VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-qq3v-ny5g-bkeh

Essentials
Severities (19)
References (15)
Severity details (15)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-qq3v-ny5g-bkeh
Aliases	CVE-2023-0054
Summary
Status	Published
Exploitability	0.5
Weighted Severity	7.0
Risk	3.5
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-787	Out-of-bounds Write
CWE-252	Unchecked Return Value

System	Score	Found at
cvssv3	7.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0054.json
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2023-0054
epss	0.00024	https://api.first.org/data/v1/epss?cve=CVE-2023-0054
epss	0.00027	https://api.first.org/data/v1/epss?cve=CVE-2023-0054
epss	0.00027	https://api.first.org/data/v1/epss?cve=CVE-2023-0054
cvssv3	7.3	http://seclists.org/fulldisclosure/2023/Mar/17
ssvc	Track	http://seclists.org/fulldisclosure/2023/Mar/17
cvssv3.1	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3	7.3	https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731
ssvc	Track	https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731
cvssv3	7.3	https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d
ssvc	Track	https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d
cvssv3	7.3	https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html
archlinux	Unknown	https://security.archlinux.org/AVG-2843
cvssv3	7.3	https://security.gentoo.org/glsa/202305-16
ssvc	Track	https://security.gentoo.org/glsa/202305-16
cvssv3	7.3	https://support.apple.com/kb/HT213670
ssvc	Track	https://support.apple.com/kb/HT213670

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0054.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-0054
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0054
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1031875		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031875
17		http://seclists.org/fulldisclosure/2023/Mar/17
202305-16		https://security.gentoo.org/glsa/202305-16
2161349		https://bugzilla.redhat.com/show_bug.cgi?id=2161349
3ac1d97a1d9353490493d30088256360435f7731		https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731
AVG-2843		https://security.archlinux.org/AVG-2843
b289ee0f-fd16-4147-bd01-c6289c45e49d		https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d
HT213670		https://support.apple.com/kb/HT213670
msg00015.html		https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html
USN-5836-1		https://usn.ubuntu.com/5836-1/
USN-5963-1		https://usn.ubuntu.com/5963-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0054.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2023/Mar/17

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T15:34:11Z/ Found at http://seclists.org/fulldisclosure/2023/Mar/17

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T15:34:11Z/ Found at https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T15:34:11Z/ Found at https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T15:34:11Z/ Found at https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202305-16

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T15:34:11Z/ Found at https://security.gentoo.org/glsa/202305-16

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/kb/HT213670

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T15:34:11Z/ Found at https://support.apple.com/kb/HT213670

Exploit Prediction Scoring System (EPSS)

Percentile	0.07228
EPSS Score	0.00024
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-10T18:09:50.501688+00:00	SUSE Severity Score Importer	Import	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml	38.6.0