CNNVD-202508-974 Information

CNNVD ID

CNNVD-202508-974

Related CVE

CVE-2025-55157

• CNNVD Published: 2025-08-11

Description (Chinese)

Vim是Vim开源的一款跨平台的文本编辑器。 Vim 9.1.1231至9.1.1400之前版本存在资源管理错误漏洞，该漏洞源于处理嵌套元组时存在释放后重用问题，可能导致内存损坏。

Description (English)

Vim is a cross-platform text editor for Vim Open Source. Vim 9.1.1231 to 9.1.1400 had an error in resource management that stemmed from post-release reuse problems in the treatment of embedded modules and could lead to memory damage.

Hazard Level

Medium

Vulnerability Type

资源管理错误

Affected Vendor

Vim

Published

2025-08-11

Last Modified

2026-02-24

References

https://github.com/vim/vim/commit/1307743697bbc46e1518abfea7f89caa95bcaf97 https://github.com/vim/vim/releases/tag/v9.1.1400 https://github.com/vim/vim/security/advisories/GHSA-3r4f-mm4w-wgg6 https://vigilance.fr/vulnerability/Vim-use-after-free-via-tuple-unref-48269

Patch

https://github.com/vim/vim/tags