CVE-2024-41965 | vim up to 9.1.0647 File Name dialog_changed use after free (GHSA-46pw-v7qw-xc2f / b29f4abcd4b3382fa746edd1d0562b7b48c)

Posted by Angelo Barbosa | Aug 2, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in vim up to 9.1.0647. Affected by this issue is the function dialog_changed of the component File Name Handler. The manipulation with the input Unnamed leads to use after free.

This vulnerability is handled as CVE-2024-41965. Local access is required to approach this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-41965 | vim up to 9.1.0647 File Name dialog_changed use after free (GHSA-46pw-v7qw-xc2f / b29f4abcd4b3382fa746edd1d0562b7b48c)

Related Posts

CVE-2024-32727 | Rometheme RomethemeForm for Elementor Plugin up to 1.1.2 on WordPress authorization

CVE-2023-47144 | IBM Tivoli Application Dependency Discovery Manager up to 7.3.0.10 Web UI cross site scripting (XFDB-270271)

CVE-2024-7396 | Korenix JetPort 5601v3 up to 1.2 missing encryption

CVE-2023-47856 | LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623 Realtek rtl819x Jungle SDK set_RadvdPrefixParam stack-based overflow (TALOS-2023-1892)