CVE-2023-0054

Name

CVE-2023-0054

Description

Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

Exploits

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
CONFIRM	https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d
MISC	https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731
CONFIRM	https://support.apple.com/kb/HT213670
FULLDISC	http://seclists.org/fulldisclosure/2023/Mar/17
GENTOO	https://security.gentoo.org/glsa/202305-16

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:vim:vim::::::::`	vim	>= None	< 9.0.1145

Source package	Branch	Version	Maintainer	Status
vim	3.17-main	9.0.0999-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	3.16-main	8.2.5000-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	3.15-main	8.2.4836-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	3.14-main	8.2.4836-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable