vim is vulnerable to denial of service. The vulnerability exists in getcmdline_int
function of ex_getln.c
due to use after free which allows an attacker to crash the application via malicious input.
github.com/vim/vim/commit/1c3dd8ddcba63c1af5112e567215b3cec2de11d0
huntr.dev/bounties/96d5f7a0-a834-4571-b73b-0fe523b941af
lists.debian.org/debian-lts-announce/2022/11/msg00032.html
lists.fedoraproject.org/archives/list/[email protected]/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/
lists.fedoraproject.org/archives/list/[email protected]/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/
lists.fedoraproject.org/archives/list/[email protected]/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/
secdb.alpinelinux.org/edge/main.yaml
security-tracker.debian.org/tracker/CVE-2022-3235
security.gentoo.org/glsa/202305-16