Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-43802 (GCVE-0-2024-43802)
Vulnerability from cvelistv5
Published
2024-08-26 18:48
Modified
2024-10-04 15:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It's not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43802",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T14:28:07.231057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T14:28:30.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-10-04T15:02:49.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20241004-0008/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vim",
"vendor": "vim",
"versions": [
{
"status": "affected",
"version": "\u003c 9.1.0697"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It\u0027s not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T18:48:11.979Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh"
},
{
"name": "https://github.com/vim/vim/commit/322ba9108612bead5eb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vim/vim/commit/322ba9108612bead5eb"
}
],
"source": {
"advisory": "GHSA-4ghr-c62x-cqfh",
"discovery": "UNKNOWN"
},
"title": "heap-buffer-overflow in ins_typebuf() in Vim \u003c 9.1.0697"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43802",
"datePublished": "2024-08-26T18:48:11.979Z",
"dateReserved": "2024-08-16T14:20:37.326Z",
"dateUpdated": "2024-10-04T15:02:49.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-43802\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-08-26T19:15:07.943\",\"lastModified\":\"2024-11-21T09:35:53.910\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It\u0027s not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue.\"},{\"lang\":\"es\",\"value\":\"Vim es una versi\u00f3n mejorada del editor de texto Unix VI. Al vaciar el b\u00fafer de escritura anticipada, Vim mueve la posici\u00f3n actual en el b\u00fafer de escritura anticipada pero no verifica si queda suficiente espacio en el b\u00fafer para manejar los siguientes caracteres. Por lo tanto, esto puede llevar a que la posici\u00f3n tb_off dentro de la variable typebuf apunte fuera del tama\u00f1o de b\u00fafer v\u00e1lido, lo que luego puede provocar un desbordamiento del b\u00fafer de mont\u00f3n, por ejemplo, en ins_typebuf(). Por lo tanto, al vaciar el b\u00fafer de escritura anticipada, verifique si queda suficiente espacio antes de avanzar a la posici\u00f3n de apagado. De lo contrario, recurra para vaciar el contenido actual de Typebuf. A\u00fan no est\u00e1 del todo claro qu\u00e9 puede conducir a esta situaci\u00f3n. Parece suceder cuando aparecen mensajes de error (lo que har\u00e1 que Vim vac\u00ede el b\u00fafer de escritura anticipada) en combinaci\u00f3n con varios mappgins largos y, por lo tanto, eventualmente puede mover la posici\u00f3n de apagado fuera de un tama\u00f1o de b\u00fafer v\u00e1lido. El impacto es bajo ya que no es f\u00e1cilmente reproducible y requiere tener varias asignaciones activas y ejecutar alguna condici\u00f3n de error. Pero cuando esto sucede, provocar\u00e1 un bloqueo. El problema se solucion\u00f3 a partir del parche Vim v9.1.0697. Se recomienda a los usuarios que actualicen. No se conocen workarounds para este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L\",\"baseScore\":4.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.0,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]}],\"references\":[{\"url\":\"https://github.com/vim/vim/commit/322ba9108612bead5eb\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20241004-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20241004-0008/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-10-04T15:02:49.926Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-43802\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-28T14:28:07.231057Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-28T14:28:22.880Z\"}}], \"cna\": {\"title\": \"heap-buffer-overflow in ins_typebuf() in Vim \u003c 9.1.0697\", \"source\": {\"advisory\": \"GHSA-4ghr-c62x-cqfh\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"vim\", \"product\": \"vim\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 9.1.0697\"}]}], \"references\": [{\"url\": \"https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh\", \"name\": \"https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/vim/vim/commit/322ba9108612bead5eb\", \"name\": \"https://github.com/vim/vim/commit/322ba9108612bead5eb\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It\u0027s not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122: Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-08-26T18:48:11.979Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-43802\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-04T15:02:49.926Z\", \"dateReserved\": \"2024-08-16T14:20:37.326Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-08-26T18:48:11.979Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
wid-sec-w-2025-1439
Vulnerability from csaf_certbund
Published
2025-06-30 22:00
Modified
2025-06-30 22:00
Summary
Dell Secure Connect Gateway: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dell Secure Connect Gateway ist eine Softwarelösung, die als sicherer, zentralisierter Punkt für die Verwaltung des Fernzugriffs und des Supports für Hardware und Software von Dell Technologies dient.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Dell Secure Connect Gateway ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell Secure Connect Gateway ist eine Softwarel\u00f6sung, die als sicherer, zentralisierter Punkt f\u00fcr die Verwaltung des Fernzugriffs und des Supports f\u00fcr Hardware und Software von Dell Technologies dient.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell Secure Connect Gateway ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1439 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1439.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1439 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1439"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-260 vom 2025-06-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000337528/dsa-2025-260-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities"
}
],
"source_lang": "en-US",
"title": "Dell Secure Connect Gateway: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
"tracking": {
"current_release_date": "2025-06-30T22:00:00.000+00:00",
"generator": {
"date": "2025-07-01T15:23:17.939+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1439",
"initial_release_date": "2025-06-30T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.30.0.14",
"product": {
"name": "Dell Secure Connect Gateway \u003c5.30.0.14",
"product_id": "T044974"
}
},
{
"category": "product_version",
"name": "5.30.0.14",
"product": {
"name": "Dell Secure Connect Gateway 5.30.0.14",
"product_id": "T044974-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:5.30.0.14"
}
}
}
],
"category": "product_name",
"name": "Secure Connect Gateway"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-39028",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2022-39028"
},
{
"cve": "CVE-2023-4016",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-4016"
},
{
"cve": "CVE-2023-40403",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-40403"
},
{
"cve": "CVE-2023-46316",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-46316"
},
{
"cve": "CVE-2023-52426",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2023-52831",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52924",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52924"
},
{
"cve": "CVE-2023-52925",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52925"
},
{
"cve": "CVE-2023-52926",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-10041",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-10041"
},
{
"cve": "CVE-2024-11168",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-11168"
},
{
"cve": "CVE-2024-12243",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-12243"
},
{
"cve": "CVE-2024-26634",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26708",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-26708"
},
{
"cve": "CVE-2024-26810",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-26810"
},
{
"cve": "CVE-2024-26873",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-29018",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-29018"
},
{
"cve": "CVE-2024-35826",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35910",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-40635",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-40635"
},
{
"cve": "CVE-2024-40980",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-40980"
},
{
"cve": "CVE-2024-41005",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41055",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-41055"
},
{
"cve": "CVE-2024-41077",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43790",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-43790"
},
{
"cve": "CVE-2024-43802",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-43802"
},
{
"cve": "CVE-2024-43820",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-44974",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-44974"
},
{
"cve": "CVE-2024-45009",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-45009"
},
{
"cve": "CVE-2024-45010",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-45010"
},
{
"cve": "CVE-2024-45306",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-45306"
},
{
"cve": "CVE-2024-46736",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46782",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-47220",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-47220"
},
{
"cve": "CVE-2024-47408",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47794",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49761",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49761"
},
{
"cve": "CVE-2024-49924",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49994",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50029",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50029"
},
{
"cve": "CVE-2024-50036",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50036"
},
{
"cve": "CVE-2024-50056",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50085",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50085"
},
{
"cve": "CVE-2024-50126",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50152",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50185",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50185"
},
{
"cve": "CVE-2024-50290",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50294",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50294"
},
{
"cve": "CVE-2024-52559",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53123",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53123"
},
{
"cve": "CVE-2024-53140",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53147",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53147"
},
{
"cve": "CVE-2024-53163",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53176",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53176"
},
{
"cve": "CVE-2024-53177",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53177"
},
{
"cve": "CVE-2024-53178",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53178"
},
{
"cve": "CVE-2024-53226",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53226"
},
{
"cve": "CVE-2024-53680",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54683",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-55549",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-55549"
},
{
"cve": "CVE-2024-56171",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56171"
},
{
"cve": "CVE-2024-56568",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56568"
},
{
"cve": "CVE-2024-56579",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56579"
},
{
"cve": "CVE-2024-56633",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56633"
},
{
"cve": "CVE-2024-56638",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56647",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56647"
},
{
"cve": "CVE-2024-56702",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56720",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56720"
},
{
"cve": "CVE-2024-56751",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57889",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57889"
