Advisory ROSA-SA-2024-2435

software: vim 9.0.2130 WASP: ROSA-CHROME packageevrstring: vim-9.0.2130-1 CVE-ID: CVE-2023-46246 BDU-ID: 2023-07250 CVE-Crit: LOW CVE-DESC.: A vulnerability in the gagrowinner function of the vim text editor, protocol for software Unix is caused by an integer overflow. Exploitation of the...

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-431)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-431 advisory. Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file...

Vim < 9.0.2068 Use After Free

Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file src/exdocmd.c in the function docmdline at line 1010 and then used again in src/cmdhist.c at line 759...

The vulnerability of the `ga_grow_inner` function in the Vim text editor is caused by a numerical overflow condition, which allows an attacker to trigger a service failure.

The vulnerability of the gagrowinner function in the Vim text editor, a software for Unix-based systems, is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vim 资源管理错误漏洞

Vim is a cross-platform text editor. Vim suffers from a memory misreference vulnerability that originates from a messed up instruction in the function gagrowinner in file src/alloc.c that is responsible for freeing memory. An attacker can exploit the vulnerability which may lead to program crash,...