CVE-2023-48237

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 16, 2023

Updated: Jan 25, 2024

CWE ID 190

Summary

CVE-2023-48237 affects versions of Vim, the open-source command line text editor. In certain instances when shifting lines in operator pending mode with a very large value, an integer overflow can occur, leading to potential crashes. The impact is considered low, as user interaction is required for exploitation, and not all crashes may occur. The issue has been resolved in commit `6bf131888`, which is now included in version 9.0.2112. Users are strongly advised to upgrade to mitigate this vulnerability, as there are no known workarounds.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tY1NwP
https://www.cve.org/CVERecord?id=CVE-2023-48237
https://nvd.nist.gov/vuln/detail/CVE-2023-48237

Back to Vulnerability Database

CVE-2023-48237

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations