Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-48233

Date: November 16, 2023

Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with e_value_too_large. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit "ac6378773" which has been included in release version 9.0.2108. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Language: C

Severity Score

Related Resources (10)

https://github.com/vim/vim/security/advisories/GHSA-3xx4-hcq6-r2vj
https://security.netapp.com/advisory/ntap-20231227-0003/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M3VQF7CL3V6FGSEW37WNDFBRRILR65AK/
https://nvd.nist.gov/vuln/detail/CVE-2023-48233
https://github.com/vim/vim/commit/ac63787734fda2e294e477af52b3bd601517fa78
http://www.openwall.com/lists/oss-security/2023/11/16/1
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UJAK2W5S7G75ETDAEM3BDUCVSXCEGRD/
https://security-tracker.debian.org/tracker/CVE-2023-48233
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VNRNYLWXZOGTYWE5HMFNQ5FVE3HBUHF6/
https://www.mend.io/vulnerability-database/CVE-2023-48233

Severity Score

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): LOW

Do you need more information?

Contact Us