CVE-2023-5344

Description

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.

CVSS 3.1 Score

Weakness

• CWE-122
• CWE-787

References

• Apple Security Advisory
• NVD Entry
• http://seclists.org/fulldisclosure/2023/Dec/10
• http://seclists.org/fulldisclosure/2023/Dec/11
• http://seclists.org/fulldisclosure/2023/Dec/9
• https://github.com/vim/vim/commit/3bd7fa12e146c6051490d048a4acbfba974eeb04 (Patch)
• https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf (Exploit, Patch, Third Party Advisory)
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL/ (Mailing List)
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZOXBUJLJ5VSPN3YXWN7XZA4JDYKNE7GZ/ (Mailing List)