Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 890746 (CVE-2023-0288, CVE-2023-0433) - <app-editors/vim-9.0.1403: huntr.dev input fuzzing bugs
Summary: <app-editors/vim-9.0.1403: huntr.dev input fuzzing bugs
Status: CONFIRMED
Alias: CVE-2023-0288, CVE-2023-0433
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B4 [glsa? cleanup]
Keywords: PullRequest
Depends on: CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1264, CVE-2023-1355 904728
Blocks:
  Show dependency tree
 
Reported: 2023-01-13 20:49 UTC by John Helmert III
Modified: 2023-06-05 03:16 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-13 20:49:50 UTC
CVE-2023-0288 (https://huntr.dev/bounties/550a0852-9be0-4abe-906c-f803b34e41d3):
https://github.com/vim/vim/commit/232bdaaca98c34a99ffadf27bf6ee08be6cc8f6a

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-22 23:33:07 UTC
CVE-2023-0433 (https://huntr.dev/bounties/ae933869-a1ec-402a-bbea-d51764c6618e):

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.