},
{
"cve": "CVE-2024-57900",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57947",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57948",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57948"
},
{
"cve": "CVE-2024-57973",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57994",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57994"
},
{
"cve": "CVE-2024-57996",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57999",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58002",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58019",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58069",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58072",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2024-8176",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-8176"
},
{
"cve": "CVE-2025-0395",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-0395"
},
{
"cve": "CVE-2025-1094",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-1094"
},
{
"cve": "CVE-2025-1215",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-1215"
},
{
"cve": "CVE-2025-1795",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-1795"
},
{
"cve": "CVE-2025-21631",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21636",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21636"
},
{
"cve": "CVE-2025-21637",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21637"
},
{
"cve": "CVE-2025-21638",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21647",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21647"
},
{
"cve": "CVE-2025-21659",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21665",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21665"
},
{
"cve": "CVE-2025-21667",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21667"
},
{
"cve": "CVE-2025-21668",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21668"
},
{
"cve": "CVE-2025-21671",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21673",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21673"
},
{
"cve": "CVE-2025-21680",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21680"
},
{
"cve": "CVE-2025-21681",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21681"
},
{
"cve": "CVE-2025-21684",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21684"
},
{
"cve": "CVE-2025-21687",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21687"
},
{
"cve": "CVE-2025-21688",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21688"
},
{
"cve": "CVE-2025-21689",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21689"
},
{
"cve": "CVE-2025-21690",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21690"
},
{
"cve": "CVE-2025-21692",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21692"
},
{
"cve": "CVE-2025-21693",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21697",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21697"
},
{
"cve": "CVE-2025-21699",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21699"
},
{
"cve": "CVE-2025-21700",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21701",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21703",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21705",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21705"
},
{
"cve": "CVE-2025-21706",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21708",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21715",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21715"
},
{
"cve": "CVE-2025-21716",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21716"
},
{
"cve": "CVE-2025-21718",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21719",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21723",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21724",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21725",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21725"
},
{
"cve": "CVE-2025-21726",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21731",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21756",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21759",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21772",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21790",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21790"
},
{
"cve": "CVE-2025-21791",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21793",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21795",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21799",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21799"
},
{
"cve": "CVE-2025-21802",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21802"
},
{
"cve": "CVE-2025-21804",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21810",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21815",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21835",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21838",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21855",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21869",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21876",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21883",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21885",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21888",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21890",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21892"
},
{
"cve": "CVE-2025-22134",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22134"
},
{
"cve": "CVE-2025-22228",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22228"
},
{
"cve": "CVE-2025-22247",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22247"
},
{
"cve": "CVE-2025-22868",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-22869",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-24014",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-24014"
},
{
"cve": "CVE-2025-24813",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-24813"
},
{
"cve": "CVE-2025-24855",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-24855"
},
{
"cve": "CVE-2025-24928",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-24928"
},
{
"cve": "CVE-2025-2588",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-2588"
},
{
"cve": "CVE-2025-26465",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2025-26466",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-26466"
},
{
"cve": "CVE-2025-26597",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-26597"
},
{
"cve": "CVE-2025-27113",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-27113"
},
{
"cve": "CVE-2025-27219",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-27219"
},
{
"cve": "CVE-2025-27220",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-27220"
},
{
"cve": "CVE-2025-27363",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-27363"
},
{
"cve": "CVE-2025-29087",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-29087"
},
{
"cve": "CVE-2025-29088",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-29088"
},
{
"cve": "CVE-2025-31115",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-31115"
},
{
"cve": "CVE-2025-31335",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-31335"
},
{
"cve": "CVE-2025-31650",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-31650"
},
{
"cve": "CVE-2025-31651",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-31651"
},
{
"cve": "CVE-2025-32414",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-32414"
},
{
"cve": "CVE-2025-32415",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-32728",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-32728"
},
{
"cve": "CVE-2025-3360",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-3360"
},
{
"cve": "CVE-2025-4207",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-4207"
},
{
"cve": "CVE-2025-4382",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-4382"
},
{
"cve": "CVE-2025-47268",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-47268"
},
{
"cve": "CVE-2025-4802",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-4802"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T044974"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-48734"
}
]
}
wid-sec-w-2024-1920
Vulnerability from csaf_certbund
Published
2024-08-25 22:00
Modified
2025-06-03 22:00
Summary
vim: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Vim (Vi IMproved) ist eine Weiterentwicklung des Texteditors vi.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in vim ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Vim (Vi IMproved) ist eine Weiterentwicklung des Texteditors vi.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in vim ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1920 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1920.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1920 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1920"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-4ghr-c62x-cqfh vom 2024-08-25",
"url": "https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-2960D36420 vom 2024-08-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-2960d36420"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-BB4B6DA0B6 vom 2024-08-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-bb4b6da0b6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-E4B68C962C vom 2024-08-30",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e4b68c962c"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-055ADF8E6F vom 2024-09-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-055adf8e6f"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7048-1 vom 2024-10-01",
"url": "https://ubuntu.com/security/notices/USN-7048-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7048-2 vom 2024-10-16",
"url": "https://ubuntu.com/security/notices/USN-7048-2"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2711 vom 2024-12-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2711.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0724-1 vom 2025-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020447.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0723-1 vom 2025-02-26",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VO6TTCJMSOJJI42QG6B7VFI2SOUFCSAG/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0722-1 vom 2025-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020449.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4097 vom 2025-03-30",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00023.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20128-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021251.html"
}
],
"source_lang": "en-US",
"title": "vim: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2025-06-03T22:00:00.000+00:00",
"generator": {
"date": "2025-06-04T11:53:05.914+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-1920",
"initial_release_date": "2024-08-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-08-26T22:00:00.000+00:00",
"number": "2",
"summary": "CVE-2024-43802 erg\u00e4nzt"
},
{
"date": "2024-08-29T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-09-01T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-09-08T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-10-01T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-12-19T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-02-26T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-30T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.0697",
"product": {
"name": "Open Source vim \u003c9.1.0697",
"product_id": "T037071"
}
},
{
"category": "product_version",
"name": "9.1.0697",
"product": {
"name": "Open Source vim 9.1.0697",
"product_id": "T037071-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vim:vim:9.1.0697"
}
}
}
],
"category": "product_name",
"name": "vim"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43802",
"product_status": {
"known_affected": [
"2951",
"T002207",
"T000126",
"T037071",
"398363",
"74185"
]
},
"release_date": "2024-08-25T22:00:00.000+00:00",
"title": "CVE-2024-43802"
}
]
}
suse-su-2025:0722-1
Vulnerability from csaf_suse
Published
2025-02-26 13:29
Modified
2025-02-26 13:29
Summary
Security update for vim
Notes
Title of the patch
Security update for vim
Description of the patch
This update for vim fixes the following issues:
Update to version 9.1.1101:
- CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685).
- CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822).
- CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078).
- CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode
(bsc#1235695).
- CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151).
- CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137).
Patchnames
SUSE-2025-722,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-722
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for vim",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for vim fixes the following issues:\n\nUpdate to version 9.1.1101:\n \n- CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685).\n- CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822).\n- CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078).\n- CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode\n (bsc#1235695).\n- CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151).\n- CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-722,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-722",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0722-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0722-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250722-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0722-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020449.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229685",
"url": "https://bugzilla.suse.com/1229685"
},
{
"category": "self",
"summary": "SUSE Bug 1229822",
"url": "https://bugzilla.suse.com/1229822"
},
{
"category": "self",
"summary": "SUSE Bug 1230078",
"url": "https://bugzilla.suse.com/1230078"
},
{
"category": "self",
"summary": "SUSE Bug 1235695",
"url": "https://bugzilla.suse.com/1235695"
},
{
"category": "self",
"summary": "SUSE Bug 1236151",
"url": "https://bugzilla.suse.com/1236151"
},
{
"category": "self",
"summary": "SUSE Bug 1237137",
"url": "https://bugzilla.suse.com/1237137"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43802 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45306 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45306/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1215 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22134 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24014/"
}
],
"title": "Security update for vim",
"tracking": {
"current_release_date": "2025-02-26T13:29:24Z",
"generator": {
"date": "2025-02-26T13:29:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0722-1",
"initial_release_date": "2025-02-26T13:29:24Z",
"revision_history": [
{
"date": "2025-02-26T13:29:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-17.41.1.aarch64",
"product": {
"name": "gvim-9.1.1101-17.41.1.aarch64",
"product_id": "gvim-9.1.1101-17.41.1.aarch64"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-17.41.1.aarch64",
"product": {
"name": "vim-9.1.1101-17.41.1.aarch64",
"product_id": "vim-9.1.1101-17.41.1.aarch64"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-17.41.1.aarch64",
"product": {
"name": "vim-small-9.1.1101-17.41.1.aarch64",
"product_id": "vim-small-9.1.1101-17.41.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-17.41.1.i586",
"product": {
"name": "gvim-9.1.1101-17.41.1.i586",
"product_id": "gvim-9.1.1101-17.41.1.i586"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-17.41.1.i586",
"product": {
"name": "vim-9.1.1101-17.41.1.i586",
"product_id": "vim-9.1.1101-17.41.1.i586"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-17.41.1.i586",
"product": {
"name": "vim-small-9.1.1101-17.41.1.i586",
"product_id": "vim-small-9.1.1101-17.41.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "vim-data-9.1.1101-17.41.1.noarch",
"product": {
"name": "vim-data-9.1.1101-17.41.1.noarch",
"product_id": "vim-data-9.1.1101-17.41.1.noarch"
}
},
{
"category": "product_version",
"name": "vim-data-common-9.1.1101-17.41.1.noarch",
"product": {
"name": "vim-data-common-9.1.1101-17.41.1.noarch",
"product_id": "vim-data-common-9.1.1101-17.41.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-17.41.1.ppc64le",
"product": {
"name": "gvim-9.1.1101-17.41.1.ppc64le",
"product_id": "gvim-9.1.1101-17.41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-17.41.1.ppc64le",
"product": {
"name": "vim-9.1.1101-17.41.1.ppc64le",
"product_id": "vim-9.1.1101-17.41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-17.41.1.ppc64le",
"product": {
"name": "vim-small-9.1.1101-17.41.1.ppc64le",
"product_id": "vim-small-9.1.1101-17.41.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-17.41.1.s390",
"product": {
"name": "gvim-9.1.1101-17.41.1.s390",
"product_id": "gvim-9.1.1101-17.41.1.s390"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-17.41.1.s390",
"product": {
"name": "vim-9.1.1101-17.41.1.s390",
"product_id": "vim-9.1.1101-17.41.1.s390"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-17.41.1.s390",
"product": {
"name": "vim-small-9.1.1101-17.41.1.s390",
"product_id": "vim-small-9.1.1101-17.41.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-17.41.1.s390x",
"product": {
"name": "gvim-9.1.1101-17.41.1.s390x",
"product_id": "gvim-9.1.1101-17.41.1.s390x"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-17.41.1.s390x",
"product": {
"name": "vim-9.1.1101-17.41.1.s390x",
"product_id": "vim-9.1.1101-17.41.1.s390x"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-17.41.1.s390x",
"product": {
"name": "vim-small-9.1.1101-17.41.1.s390x",
"product_id": "vim-small-9.1.1101-17.41.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-17.41.1.x86_64",
"product": {
"name": "gvim-9.1.1101-17.41.1.x86_64",
"product_id": "gvim-9.1.1101-17.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-17.41.1.x86_64",
"product": {
"name": "vim-9.1.1101-17.41.1.x86_64",
"product_id": "vim-9.1.1101-17.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-17.41.1.x86_64",
"product": {
"name": "vim-small-9.1.1101-17.41.1.x86_64",
"product_id": "vim-small-9.1.1101-17.41.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gvim-9.1.1101-17.41.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64"
},
"product_reference": "gvim-9.1.1101-17.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-9.1.1101-17.41.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64"
},
"product_reference": "vim-9.1.1101-17.41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-9.1.1101-17.41.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch"
},
"product_reference": "vim-data-9.1.1101-17.41.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-common-9.1.1101-17.41.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
},
"product_reference": "vim-data-common-9.1.1101-17.41.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43790"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed. This happens by allocating a new buffer. If the search pattern contains some ASCII NUL characters, the buffer allocated will be smaller than the original allocated buffer (because for allocating the reversed buffer, the strlen() function is called, which only counts until it notices an ASCII NUL byte ) and thus the original length indicator is wrong. This causes an overflow when accessing characters inside the msgbuf by the previously (now wrong) length of the msgbuf. The issue has been fixed as of Vim patch v9.1.0689.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43790",
"url": "https://www.suse.com/security/cve/CVE-2024-43790"
},
{
"category": "external",
"summary": "SUSE Bug 1229685 for CVE-2024-43790",
"url": "https://bugzilla.suse.com/1229685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:24Z",
"details": "moderate"
}
],
"title": "CVE-2024-43790"
},
{
"cve": "CVE-2024-43802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43802"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It\u0027s not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43802",
"url": "https://www.suse.com/security/cve/CVE-2024-43802"
},
{
"category": "external",
"summary": "SUSE Bug 1229822 for CVE-2024-43802",
"url": "https://bugzilla.suse.com/1229822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:24Z",
"details": "moderate"
}
],
"title": "CVE-2024-43802"
},
{
"cve": "CVE-2024-45306",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45306"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of\na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at\nthe specified cursor position. It\u0027s not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That\u0027s why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45306",
"url": "https://www.suse.com/security/cve/CVE-2024-45306"
},
{
"category": "external",
"summary": "SUSE Bug 1230078 for CVE-2024-45306",
"url": "https://bugzilla.suse.com/1230078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:24Z",
"details": "moderate"
}
],
"title": "CVE-2024-45306"
},
{
"cve": "CVE-2025-1215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1215"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1215",
"url": "https://www.suse.com/security/cve/CVE-2025-1215"
},
{
"category": "external",
"summary": "SUSE Bug 1237137 for CVE-2025-1215",
"url": "https://bugzilla.suse.com/1237137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:24Z",
"details": "low"
}
],
"title": "CVE-2025-1215"
},
{
"cve": "CVE-2025-22134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22134"
}
],
"notes": [
{
"category": "general",
"text": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won\u0027t try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22134",
"url": "https://www.suse.com/security/cve/CVE-2025-22134"
},
{
"category": "external",
"summary": "SUSE Bug 1235695 for CVE-2025-22134",
"url": "https://bugzilla.suse.com/1235695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:24Z",
"details": "moderate"
}
],
"title": "CVE-2025-22134"
},
{
"cve": "CVE-2025-24014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24014"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn\u0027t show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn\u0027t been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24014",
"url": "https://www.suse.com/security/cve/CVE-2025-24014"
},
{
"category": "external",
"summary": "SUSE Bug 1236151 for CVE-2025-24014",
"url": "https://bugzilla.suse.com/1236151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gvim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-9.1.1101-17.41.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-9.1.1101-17.41.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:vim-data-common-9.1.1101-17.41.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:24Z",
"details": "moderate"
}
],
"title": "CVE-2025-24014"
}
]
}
suse-su-2025:0723-1
Vulnerability from csaf_suse
Published
2025-02-26 13:29
Modified
2025-02-26 13:29
Summary
Security update for vim
Notes
Title of the patch
Security update for vim
Description of the patch
This update for vim fixes the following issues:
Update to version 9.1.1101:
- CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685).
- CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822).
- CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078).
- CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode
(bsc#1235695).
- CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151).
- CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137).
Patchnames
SUSE-2025-723,SUSE-SLE-Micro-5.5-2025-723,SUSE-SLE-Module-Basesystem-15-SP6-2025-723,SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-723,openSUSE-SLE-15.6-2025-723
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for vim",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for vim fixes the following issues:\n\nUpdate to version 9.1.1101:\n\n- CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685).\n- CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822).\n- CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078).\n- CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode\n (bsc#1235695).\n- CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151).\n- CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-723,SUSE-SLE-Micro-5.5-2025-723,SUSE-SLE-Module-Basesystem-15-SP6-2025-723,SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-723,openSUSE-SLE-15.6-2025-723",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0723-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0723-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250723-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0723-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020448.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229685",
"url": "https://bugzilla.suse.com/1229685"
},
{
"category": "self",
"summary": "SUSE Bug 1229822",
"url": "https://bugzilla.suse.com/1229822"
},
{
"category": "self",
"summary": "SUSE Bug 1230078",
"url": "https://bugzilla.suse.com/1230078"
},
{
"category": "self",
"summary": "SUSE Bug 1235695",
"url": "https://bugzilla.suse.com/1235695"
},
{
"category": "self",
"summary": "SUSE Bug 1236151",
"url": "https://bugzilla.suse.com/1236151"
},
{
"category": "self",
"summary": "SUSE Bug 1237137",
"url": "https://bugzilla.suse.com/1237137"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43802 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45306 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45306/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1215 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22134 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24014/"
}
],
"title": "Security update for vim",
"tracking": {
"current_release_date": "2025-02-26T13:29:44Z",
"generator": {
"date": "2025-02-26T13:29:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0723-1",
"initial_release_date": "2025-02-26T13:29:44Z",
"revision_history": [
{
"date": "2025-02-26T13:29:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150500.20.21.1.aarch64",
"product": {
"name": "gvim-9.1.1101-150500.20.21.1.aarch64",
"product_id": "gvim-9.1.1101-150500.20.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150500.20.21.1.aarch64",
"product": {
"name": "vim-9.1.1101-150500.20.21.1.aarch64",
"product_id": "vim-9.1.1101-150500.20.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150500.20.21.1.aarch64",
"product": {
"name": "vim-small-9.1.1101-150500.20.21.1.aarch64",
"product_id": "vim-small-9.1.1101-150500.20.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150500.20.21.1.i586",
"product": {
"name": "gvim-9.1.1101-150500.20.21.1.i586",
"product_id": "gvim-9.1.1101-150500.20.21.1.i586"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150500.20.21.1.i586",
"product": {
"name": "vim-9.1.1101-150500.20.21.1.i586",
"product_id": "vim-9.1.1101-150500.20.21.1.i586"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150500.20.21.1.i586",
"product": {
"name": "vim-small-9.1.1101-150500.20.21.1.i586",
"product_id": "vim-small-9.1.1101-150500.20.21.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "vim-data-9.1.1101-150500.20.21.1.noarch",
"product": {
"name": "vim-data-9.1.1101-150500.20.21.1.noarch",
"product_id": "vim-data-9.1.1101-150500.20.21.1.noarch"
}
},
{
"category": "product_version",
"name": "vim-data-common-9.1.1101-150500.20.21.1.noarch",
"product": {
"name": "vim-data-common-9.1.1101-150500.20.21.1.noarch",
"product_id": "vim-data-common-9.1.1101-150500.20.21.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150500.20.21.1.ppc64le",
"product": {
"name": "gvim-9.1.1101-150500.20.21.1.ppc64le",
"product_id": "gvim-9.1.1101-150500.20.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150500.20.21.1.ppc64le",
"product": {
"name": "vim-9.1.1101-150500.20.21.1.ppc64le",
"product_id": "vim-9.1.1101-150500.20.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150500.20.21.1.ppc64le",
"product": {
"name": "vim-small-9.1.1101-150500.20.21.1.ppc64le",
"product_id": "vim-small-9.1.1101-150500.20.21.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150500.20.21.1.s390x",
"product": {
"name": "gvim-9.1.1101-150500.20.21.1.s390x",
"product_id": "gvim-9.1.1101-150500.20.21.1.s390x"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150500.20.21.1.s390x",
"product": {
"name": "vim-9.1.1101-150500.20.21.1.s390x",
"product_id": "vim-9.1.1101-150500.20.21.1.s390x"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150500.20.21.1.s390x",
"product": {
"name": "vim-small-9.1.1101-150500.20.21.1.s390x",
"product_id": "vim-small-9.1.1101-150500.20.21.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150500.20.21.1.x86_64",
"product": {
"name": "gvim-9.1.1101-150500.20.21.1.x86_64",
"product_id": "gvim-9.1.1101-150500.20.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150500.20.21.1.x86_64",
"product": {
"name": "vim-9.1.1101-150500.20.21.1.x86_64",
"product_id": "vim-9.1.1101-150500.20.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150500.20.21.1.x86_64",
"product": {
"name": "vim-small-9.1.1101-150500.20.21.1.x86_64",
"product_id": "vim-small-9.1.1101-150500.20.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-desktop-applications:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-common-9.1.1101-150500.20.21.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch"
},
"product_reference": "vim-data-common-9.1.1101-150500.20.21.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-9.1.1101-150500.20.21.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64"
},
"product_reference": "vim-9.1.1101-150500.20.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-9.1.1101-150500.20.21.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le"
},
"product_reference": "vim-9.1.1101-150500.20.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-9.1.1101-150500.20.21.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x"
},
"product_reference": "vim-9.1.1101-150500.20.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-9.1.1101-150500.20.21.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64"
},
"product_reference": "vim-9.1.1101-150500.20.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-9.1.1101-150500.20.21.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch"
},
"product_reference": "vim-data-9.1.1101-150500.20.21.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-common-9.1.1101-150500.20.21.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch"
},
"product_reference": "vim-data-common-9.1.1101-150500.20.21.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvim-9.1.1101-150500.20.21.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64"
},
"product_reference": "gvim-9.1.1101-150500.20.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvim-9.1.1101-150500.20.21.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le"
},
"product_reference": "gvim-9.1.1101-150500.20.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvim-9.1.1101-150500.20.21.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x"
},
"product_reference": "gvim-9.1.1101-150500.20.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvim-9.1.1101-150500.20.21.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64"
},
"product_reference": "gvim-9.1.1101-150500.20.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvim-9.1.1101-150500.20.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64"
},
