PT-2023-2380 · Vim+4 · Vim+4

Published

2023-03-11

Updated

2024-06-15

CVE-2023-1355

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.0.1402

Description The issue is related to a NULL pointer dereference error in the class object index() function, which can lead to a denial of service. This error is associated with pointer handling mistakes.

Recommendations For versions prior to 9.0.1402, update to version 9.0.1402 or later to resolve the issue. As a temporary workaround, consider restricting the use of the class object index() function until a patch is available.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2023-1955

ALT-PU-2023-2008

ALT-PU-2023-2024

ALT-PU-2023-2089

BDU:2023-02159

CVE-2023-1355

ECHO-36A1-986F-A75D

OPENSUSE-SU-2024:12832-1

ROSA-SA-2023-2268

SUSE-SU-2023:2103-1

SUSE-SU-2023:3463-1

Affected Products

Alt Linux

Debian

Red Os

Suse

Vim

PT-2023-2380 · Vim+4 · Vim+4

CVE-2023-1355

Weakness Enumeration

Related Identifiers

Affected Products

References · 43