CVE-2023-1175

medium

Description

Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.

References

Advisories
More

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4KDAU76Z7QNSPKZX2JAJ6O7KIEOXWTL/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/

https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html

https://huntr.dev/bounties/7e93fc17-92eb-4ae7-b01a-93bb460b643e

https://github.com/vim/vim/commit/c99cbf8f289bdda5d4a77d7ec415850a520330ba

Details

Source: Mitre, NVD

Published: 2023-03-04

Updated: 2023-11-07

Risk Information

CVSS v2

Base Score: 6.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 6.6

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

Severity: Medium

EPSS

EPSS: 0.00041