"product_reference": "gvim-9.1.1101-150500.20.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvim-9.1.1101-150500.20.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le"
},
"product_reference": "gvim-9.1.1101-150500.20.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvim-9.1.1101-150500.20.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x"
},
"product_reference": "gvim-9.1.1101-150500.20.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gvim-9.1.1101-150500.20.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64"
},
"product_reference": "gvim-9.1.1101-150500.20.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-9.1.1101-150500.20.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64"
},
"product_reference": "vim-9.1.1101-150500.20.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-9.1.1101-150500.20.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le"
},
"product_reference": "vim-9.1.1101-150500.20.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-9.1.1101-150500.20.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x"
},
"product_reference": "vim-9.1.1101-150500.20.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-9.1.1101-150500.20.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64"
},
"product_reference": "vim-9.1.1101-150500.20.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-9.1.1101-150500.20.21.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch"
},
"product_reference": "vim-data-9.1.1101-150500.20.21.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-common-9.1.1101-150500.20.21.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch"
},
"product_reference": "vim-data-common-9.1.1101-150500.20.21.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150500.20.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
},
"product_reference": "vim-small-9.1.1101-150500.20.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43790"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed. This happens by allocating a new buffer. If the search pattern contains some ASCII NUL characters, the buffer allocated will be smaller than the original allocated buffer (because for allocating the reversed buffer, the strlen() function is called, which only counts until it notices an ASCII NUL byte ) and thus the original length indicator is wrong. This causes an overflow when accessing characters inside the msgbuf by the previously (now wrong) length of the msgbuf. The issue has been fixed as of Vim patch v9.1.0689.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43790",
"url": "https://www.suse.com/security/cve/CVE-2024-43790"
},
{
"category": "external",
"summary": "SUSE Bug 1229685 for CVE-2024-43790",
"url": "https://bugzilla.suse.com/1229685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:44Z",
"details": "moderate"
}
],
"title": "CVE-2024-43790"
},
{
"cve": "CVE-2024-43802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43802"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It\u0027s not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43802",
"url": "https://www.suse.com/security/cve/CVE-2024-43802"
},
{
"category": "external",
"summary": "SUSE Bug 1229822 for CVE-2024-43802",
"url": "https://bugzilla.suse.com/1229822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:44Z",
"details": "moderate"
}
],
"title": "CVE-2024-43802"
},
{
"cve": "CVE-2024-45306",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45306"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of\na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at\nthe specified cursor position. It\u0027s not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That\u0027s why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45306",
"url": "https://www.suse.com/security/cve/CVE-2024-45306"
},
{
"category": "external",
"summary": "SUSE Bug 1230078 for CVE-2024-45306",
"url": "https://bugzilla.suse.com/1230078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:44Z",
"details": "moderate"
}
],
"title": "CVE-2024-45306"
},
{
"cve": "CVE-2025-1215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1215"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1215",
"url": "https://www.suse.com/security/cve/CVE-2025-1215"
},
{
"category": "external",
"summary": "SUSE Bug 1237137 for CVE-2025-1215",
"url": "https://bugzilla.suse.com/1237137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:44Z",
"details": "low"
}
],
"title": "CVE-2025-1215"
},
{
"cve": "CVE-2025-22134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22134"
}
],
"notes": [
{
"category": "general",
"text": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won\u0027t try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22134",
"url": "https://www.suse.com/security/cve/CVE-2025-22134"
},
{
"category": "external",
"summary": "SUSE Bug 1235695 for CVE-2025-22134",
"url": "https://bugzilla.suse.com/1235695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:44Z",
"details": "moderate"
}
],
"title": "CVE-2025-22134"
},
{
"cve": "CVE-2025-24014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24014"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn\u0027t show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn\u0027t been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24014",
"url": "https://www.suse.com/security/cve/CVE-2025-24014"
},
{
"category": "external",
"summary": "SUSE Bug 1236151 for CVE-2025-24014",
"url": "https://bugzilla.suse.com/1236151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Micro 5.5:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:vim-small-9.1.1101-150500.20.21.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:gvim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-9.1.1101-150500.20.21.1.x86_64",
"openSUSE Leap 15.6:vim-data-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-data-common-9.1.1101-150500.20.21.1.noarch",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.aarch64",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.ppc64le",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.s390x",
"openSUSE Leap 15.6:vim-small-9.1.1101-150500.20.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:29:44Z",
"details": "moderate"
}
],
"title": "CVE-2025-24014"
}
]
}
suse-su-2025:0724-1
Vulnerability from csaf_suse
Published
2025-02-26 13:30
Modified
2025-02-26 13:30
Summary
Security update for vim
Notes
Title of the patch
Security update for vim
Description of the patch
This update for vim fixes the following issues:
Update to version 9.1.1101:
- CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685).
- CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822).
- CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078).
- CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode
(bsc#1235695).
- CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151).
- CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137).
Patchnames
SUSE-2025-724,SUSE-SLE-Micro-5.3-2025-724,SUSE-SLE-Micro-5.4-2025-724,SUSE-SUSE-MicroOS-5.1-2025-724,SUSE-SUSE-MicroOS-5.2-2025-724
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for vim",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for vim fixes the following issues:\n\nUpdate to version 9.1.1101:\n\n- CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685).\n- CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822).\n- CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078).\n- CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode\n (bsc#1235695).\n- CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151).\n- CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-724,SUSE-SLE-Micro-5.3-2025-724,SUSE-SLE-Micro-5.4-2025-724,SUSE-SUSE-MicroOS-5.1-2025-724,SUSE-SUSE-MicroOS-5.2-2025-724",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0724-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0724-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250724-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0724-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020447.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229685",
"url": "https://bugzilla.suse.com/1229685"
},
{
"category": "self",
"summary": "SUSE Bug 1229822",
"url": "https://bugzilla.suse.com/1229822"
},
{
"category": "self",
