CVE-2023-48232

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 16, 2023
Updated: Jan 25, 2024
CWE ID 755

Summary

CVE-2023-48232 affects the open source command line text editor, Vim. A floating point exception may occur when calculating line offsets for overlong lines with smooth scrolling enabled and certain 'cpo-settings,' including the 'n' flag, present. This issue only impacts users with non-default settings and results in a crash, but no known workarounds exist. The vulnerability has been resolved in commit 'cb0b99f0,' which is available in Vim release version 9.0.2107. Users are strongly encouraged to upgrade as soon as possible to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share