{"affected":[{"ecosystem_specific":{"binaries":[{"gvim":"9.1.1101-17.41.1","vim":"9.1.1101-17.41.1","vim-data":"9.1.1101-17.41.1","vim-data-common":"9.1.1101-17.41.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5","name":"vim","purl":"pkg:rpm/suse/vim&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.1.1101-17.41.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for vim fixes the following issues:\n\nUpdate to version 9.1.1101:\n  \n- CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685).\n- CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822).\n- CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078).\n- CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode\n  (bsc#1235695).\n- CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151).\n- CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137).\n","id":"SUSE-SU-2025:0722-1","modified":"2025-02-26T13:29:24Z","published":"2025-02-26T13:29:24Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20250722-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229685"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229822"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230078"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235695"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236151"},{"type":"REPORT","url":"https://bugzilla.suse.com/1237137"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-43790"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-43802"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45306"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-1215"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22134"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-24014"}],"related":["CVE-2024-43790","CVE-2024-43802","CVE-2024-45306","CVE-2025-1215","CVE-2025-22134","CVE-2025-24014"],"summary":"Security update for vim","upstream":["CVE-2024-43790","CVE-2024-43802","CVE-2024-45306","CVE-2025-1215","CVE-2025-22134","CVE-2025-24014"]}