Vim is vulnerable to buffer overflow. The vulnerability exists due to a lack of validation of the heap pointer.
seclists.org/fulldisclosure/2022/Oct/28
seclists.org/fulldisclosure/2022/Oct/41
github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa
huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3
lists.debian.org/debian-lts-announce/2022/03/msg00018.html
lists.debian.org/debian-lts-announce/2022/11/msg00009.html
lists.fedoraproject.org/archives/list/[email protected]/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/
lists.fedoraproject.org/archives/list/[email protected]/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/
secdb.alpinelinux.org/edge/main.yaml
security.gentoo.org/glsa/202208-32
support.apple.com/kb/HT213488