"summary": "SUSE Bug 1230078",
"url": "https://bugzilla.suse.com/1230078"
},
{
"category": "self",
"summary": "SUSE Bug 1235695",
"url": "https://bugzilla.suse.com/1235695"
},
{
"category": "self",
"summary": "SUSE Bug 1236151",
"url": "https://bugzilla.suse.com/1236151"
},
{
"category": "self",
"summary": "SUSE Bug 1237137",
"url": "https://bugzilla.suse.com/1237137"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43802 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45306 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45306/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1215 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22134 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24014/"
}
],
"title": "Security update for vim",
"tracking": {
"current_release_date": "2025-02-26T13:30:28Z",
"generator": {
"date": "2025-02-26T13:30:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0724-1",
"initial_release_date": "2025-02-26T13:30:28Z",
"revision_history": [
{
"date": "2025-02-26T13:30:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150000.5.69.1.aarch64",
"product": {
"name": "gvim-9.1.1101-150000.5.69.1.aarch64",
"product_id": "gvim-9.1.1101-150000.5.69.1.aarch64"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150000.5.69.1.aarch64",
"product": {
"name": "vim-9.1.1101-150000.5.69.1.aarch64",
"product_id": "vim-9.1.1101-150000.5.69.1.aarch64"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150000.5.69.1.aarch64",
"product": {
"name": "vim-small-9.1.1101-150000.5.69.1.aarch64",
"product_id": "vim-small-9.1.1101-150000.5.69.1.aarch64"
}
},
{
"category": "product_version",
"name": "xxd-9.1.1101-150000.5.69.1.aarch64",
"product": {
"name": "xxd-9.1.1101-150000.5.69.1.aarch64",
"product_id": "xxd-9.1.1101-150000.5.69.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150000.5.69.1.i586",
"product": {
"name": "gvim-9.1.1101-150000.5.69.1.i586",
"product_id": "gvim-9.1.1101-150000.5.69.1.i586"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150000.5.69.1.i586",
"product": {
"name": "vim-9.1.1101-150000.5.69.1.i586",
"product_id": "vim-9.1.1101-150000.5.69.1.i586"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150000.5.69.1.i586",
"product": {
"name": "vim-small-9.1.1101-150000.5.69.1.i586",
"product_id": "vim-small-9.1.1101-150000.5.69.1.i586"
}
},
{
"category": "product_version",
"name": "xxd-9.1.1101-150000.5.69.1.i586",
"product": {
"name": "xxd-9.1.1101-150000.5.69.1.i586",
"product_id": "xxd-9.1.1101-150000.5.69.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "vim-data-9.1.1101-150000.5.69.1.noarch",
"product": {
"name": "vim-data-9.1.1101-150000.5.69.1.noarch",
"product_id": "vim-data-9.1.1101-150000.5.69.1.noarch"
}
},
{
"category": "product_version",
"name": "vim-data-common-9.1.1101-150000.5.69.1.noarch",
"product": {
"name": "vim-data-common-9.1.1101-150000.5.69.1.noarch",
"product_id": "vim-data-common-9.1.1101-150000.5.69.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150000.5.69.1.ppc64le",
"product": {
"name": "gvim-9.1.1101-150000.5.69.1.ppc64le",
"product_id": "gvim-9.1.1101-150000.5.69.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150000.5.69.1.ppc64le",
"product": {
"name": "vim-9.1.1101-150000.5.69.1.ppc64le",
"product_id": "vim-9.1.1101-150000.5.69.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150000.5.69.1.ppc64le",
"product": {
"name": "vim-small-9.1.1101-150000.5.69.1.ppc64le",
"product_id": "vim-small-9.1.1101-150000.5.69.1.ppc64le"
}
},
{
"category": "product_version",
"name": "xxd-9.1.1101-150000.5.69.1.ppc64le",
"product": {
"name": "xxd-9.1.1101-150000.5.69.1.ppc64le",
"product_id": "xxd-9.1.1101-150000.5.69.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150000.5.69.1.s390x",
"product": {
"name": "gvim-9.1.1101-150000.5.69.1.s390x",
"product_id": "gvim-9.1.1101-150000.5.69.1.s390x"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150000.5.69.1.s390x",
"product": {
"name": "vim-9.1.1101-150000.5.69.1.s390x",
"product_id": "vim-9.1.1101-150000.5.69.1.s390x"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150000.5.69.1.s390x",
"product": {
"name": "vim-small-9.1.1101-150000.5.69.1.s390x",
"product_id": "vim-small-9.1.1101-150000.5.69.1.s390x"
}
},
{
"category": "product_version",
"name": "xxd-9.1.1101-150000.5.69.1.s390x",
"product": {
"name": "xxd-9.1.1101-150000.5.69.1.s390x",
"product_id": "xxd-9.1.1101-150000.5.69.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gvim-9.1.1101-150000.5.69.1.x86_64",
"product": {
"name": "gvim-9.1.1101-150000.5.69.1.x86_64",
"product_id": "gvim-9.1.1101-150000.5.69.1.x86_64"
}
},
{
"category": "product_version",
"name": "vim-9.1.1101-150000.5.69.1.x86_64",
"product": {
"name": "vim-9.1.1101-150000.5.69.1.x86_64",
"product_id": "vim-9.1.1101-150000.5.69.1.x86_64"
}
},
{
"category": "product_version",
"name": "vim-small-9.1.1101-150000.5.69.1.x86_64",
"product": {
"name": "vim-small-9.1.1101-150000.5.69.1.x86_64",
"product_id": "vim-small-9.1.1101-150000.5.69.1.x86_64"
}
},
{
"category": "product_version",
"name": "xxd-9.1.1101-150000.5.69.1.x86_64",
"product": {
"name": "xxd-9.1.1101-150000.5.69.1.x86_64",
"product_id": "xxd-9.1.1101-150000.5.69.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-common-9.1.1101-150000.5.69.1.noarch as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch"
},
"product_reference": "vim-data-common-9.1.1101-150000.5.69.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-common-9.1.1101-150000.5.69.1.noarch as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch"
},
"product_reference": "vim-data-common-9.1.1101-150000.5.69.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-common-9.1.1101-150000.5.69.1.noarch as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch"
},
"product_reference": "vim-data-common-9.1.1101-150000.5.69.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-common-9.1.1101-150000.5.69.1.noarch as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch"
},
"product_reference": "vim-data-common-9.1.1101-150000.5.69.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-150000.5.69.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64"
},
"product_reference": "vim-small-9.1.1101-150000.5.69.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xxd-9.1.1101-150000.5.69.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64"
},
"product_reference": "xxd-9.1.1101-150000.5.69.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43790"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed. This happens by allocating a new buffer. If the search pattern contains some ASCII NUL characters, the buffer allocated will be smaller than the original allocated buffer (because for allocating the reversed buffer, the strlen() function is called, which only counts until it notices an ASCII NUL byte ) and thus the original length indicator is wrong. This causes an overflow when accessing characters inside the msgbuf by the previously (now wrong) length of the msgbuf. The issue has been fixed as of Vim patch v9.1.0689.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43790",
"url": "https://www.suse.com/security/cve/CVE-2024-43790"
},
{
"category": "external",
"summary": "SUSE Bug 1229685 for CVE-2024-43790",
"url": "https://bugzilla.suse.com/1229685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:30:28Z",
"details": "moderate"
}
],
"title": "CVE-2024-43790"
},
{
"cve": "CVE-2024-43802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43802"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It\u0027s not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43802",
"url": "https://www.suse.com/security/cve/CVE-2024-43802"
},
{
"category": "external",
"summary": "SUSE Bug 1229822 for CVE-2024-43802",
"url": "https://bugzilla.suse.com/1229822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:30:28Z",
"details": "moderate"
}
],
"title": "CVE-2024-43802"
},
{
"cve": "CVE-2024-45306",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45306"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of\na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at\nthe specified cursor position. It\u0027s not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That\u0027s why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45306",
