CVE-2023-4781
HIGH EPSS 44.6%
Published Sep 5, 20232y ago ยท Modified Jun 23, 20261w ago
7.8 CVSS 3.1
Published Sep 5, 2023 2y ago
Last Modified Jun 23, 2026 1w ago
Description
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
44.6% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-122
Affected Products 3
References 6
- seclists.org http://seclists.org/fulldisclosure/2023/Oct/24
- github.com https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93
- huntr.dev https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883
- lists.debian.org https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00023.html
- support.apple.com https://support.apple.com/kb/HT213984
Remediation
- github.com https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93
- huntr.dev https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883