Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-48231

Опубликовано: 16 нояб. 2023
Источник: debian

Описание

Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
vimfixed2:9.0.2116-1package

Примечания

  • https://github.com/vim/vim/security/advisories/GHSA-8g46-v9ff-c765

  • https://github.com/vim/vim/commit/25aabc2b8ee1e19ced6f4da9d866cf9378fc4c5a (v9.0.2106)

  • Self-inflicted crash, no security impact

Связанные уязвимости

ubuntu логотип

CVE-2023-48231

CVSS3: 3.9
ubuntu
больше 1 года назад

Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.

redhat логотип

CVE-2023-48231

CVSS3: 4.3
redhat
больше 1 года назад

Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.

nvd логотип

CVE-2023-48231

CVSS3: 3.9
nvd
больше 1 года назад

Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.

fstec логотип

BDU:2024-02412

CVSS3: 4.3
fstec
больше 1 года назад

Уязвимость функции win_close() текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность данных

redos логотип

ROS-20240329-01

CVSS3: 4.3
redos
около 1 года назад

Множественные уязвимости VIM