{"affected":[{"ecosystem_specific":{"binaries":[{"vim-data-common":"9.1.0111-150500.20.9.1","vim-small":"9.1.0111-150500.20.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.5","name":"vim","purl":"pkg:rpm/suse/vim&distro=SUSE%20Linux%20Enterprise%20Micro%205.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.1.0111-150500.20.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"vim":"9.1.0111-150500.20.9.1","vim-data":"9.1.0111-150500.20.9.1","vim-data-common":"9.1.0111-150500.20.9.1","vim-small":"9.1.0111-150500.20.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP5","name":"vim","purl":"pkg:rpm/suse/vim&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.1.0111-150500.20.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"gvim":"9.1.0111-150500.20.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Desktop Applications 15 SP5","name":"vim","purl":"pkg:rpm/suse/vim&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.1.0111-150500.20.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"gvim":"9.1.0111-150500.20.9.1","vim":"9.1.0111-150500.20.9.1","vim-data":"9.1.0111-150500.20.9.1","vim-data-common":"9.1.0111-150500.20.9.1","vim-small":"9.1.0111-150500.20.9.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"vim","purl":"pkg:rpm/opensuse/vim&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.1.0111-150500.20.9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for vim fixes the following issues:\n\nUpdated to version 9.1.0111, fixes the following security problems\n\n- CVE-2023-48231: Use-After-Free in win_close() (bsc#1217316).\n- CVE-2023-48232: Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320).\n- CVE-2023-48233: overflow with count for :s command (bsc#1217321).\n- CVE-2023-48234: overflow in nv_z_get_count (bsc#1217324).\n- CVE-2023-48235: overflow in ex address parsing (CVE-2023-48235).\n- CVE-2023-48236: overflow in get_number (bsc#1217329).\n- CVE-2023-48237: overflow in shift_line (bsc#1217330).\n- CVE-2023-48706: heap-use-after-free in ex_substitute (bsc#1217432).\n- CVE-2024-22667: stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581).\n- CVE-2023-4750: Heap use-after-free in function bt_quickfix (bsc#1215005).\n","id":"SUSE-SU-2024:1287-1","modified":"2024-04-15T13:03:42Z","published":"2024-04-15T13:03:42Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20241287-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215005"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217316"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217320"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217321"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217324"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217326"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217329"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217330"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217432"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219581"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-4750"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-48231"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-48232"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-48233"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-48234"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-48235"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-48236"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-48237"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-48706"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-22667"}],"related":["CVE-2023-4750","CVE-2023-48231","CVE-2023-48232","CVE-2023-48233","CVE-2023-48234","CVE-2023-48235","CVE-2023-48236","CVE-2023-48237","CVE-2023-48706","CVE-2024-22667"],"summary":"Security update for vim","upstream":["CVE-2023-4750","CVE-2023-48231","CVE-2023-48232","CVE-2023-48233","CVE-2023-48234","CVE-2023-48235","CVE-2023-48236","CVE-2023-48237","CVE-2023-48706","CVE-2024-22667"]}