CVE-2023-4736
CVE-2023-4736
7.8
HighPublished:
Last updated:
Source:security@huntr.dev
Modified
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Local
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- Required
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.
References
security@huntr.dev
http://seclists.org/fulldisclosure/2023/Oct/24security@huntr.dev
https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71security@huntr.dev
https://support.apple.com/kb/HT213984af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2023/Oct/24af854a3a-2127-422b-91ae-364da2661108
https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0caf854a3a-2127-422b-91ae-364da2661108
https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/kb/HT213984