CVE-2025-1215

Low CVSS: 2.4

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.

Vendor

Vim

Product

Vim

CWE

CWE-119

Yayın Tarihi

2025-02-12 19:15:10

Güncelleme

2025-08-13 17:28:19

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Vim LOW Vim 2025

Referanslar

https://github.com/vim/vim/commit/c5654b84480822817bb7b69ebc97c174c91185e9 https://github.com/vim/vim/issues/16606 https://github.com/vim/vim/releases/tag/v9.1.1097 https://vuldb.com/?ctiid.295174 https://vuldb.com/?id.295174 https://vuldb.com/?submit.497546 https://security.netapp.com/advisory/ntap-20250321-0005/ https://github.com/vim/vim/issues/16606 https://vuldb.com/?submit.497546

Benzer Kayıtlar

Critical

CVE-2026-34714

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configurat…

Medium

CVE-2026-33412

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in…

Medium

CVE-2026-32249

Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encoun…

Medium

CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds r…

Medium

CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim'…

Medium

CVE-2026-28420

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an ou…