Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 890746 (CVE-2023-0288, CVE-2023-0433) - app-editors/vim: huntr.dev input fuzzing bugs
Summary: app-editors/vim: huntr.dev input fuzzing bugs
Status: CONFIRMED
Alias: CVE-2023-0288, CVE-2023-0433
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B4 [ebuild]
Keywords:
Depends on:
Blocks:
 
Reported: 2023-01-13 20:49 UTC by John Helmert III
Modified: 2023-02-10 04:29 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-13 20:49:50 UTC 
CVE-2023-0288 (https://huntr.dev/bounties/550a0852-9be0-4abe-906c-f803b34e41d3):
https://github.com/vim/vim/commit/232bdaaca98c34a99ffadf27bf6ee08be6cc8f6a

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-22 23:33:07 UTC 
CVE-2023-0433 (https://huntr.dev/bounties/ae933869-a1ec-402a-bbea-d51764c6618e):

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.