Vulnerability CVE-2023-0051: Information

Description

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-0051
Published: Jan. 4, 2023
Modified: May 3, 2023
Error type identifier: CWE-122

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
vimsisyphus9.0.1174-alt19.1.0050-alt4ALT-PU-2023-1031-1313181Fixed
vimsisyphus_e2k9.0.1174-alt19.1.0050-alt3ALT-PU-2023-2168-1-Fixed
vimsisyphus_riscv649.0.1174-alt19.1.0050-alt4ALT-PU-2023-2224-1-Fixed
vimp109.0.1174-alt19.1.0050-alt3ALT-PU-2023-1098-1313277Fixed
vimp10_e2k9.0.1174-alt19.1.0050-alt3ALT-PU-2023-2279-1-Fixed
vimc10f19.0.1174-alt19.1.0050-alt2ALT-PU-2023-1098-1313277Fixed
vimc9f29.0.1174-alt19.1.0050-alt2ALT-PU-2023-1092-1313276Fixed
vimp119.0.1174-alt19.1.0050-alt3ALT-PU-2023-1031-1313181Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://huntr.dev/bounties/1c8686db-baa6-42dc-ba45-aed322802de9
  • Exploit
  • Third Party Advisory
https://github.com/vim/vim/commit/c32949b0779106ed5710ae3bffc5053e49083ab4
  • Patch
  • Third Party Advisory
https://support.apple.com/kb/HT213670
    20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3
      GLSA-202305-16

          1. Configuration 1

            cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*
            End excliding
            9.0.1144
        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
        Version: v24.5.3
        Back to top