CVE-2023-0433

CVSS V2 None CVSS V3 None
Description
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
Overview
  • CVE ID
  • CVE-2023-0433
  • Assigner
  • security@huntr.dev
  • Vulnerability Status
  • Modified
  • Published Version
  • 2023-01-21T15:15:10
  • Last Modified Date
  • 2023-03-28T05:15:14
Weakness Enumerations
CWE URL
CWE-122 http://cwe.mitre.org/data/definitions/122.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:* 1 OR 9.0.1225
References
Reference URL Reference Tags
http://seclists.org/fulldisclosure/2023/Mar/17
http://seclists.org/fulldisclosure/2023/Mar/18
http://seclists.org/fulldisclosure/2023/Mar/21
https://github.com/vim/vim/commit/11977f917506d950b7e0cae558bd9189260b253b Patch Third Party Advisory
https://huntr.dev/bounties/ae933869-a1ec-402a-bbea-d51764c6618e Exploit Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EX6N2DB75A73MQGVW3CS4VTNPAYVM2M/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PZWIJBSQX53P7DHV77KRXJIXA4GH7XHC/
https://support.apple.com/kb/HT213670
https://support.apple.com/kb/HT213675
https://support.apple.com/kb/HT213677
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-0433
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0433
History
Created Old Value New Value Data Type Notes
2023-01-21 17:14:27 Added to TrackCVE
2023-01-21 17:14:27 Weakness Enumeration new
2023-01-23 15:14:31 2023-01-23T15:08:08 CVE Modified Date updated
2023-01-23 15:14:31 Received Awaiting Analysis Vulnerability Status updated
2023-01-23 15:14:35 CVSS V3 information new
2023-01-27 20:15:19 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-27 20:15:21 CVSS V3 information new
2023-01-30 21:13:47 2023-01-30T17:26:28 CVE Modified Date updated
2023-01-30 21:13:48 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-30 21:13:51 CPE Information updated
2023-01-30 21:13:51 CVSS V3 information new
2023-02-13 05:17:14 2023-02-13T04:53:24 CVE Modified Date updated
2023-02-13 05:17:14 Analyzed Modified Vulnerability Status updated
2023-02-13 05:17:15 References updated
2023-02-13 05:17:15 CVSS V3 information new
2023-02-18 03:16:51 2023-02-18T03:15:10 CVE Modified Date updated
2023-02-18 03:16:52 References updated
2023-02-18 03:16:52 CVSS V3 information new
2023-03-28 02:15:41 2023-03-28T02:15:14 CVE Modified Date updated
2023-03-28 02:15:42 References updated
2023-03-28 02:15:42 CVSS V3 information new
2023-03-28 05:16:51 2023-03-28T05:15:14 CVE Modified Date updated
2023-03-28 05:16:52 References updated
2023-03-28 05:16:52 CVSS V3 information new