Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-68104
HistoryAug 19, 2022 - 12:00 a.m.

Vim Resource Management Error Vulnerability (CNVD-2022-68104)

2022-08-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
vim
resource management
error
vulnerability
cross-platform
text editor
security
versions
instruction
function
memory
attack
crash
code execution

EPSS

0.001

Percentile

45.1%

Vim is a cross-platform text editor, and a security vulnerability exists in versions prior to Vim 9.0.0221. The vulnerability stems from a mix-up in the instructions for the generate_PCALL function responsible for freeing memory. An attacker could exploit this vulnerability to potentially cause a crash, arbitrary code execution, etc.