Use After Free in vim/vim
CVE-2023-4750
7.8HIGH
What is CVE-2023-4750?
A vulnerability exists in the Vim text editor that allows an attacker to exploit a Use After Free condition, which could lead to unpredictable behavior, including crashes or the execution of arbitrary code. This flaw affects versions prior to 9.0.1857 and highlights the importance of updating to secure versions to mitigate potential risks.
Affected Version(s)
vim/vim < 9.0.1857
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
CVSS V3.0
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
