Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-55158

Опубликовано: 11 авг. 2025
Источник: ubuntu
Приоритет: medium
CVSS3: 8.8

Описание

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.

РелизСтатусПримечание
devel

not-affected

see notes
esm-infra-legacy/trusty

not-affected

see notes
esm-infra/bionic

not-affected

see notes
esm-infra/focal

not-affected

see notes
esm-infra/xenial

not-affected

see notes
jammy

not-affected

see notes
noble

not-affected

see notes
plucky

not-affected

see notes
upstream

released

9.1.1406

Показывать по

8.8 High

CVSS3

Связанные уязвимости

CVSS3: 6.1
redhat
16 дней назад

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.

CVSS3: 8.8
nvd
16 дней назад

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.

CVSS3: 8.8
debian
16 дней назад

Vim is an open source, command line text editor. In versions from 9.1. ...

8.8 High

CVSS3