Published: 11/10/2023 Updated: 15/11/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

NULL Pointer Dereference in GitHub repository vim/vim before 20d161ace307e28690229b68584f2d84556f8960. (CVE-2023-5441) Use After Free in GitHub repository vim/vim prior to v9.0.2010. (CVE-2023-5535)

Vulnerable Product	Search on Vulmon	Subscribe to Product
vim vim
fedoraproject fedora 37
fedoraproject fedora 38
fedoraproject fedora 39

NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960 (CVE-2023-5441) Use After Free in GitHub repository vim/vim prior to v902010 (CVE-2023-5535) ...

Vim is an improved version of the good old UNIX editor Vi Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/allocc` at line 748, which is freed in the file `src/ex_docmdc` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhistc` at line 759 When using the `:history` command, it's ...

CWE-416 https://github.com/vim/vim/commit/41e6f7d6ba67b61d911f9b1d76325cd79224753d https://huntr.dev/bounties/2c2d85a7-1171-4014-bf7f-a2451745861f https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDDWD25AZIHBAA44HQT75OWLQ5UMDKU3/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGTVLUV7UCXXCZAIQIUCLG6JXAVYT3HE/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2319.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-5535

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect