VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-2c7s-bgzn-nua4

Essentials
Severities (26)
References (18)
Severity details (24)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-2c7s-bgzn-nua4
Aliases	CVE-2023-5344
Summary
Status	Published
Exploitability	0.5
Weighted Severity	4.8
Risk	2.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-122

Heap-based Buffer Overflow

System	Score	Found at
cvssv3	5.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5344.json
epss	0.00057	https://api.first.org/data/v1/epss?cve=CVE-2023-5344
epss	0.00075	https://api.first.org/data/v1/epss?cve=CVE-2023-5344
cvssv3	4	http://seclists.org/fulldisclosure/2023/Dec/10
ssvc	Track	http://seclists.org/fulldisclosure/2023/Dec/10
cvssv3	4	http://seclists.org/fulldisclosure/2023/Dec/11
ssvc	Track	http://seclists.org/fulldisclosure/2023/Dec/11
cvssv3	4	http://seclists.org/fulldisclosure/2023/Dec/9
ssvc	Track	http://seclists.org/fulldisclosure/2023/Dec/9
cvssv3.1	4	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3	4	https://github.com/vim/vim/commit/3bd7fa12e146c6051490d048a4acbfba974eeb04
ssvc	Track	https://github.com/vim/vim/commit/3bd7fa12e146c6051490d048a4acbfba974eeb04
cvssv3	4	https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf
ssvc	Track	https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf
cvssv3	4	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL/
cvssv3	4	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/
cvssv3	4	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZOXBUJLJ5VSPN3YXWN7XZA4JDYKNE7GZ/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZOXBUJLJ5VSPN3YXWN7XZA4JDYKNE7GZ/
cvssv3	4	https://support.apple.com/kb/HT214036
ssvc	Track	https://support.apple.com/kb/HT214036
cvssv3	4	https://support.apple.com/kb/HT214037
ssvc	Track	https://support.apple.com/kb/HT214037
cvssv3	4	https://support.apple.com/kb/HT214038
ssvc	Track	https://support.apple.com/kb/HT214038

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5344.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-5344
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5344
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10		http://seclists.org/fulldisclosure/2023/Dec/10
1053694		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053694
11		http://seclists.org/fulldisclosure/2023/Dec/11
2242141		https://bugzilla.redhat.com/show_bug.cgi?id=2242141
3bd7fa12e146c6051490d048a4acbfba974eeb04		https://github.com/vim/vim/commit/3bd7fa12e146c6051490d048a4acbfba974eeb04
4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL/
530cb762-899e-48d7-b50e-dad09eb775bf		https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf
9		http://seclists.org/fulldisclosure/2023/Dec/9
HT214036		https://support.apple.com/kb/HT214036
HT214037		https://support.apple.com/kb/HT214037
HT214038		https://support.apple.com/kb/HT214038
USN-6452-1		https://usn.ubuntu.com/6452-1/
XPT7NMYJRLBPIALGSE24UWTY6F774GZW		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/
ZOXBUJLJ5VSPN3YXWN7XZA4JDYKNE7GZ		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZOXBUJLJ5VSPN3YXWN7XZA4JDYKNE7GZ/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5344.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at http://seclists.org/fulldisclosure/2023/Dec/10

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-18T13:55:14Z/ Found at http://seclists.org/fulldisclosure/2023/Dec/10

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at http://seclists.org/fulldisclosure/2023/Dec/11

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-18T13:55:14Z/ Found at http://seclists.org/fulldisclosure/2023/Dec/11

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at http://seclists.org/fulldisclosure/2023/Dec/9

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-18T13:55:14Z/ Found at http://seclists.org/fulldisclosure/2023/Dec/9

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/vim/vim/commit/3bd7fa12e146c6051490d048a4acbfba974eeb04

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-18T13:55:14Z/ Found at https://github.com/vim/vim/commit/3bd7fa12e146c6051490d048a4acbfba974eeb04

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-18T13:55:14Z/ Found at https://huntr.dev/bounties/530cb762-899e-48d7-b50e-dad09eb775bf

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-18T13:55:14Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4W665GQBN6S6ZDMYWVF4X7KMFI7AQKJL/

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPT7NMYJRLBPIALGSE24UWTY6F774GZW/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZOXBUJLJ5VSPN3YXWN7XZA4JDYKNE7GZ/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://support.apple.com/kb/HT214036

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-18T13:55:14Z/ Found at https://support.apple.com/kb/HT214036

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://support.apple.com/kb/HT214037

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-18T13:55:14Z/ Found at https://support.apple.com/kb/HT214037

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://support.apple.com/kb/HT214038

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-18T13:55:14Z/ Found at https://support.apple.com/kb/HT214038

Exploit Prediction Scoring System (EPSS)

Percentile	0.18243
EPSS Score	0.00057
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-10T18:10:34.740292+00:00	SUSE Severity Score Importer	Import	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml	38.6.0