CNNVD-202508-975 Information

CNNVD ID

CNNVD-202508-975

Related CVE

CVE-2025-55158

• CNNVD Published: 2025-08-11

Description (Chinese)

Vim是Vim开源的一款跨平台的文本编辑器。 Vim 9.1.1231至9.1.1406之前版本存在资源管理错误漏洞，该漏洞源于处理嵌套元组时存在双重释放问题，可能导致内存损坏。

Description (English)

Vim is a cross-platform text editor for Vim Open Source. Vim 9.1.1231 to 9.1.1406 had an error in resource management, which stemmed from the problem of double release in the treatment of nested arrays, which could lead to memory damage.

Hazard Level

Medium

Vulnerability Type

资源管理错误

Affected Vendor

Vim

Published

2025-08-11

Last Modified

2026-02-24

References

https://github.com/vim/vim/releases/tag/v9.1.1406 https://github.com/vim/vim/commit/9772025d24e939fd84b85748ce35c26874c05775 https://github.com/vim/vim/security/advisories/GHSA-5fg8-wvx3-583x https://vigilance.fr/vulnerability/Vim-use-after-free-via-clear-tv-48270

Patch

https://github.com/vim/vim/tags