CVE-2023-4738
Published: 2 September 2023
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.
Priority
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.8 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
References
- https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612/
- https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1 (v9.0.1848)
- https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1
- https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612
- https://ubuntu.com/security/notices/USN-6452-1
- https://www.cve.org/CVERecord?id=CVE-2023-4738
- NVD
- Launchpad
- Debian