070-36d0815f1beb

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJ6TMKKBXHGVUHWFGM4X46VIJO7ZAG2W/

Scores

CVSS v3 7.8

EPSS 0.0004

EPSS Percentile 11.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-369

Status published

Affected Products (2)

vim/vim < 9.0.1367

fedoraproject/fedora

Timeline

Published Mar 01, 2023

Tracked Since Feb 18, 2026