"url": "https://www.suse.com/security/cve/CVE-2024-45306"
},
{
"category": "external",
"summary": "SUSE Bug 1230078 for CVE-2024-45306",
"url": "https://bugzilla.suse.com/1230078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:30:28Z",
"details": "moderate"
}
],
"title": "CVE-2024-45306"
},
{
"cve": "CVE-2025-1215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1215"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1215",
"url": "https://www.suse.com/security/cve/CVE-2025-1215"
},
{
"category": "external",
"summary": "SUSE Bug 1237137 for CVE-2025-1215",
"url": "https://bugzilla.suse.com/1237137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:30:28Z",
"details": "low"
}
],
"title": "CVE-2025-1215"
},
{
"cve": "CVE-2025-22134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22134"
}
],
"notes": [
{
"category": "general",
"text": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won\u0027t try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22134",
"url": "https://www.suse.com/security/cve/CVE-2025-22134"
},
{
"category": "external",
"summary": "SUSE Bug 1235695 for CVE-2025-22134",
"url": "https://bugzilla.suse.com/1235695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:30:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-22134"
},
{
"cve": "CVE-2025-24014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24014"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn\u0027t show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn\u0027t been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24014",
"url": "https://www.suse.com/security/cve/CVE-2025-24014"
},
{
"category": "external",
"summary": "SUSE Bug 1236151 for CVE-2025-24014",
"url": "https://bugzilla.suse.com/1236151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.1:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.2:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.3:xxd-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:vim-data-common-9.1.1101-150000.5.69.1.noarch",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:vim-small-9.1.1101-150000.5.69.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.s390x",
"SUSE Linux Enterprise Micro 5.4:xxd-9.1.1101-150000.5.69.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-26T13:30:28Z",
"details": "moderate"
}
],
"title": "CVE-2025-24014"
}
]
}
suse-su-2025:20128-1
Vulnerability from csaf_suse
Published
2025-02-25 13:12
Modified
2025-02-25 13:12
Summary
Security update for vim
Notes
Title of the patch
Security update for vim
Description of the patch
This update for vim fixes the following issues:
vim was updated to 9.1.1101:
- CVE-2024-43374: Fixed use-after-free in alist_add() (bsc#1229238)
- CVE-2024-43790: Fixed Out of bounds read when performing a search command (bsc#1229685)
- CVE-2024-43802: Fixed heap-buffer-overflow in ins_typebuf() (bsc#1229822)
- CVE-2024-45306: Fixed heap-buffer-overflow in Vim (bsc#1230078)
- CVE-2024-47814: Fixed use-after-free when closing buffers in Vim (bsc#1231373)
- CVE-2025-1215: Fixed manipulation of the argument --log leads to memory corruption (bsc#1237137)
- CVE-2025-22134: Fixed heap-buffer-overflow in Vim < 9.1.1003 (bsc#1235695)
- CVE-2025-24014: Fixed segmentation fault in win_line() in Vim < 9.1.1043 (bsc#1236151)
Update to 9.1.1101:
* insexpand.c hard to read
* tests: Test_log_nonexistent only works on Linux
* Update base-syntax, improve variable matching
* Vim9: import with extends may crash
* leaking memory with completing multi lines
* --log with non-existent path causes a crash
* if_perl: Perl 5.38 adds new symbols causing link failure
* tests: matchparen plugin test wrongly named
* Vim9: problem finding implemented method in type hierarchy
* runtime(qf): Update syntax file, match second delimiter
* tests: output of test ...win32_ctrl_z depends on python version
* tests: fix expected return code for python 3.13 on Windows
* tests: timeout might be a bit too small
* tests: test_terminwscroll_topline2 unreliable
* tests: No check when tests are run under Github actions
* tests: plugin tests are named inconsistently
* Vim9: import with extends may crash
* completion doesn't work with multi lines
* filetype: cmmt files are not recognized
* Unable to persistently ignore events in a window and its buffers
* improve syntax highlighting
* setreg() doesn't correctly handle mbyte chars in blockwise mode
* unexpected DCS responses may cause out of bounds reads
* has('bsd') is true for GNU/Hurd
* filetype: Mill files are not recognized
* GUI late startup leads to uninitialized scrollbars
* Add support for lz4 to tar & gzip plugin
* Terminal ansi colors off by one after tgc reset
* included syntax items do not understand contains=TOP
* vim_strnchr() is strange and unnecessary
* Vim9: len variable not used in compile_load()
* runtime(vim): Update base-syntax, match :debuggreedy count prefix
* Strange error when heredoc marker starts with "trim"
* tests: test_compiler fails on Windows without Maven
* 'diffopt' "linematch" cannot be used with {n} less than 10
* args missing after failing to redefine a function
* Cannot control cursor positioning of getchar()
* preinsert text completions not deleted with <C-W>/<C-U>
* getchar() can't distinguish between C-I and Tab
* tests: Test_termwinscroll_topline2 fails on MacOS
* heap-use-after-free and stack-use-after-scope with :14verbose
* no digraph for "Approaches the limit"
* not possible to use plural forms with gettext()
* too many strlen() calls in userfunc.c
* terminal: E315 when dragging the terminal with the mouse
* runtime(openPlugin): fix unclosed parenthesis in GetWordUnderCursor()
* runtime(doc): Tweak documentation style a bit
* tests: test_glvs fails when unarchiver not available
* Vim always enables 'termguicolors' in a terminal
* completion: input text deleted with preinsert when adding leader
* translation(sr): Missing Serbian translation for the tutor
* Superfluous cleanup steps in test_ins_complete.vim
* runtime(netrw): correct wrong version check
* Vim doesn't highlight to be inserted text when completing
* runtime(netrw): upstream snapshot of v176
* runtime(dist/vim9): fix regressions in dist#vim9#Open
* runtime(hyprlang): fix string recognition
* make install fails because of a missing dependency
* runtime(asm): add byte directives to syntax script
* Vim doesn't work well with TERM=xterm-direct
* runtime(filetype): commit 99181205c5f8284a3 breaks V lang detection
* runtime: decouple Open and Launch commands and gx mapping from netrw
* "nosort" enables fuzzy filtering even if "fuzzy" isn't in 'completeopt'
* runtime(just): fix typo in syntax file
* runtime(filetype): Improve Verilog detection by checking for modules definition
* tests: off-by-one error in CheckCWD in test_debugger.vim
* tests: no support for env variables when running Vim in terminal
* too many strlen() calls in os_unix.c
* insert-completed items are always sorted
* crash after scrolling and pasting in silent Ex mode
* Makefiles uses non-portable syntax
* fuzzymatching doesn't prefer matching camelcase
* filetype: N-Tripels and TriG files are not recognized
* Vim9: Patch 9.1.1014 causes regressions
* translation(sr): Update Serbian messages translation
Update to 9.1.1043:
* [security]: segfault in win_line()
* update helptags
* filetype: just files are not recognized
* Update base-syntax, match ternary and falsy operators
* Vim9: out-of-bound access when echoing an enum
* Vim9: imported type cannot be used as func return type
* runtime(kconfig): updated ftplugin and syntax script
* runtime(doc): rename last t_BG reference to t_RB
* Vim9: comments are outdated
* tests: test_channel.py fails with IPv6
* runtime(vim): Update base-syntax, fix is/isnot operator matching
* Vim9: confusing error when using abstract method via super
* make install fails when using shadowdir
* Vim9: memory leak with blob2str()
* runtime(tex): add texEmphStyle to texMatchGroup in syntax script
* runtime(netrw): upstream snapshot of v175
* Vim9: compiling abstract method fails without return
* runtime(c): add new constexpr keyword to syntax file (C23)
* tests: shaderslang was removed from test_filetype erroneously
* link error when FEAT_SPELL not defined
