漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Vim double-free vulnerability during Vim9 script import operations
Vulnerability Description
Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.
CVSS Information
N/A
Vulnerability Type
双重释放
Vulnerability Title
Vim 资源管理错误漏洞
Vulnerability Description
Vim是Vim开源的一款跨平台的文本编辑器。 Vim 9.1.1231至9.1.1406之前版本存在资源管理错误漏洞,该漏洞源于处理嵌套元组时存在双重释放问题,可能导致内存损坏。
CVSS Information
N/A
Vulnerability Type
N/A