Home > Vulnerability Database > CVE-2023-48231

Mend.io Vulnerability Database

CVE-2023-48231

Date: November 16, 2023

Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit "25aabc2b" which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Language: C

Severity Score

3.9

Related Resources (11)

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/

Url: https://github.com/vim/vim/commit/25aabc2b8ee1e19ced6f4da9d866cf9378fc4c5a

Url: https://security.netapp.com/advisory/ntap-20231227-0008/

Url: https://github.com/vim/vim/security/advisories/GHSA-8g46-v9ff-c765

Url: http://www.openwall.com/lists/oss-security/2023/11/16/1

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/

Url: https://security-tracker.debian.org/tracker/CVE-2023-48231

Url: https://security.alpinelinux.org/vuln/CVE-2023-48231

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-48231

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/

Url: https://www.mend.io/vulnerability-database/CVE-2023-48231

Severity Score

3.9

Weakness Type (CWE)

Use After Free

CWE-416

CVSS v3.1

Base Score:	3.9
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2023-48231

Date: November 16, 2023

Language: C

Severity Score

Related Resources (11)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?