CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
AI Score
Confidence
Low
EPSS
Percentile
13.2%
A double-free and use-after-free vulnerability was found in the Vim editor. This flaw exists due to the corresponding tagstack being used twice when closing the window and if the quick fix list belonging to that window is also cleared using the same tagstack data. In this instance, Vim will try to free the memory again, causing a crash.