Описание
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.
A flaw was found in vim, where it is vulnerable to a NULL pointer dereference in the sug_filltree function. This flaw allows a specially crafted file to crash the software.
Отчет
Red Hat Product Security has rated this issue as having a Low security impact, because the "victim" has to run an untrusted file IN SCRIPT MODE. Someone who is running untrusted files in script mode is equivalent to someone just taking a random python script and running it.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | vim | Out of support scope | ||
| Red Hat Enterprise Linux 7 | vim | Out of support scope | ||
| Red Hat Enterprise Linux 8 | vim | Fix deferred | ||
| Red Hat Enterprise Linux 9 | vim | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240.
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.024 ...
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0239.
EPSS
5.5 Medium
CVSS3