{"id":"CVE-2019-20079","details":"The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.","modified":"2026-04-16T04:42:20.495568364Z","published":"2019-12-30T01:15:12.290Z","references":[{"type":"ADVISORY","url":"https://packetstormsecurity.com/files/154898"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4309-1/"},{"type":"FIX","url":"https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421"},{"type":"FIX","url":"https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/vim/vim","events":[{"introduced":"a27e1dcddc9e3914ab34b164f71c51b72903b00b"},{"fixed":"ec66c41d84e574baf8009dbc0bd088d2bc5b2421"}],"database_specific":{"versions":[{"introduced":"8.1.2121"},{"fixed":"8.1.2136"}]}}],"versions":["v8.1.2121","v8.1.2122","v8.1.2123","v8.1.2124","v8.1.2125","v8.1.2126","v8.1.2127","v8.1.2128","v8.1.2129","v8.1.2130","v8.1.2131","v8.1.2132","v8.1.2133","v8.1.2134","v8.1.2135"],"database_specific":{"vanir_signatures":[{"digest":{"line_hashes":["8993374588444142046204985725761421241","1899505930097774466640795324018095017","249073316609662447104393812658829913899","260641238213725947044821300861757452760","26078658833832316793548050621173778884","133787355157028241164519419296537599806","285483966402064894838252283230738933032","112020568909869822655913587903999635263"],"threshold":0.9},"signature_type":"Line","source":"https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421","deprecated":false,"target":{"file":"src/window.c"},"signature_version":"v1","id":"CVE-2019-20079-9e3a9ec8"},{"target":{"function":"win_enter_ext","file":"src/window.c"},"deprecated":false,"source":"https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421","signature_type":"Function","digest":{"function_hash":"197932960280003161102166363574294990829","length":2281},"signature_version":"v1","id":"CVE-2019-20079-c3dc6cb2"},{"digest":{"threshold":0.9,"line_hashes":["146200493773228420153804765641940418619","41318408147854937763097615485168723658","154253273328064091945022809287679871050","62793648622964961538694293074836760648"]},"signature_type":"Line","source":"https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421","deprecated":false,"target":{"file":"src/version.c"},"signature_version":"v1","id":"CVE-2019-20079-e6b204f2"}],"vanir_signatures_modified":"2026-04-11T14:11:13Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-20079.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"12.04"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"19.10"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}