Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2023-72256
HistoryMar 13, 2023 - 12:00 a.m.

Vim Denial of Service Vulnerability (CNVD-2023-72256)

2023-03-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
denial of service
cross-platform
null pointer dereference
utfc_ptr2len function
crafted input
vulnerability

EPSS

0.001

Percentile

29.7%

Vim is a cross-platform text editor. A denial of service vulnerability exists in Vim versions prior to 9.0.1392, which stems from the presence of a NULL pointer dereference in the utfc_ptr2len function, which can be exploited to cause a denial of service via crafted input.