CVE-2024-47814
CVSS 3.1 Score 3.9 of 10 (low)
Details
Summary
CVE-2024-47814 identifies a vulnerability in Vim versions prior to 9.1.0764, which is an open source command line text editor, specifically a use-after-free error that can occur when closing a buffer. This vulnerability is triggered by a specific user-configured BufWinLeave auto command that attempts to reopen the same buffer in a new split window, potentially leading to application crashes. Although the severity of this issue is rated as low due to its specific conditions, it requires user interaction and can be exploited locally. No workarounds are available, and users are strongly advised to upgrade to the patched version 9.1.0764 to mitigate risks associated with this vulnerability. The potential impact includes application instability but does not compromise confidentiality or integrity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.