cbcvebase.
CVE-2023-4736
published 2023-09-02

CVE-2023-4736: Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.

PriorityP433high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.49%
38.2th percentile
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.

Affected

12 ranges
VendorProductVersion rangeFixed in
applemacos
applemacos_sonoma
debianvim
msrccbl2_vim_9.0.1897-1_on_cbl_mariner_2.0
vimvim< 9.0.18339.0.1833
vimvim>= 0 < 9.0.2073-r09.0.2073-r0
vimvim>= 0 < 9.0.1888-r09.0.1888-r0
vimvim>= 0 < 9.0.1888-r09.0.1888-r0
vimvim>= 0 < 9.0.1888-r09.0.1888-r0
vimvim>= 0 < 9.0.1888-r09.0.1888-r0
vimvim>= 0 < 9.0.1888-r09.0.1888-r0
vimvim_vim>= unspecified < 9.0.18339.0.1833

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv7.8HIGH
vendor_debian7.8LOW
vendor_msrc7.8HIGH
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.