Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.0 | 7.3 | High | CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
| Product | Vendor | Version |
|---|---|---|
| vim/vim | vim | Snapdragon 8 Gen 2 Mobile Platform |
| vim/vim | vim | 4.2 |