Description
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.
References (12)
Core 12
Core References
Exploit, Patch, Third Party Advisory
https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf
Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL/
Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZOXBUJLJ5VSPN3YXWN7XZA4JDYKNE7GZ/
Mailing List
http://seclists.org/fulldisclosure/2023/Dec/10
Mailing List
http://seclists.org/fulldisclosure/2023/Dec/11
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/
Mailing List
http://seclists.org/fulldisclosure/2023/Dec/9
Vendor Advisory
https://support.apple.com/kb/HT214036
Vendor Advisory
https://support.apple.com/kb/HT214037
Vendor Advisory
https://support.apple.com/kb/HT214038
Scores
CVSS v3
7.5
EPSS
0.0006
EPSS Percentile
17.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-122
CWE-787
Status
published
Products (3)
fedoraproject/fedora
37
fedoraproject/fedora
38
vim/vim
< 9.0.1969
Published
Oct 02, 2023
Tracked Since
Feb 18, 2026