Vim: >> Vim >> 7.4.1832 Security Vulnerabilities
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
CVSS Score
9.8
EPSS Score
0.028
Published
2017-02-10
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
CVSS Score
7.8
EPSS Score
0.255
Published
2016-11-23
Page 22