CVE-2023-4738

Name

CVE-2023-4738

Description

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

Exploits

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
MISC	https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1
MISC	https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:vim:vim::::::::`	vim	>= None	< 9.0.1848

Source package	Branch	Version	Maintainer	Status
vim	3.18-main	9.0.1568-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	3.17-main	9.0.0999-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	3.16-main	8.2.5000-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	3.15-main	8.2.4836-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
vim	edge-main	9.0.1888-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed