7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
34.7%
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
CPE | Name | Operator | Version |
---|---|---|---|
vim | eq | 8.1.2137-r0 | |
vim | eq | 7.4.861-r0 | |
vim | eq | 8.2.4619-r0 | |
vim | eq | 8.2.3650-r0 | |
vim | eq | 8.2.3082-r0 | |
vim | eq | 8.0.0178-r0 | |
vim | eq | 7.4.2028-r0 | |
vim | eq | 8.0.0008-r0 | |
vim | eq | 8.2.2956-r0 | |
vim | eq | 8.0.0349-r0 |
seclists.org/fulldisclosure/2023/Mar/17
seclists.org/fulldisclosure/2023/Mar/18
seclists.org/fulldisclosure/2023/Mar/21
github.com/vim/vim/commit/11977f917506d950b7e0cae558bd9189260b253b
huntr.dev/bounties/ae933869-a1ec-402a-bbea-d51764c6618e
lists.fedoraproject.org/archives/list/[email protected]/message/4EX6N2DB75A73MQGVW3CS4VTNPAYVM2M/
lists.fedoraproject.org/archives/list/[email protected]/message/PZWIJBSQX53P7DHV77KRXJIXA4GH7XHC/
support.apple.com/kb/HT213670
support.apple.com/kb/HT213675
support.apple.com/kb/HT213677