4 matches found
Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-431)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-431 advisory. Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file...
CVE-2022-3099
A use-after-free vulnerability was found in vim's docmdline function of the src/exdocmd.c file. The issue triggers when an invalid line number on :for is ignored. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering use-after-free that causes an applicati...
Vim 资源管理错误漏洞
Vim is a cross-platform text editor. versions prior to Vim 9.0.0359 are vulnerable to a resource management error, which stems from a post-release reuse in the function docmdline. An attacker could exploit this vulnerability to cause a denial of service attack...
Use After Free in function do_cmdline
Description Use After Free in function docmdline at vim/src/exdocmd.c:1076. vim version git log commit 5d09a401ec393dc930e1104ceb38eab34681de64 HEAD - master, tag: v9.0.0343, origin/master, origin/HEAD Proof of Concept ./vim -u NONE -i NONE -n -m -X -Z -e -s -S /home/fuzz/test/poc7huaf.dat -c :qa...