* Coverity complains about insecure data handling
* runtime(sh): update syntax script
* runtime(c): Add missing syntax test files
* filetype: setting bash filetype is backwards incompatible
* runtime(c): Update syntax and ftplugin files
* the installer can be improved
* too many strlen() calls in screen.c
* no sanitize check when running linematch
* filetype: swc configuration files are not recognized
* runtime(netrw): change netrw maintainer
* wrong return type of blob2str()
* blob2str/str2blob() do not support list of strings
* runtime(doc): fix typo in usr_02.txt
* Coverity complains about dereferencing NULL pointer
* linematch option value not completed
* string might be used without a trailing NUL
* no way to get current selected item in a async context
* filetype: fd ignore files are not recognized
* v9.1.0743 causes regression with diff mode
* runtime(doc): fix base64 encode/decode examples
* Vim9: Patch 9.1.1013 causes a few problems
* Not possible to convert string2blob and blob2string
* Coverity complains about dereferencing NULL value
* Vim9: variable not found in transitive import
* runtime(colors): Update colorschemes, include new unokai colorscheme
* runtime(lyrics): support milliseconds in syntax script
* runtime(vim): Split Vim legacy and Vim9 script indent tests
* Vim9: class interface inheritance not correctly working
* popupmenu internal error with some abbr in completion item
* filetype: VisualCode setting file not recognized
* diff feature can be improved
* filetype: various ignore are not recognized
* tests: Load screendump files with "git vimdumps"
* PmenuMatch completion highlight can be combined
* completion text is highlighted even with no pattern found
* tests: a few termdebug tests are flaky
* [security]: heap-buffer-overflow with visual mode
* runtime(doc): add package-<name> helptags for included packages
* Vim9: unknown func error with interface declaring func var
* runtime(filetype): don't detect string interpolation as angular
* ComplMatchIns highlight hard to read on light background
* runtime(vim): Update base-syntax, highlight literal string quote escape
* runtime(editorconfig): set omnifunc to syntaxcomplete func
* tests: ruby tests fail with Ruby 3.4
* Vim9: leaking finished exception
* runtime(tiasm): use correct syntax name tiasm in syntax script
* filetype: TI assembly files are not recognized
* too many strlen() calls in drawscreen.c
* runtime(xf86conf): add section name OutputClass to syntax script
* ComplMatchIns may highlight wrong text
* runtime(vim): Update base-syntax, improve ex-bang matching
* runtime(doc): clarify buffer deletion on popup_close()
* filetype: shaderslang files are not detected
* Vim9: not able to use comment after opening curly brace
Update to 9.1.0993:
* 9.1.0993: New 'cmdheight' behavior may be surprising
* runtime(sh): fix typo in Last Change header
* 9.1.0992: Vim9: double-free after v9.1.0988
* 9.1.0991: v:stacktrace has wrong type in Vim9 script
* runtime(sh): add PS0 to bashSpecialVariables in syntax script
* runtime(vim): Remove trailing comma from match_words
* runtime(zsh): sync syntax script with upstream repo
* runtime(doc): Capitalise the mnemonic "Zero" for the 'z' flag of search()
* 9.1.0990: Inconsistent behavior when changing cmdheight
* 9.1.0989: Vim9: Whitespace after the final enum value causes a syntax error
* runtime(java): Quietly opt out for unsupported markdown.vim versions
* runtime(vim): fix failing vim syntax test
* 9.1.0988: Vim9: no error when using uninitialized var in new()
* runtime(doc): update index.txt
* 9.1.0987: filetype: cake files are not recognized
* 9.1.0986: filetype: 'jj' filetype is a bit imprecise
* runtime(jj): Support diffs in jj syntax
* runtime(vim): Update matchit pattern, no Vim9 short names
* 9.1.0985: Vim9: some ex commands can be shortened
* 9.1.0984: exception handling can be improved
* runtime(doc): update doc for :horizontal
* runtime(doc): update index.txt, windows.txt and version9.txt
* runtime(doc): Tweak documentation about base64 function
* runtime(chordpro): update syntax script
* 9.1.0983: not able to get the displayed items in complete_info()
* runtime(doc): use standard SGR format at :h xterm-true-color
* 9.1.0982: TI linker files are not recognized
* runtime(vim): update vim generator syntax script
* 9.1.0981: tests: typo in test_filetype.vim
* 9.1.0980: no support for base64 en-/decoding functions in Vim Script
* syntax(sh): Improve the recognition of bracket expressions
* runtime(doc): mention how NUL bytes are handled
* 9.1.0979: VMS: type warning with $XDG_VIMRC_FILE
* 9.1.0978: GUI tests sometimes fail when setting 'scroll' options
* 9.1.0977: filetype: msbuild filetypes are not recognized
* 9.1.0976: Vim9: missing return statement with throw
* 9.1.0975: Vim9: interpolated string expr not working in object methods
* 9.1.0974: typo in change of commit v9.1.0873
* 9.1.0973: too many strlen() calls in fileio.c
* runtime(sh): set shellcheck as the compiler for supported shells
* runtime(doc): Fix enum example syntax
* 9.1.0972: filetype: TI linker map files are not recognized
* runtime(vim): Improve syntax script generator for Vim Script
* 9.1.0971: filetype: SLNX files are not recognized
* 9.1.0970: VMS: build errors on VMS architecture
* runtime(doc): Fix documentation typos
* runtime(doc): update for new keyprotocol option value (after v9.1.0969)
* 9.1.0969: ghostty not using kitty protocol by default
* 9.1.0968: tests: GetFileNameChecks() isn't fully sorted by filetype name
* runtime(doc): update version9.txt for bash filetype
* runtime(netrw): update last change header for #16265
* runtime(doc): fix doc error in :r behaviour
* 9.1.0967: SpotBugs compiler setup can be further improved
* 9.1.0966: Vim9: :enum command can be shortened
* runtime(compiler): include a basic bash syntax checker compiler
* 9.1.0965: filetype: sh filetype set when detecting the use of bash
* runtime(doc): clarify ARCH value for 32-bit in INSTALLpc.txt
* 9.1.0963: fuzzy-matching does not prefer full match
* 9.1.0962: filetype: bun.lock file is not recognized
* runtime(vim): update indentation plugin for Vim script
* runtime(doc): tweak documentation style in helphelp.txt
* runtime(vim): Update base-syntax, allow parens in default arguments
* runtime(doc): mention auto-format using clang-format for sound.c/sign.c
* runtime(help): fix typo s/additional/arbitrary/
* runtime(help): Add better support for language annotation highlighting
* 9.1.0961: filetype: TI gel files are not recognized
* 9.1.0960: filetype: hy history files are not recognized
* translation(fi): Fix typoes in Finish menu translation
* 9.1.0959: Coverity complains about type conversion
* runtime(vim): Use supported syntax in indent tests
* 9.1.0958: filetype: supertux2 config files detected as lisp
* 9.1.0956: completion may crash, completion highlight wrong with preview window
* 9.1.0955: Vim9: vim9compile.c can be further improved
* runtime(doc): move help tag E1182
* runtime(graphql): contribute vim-graphql to Vim core
* 9.1.0954: popupmenu.c can be improved
* 9.1.0953: filetype: APKBUILD files not correctly detected
* 9.1.0952: Vim9: missing type checking for any type assignment
* 9.1.0951: filetype: jshell files are not recognized
* runtime(dockerfile): do not set commentstring in syntax script
* 9.1.0950: filetype: fennelrc files are not recognized
* runtime(netrw): do not double escape Vim special characters
* git: ignore reformatting change of netrw plugin
* runtime(netrw): more reformating #16248
* runtime(doc): Add a note about handling symbolic links in starting.txt
* 9.1.0949: popups inconsistently shifted to the left
* git: ignore reformatting change of netrw plugin
* runtime(netrw): change indent size from 1 to 2
* 9.1.0948: Missing cmdline completion for :pbuffer
* runtime(tutor): Reformat tutor1
* 9.1.0947: short-description
* 9.1.0946: cross-compiling fails on osx-arm64
* 9.1.0945: ComplMatchIns highlight doesn't end after inserted text
* translation(sv): re-include the change from #16240
* 9.1.0944: tests: test_registers fails when not run under X11
* 9.1.0943: Vim9: vim9compile.c can be further improved
* runtime(doc): Update README and mention make check to verify
* translation(sv): partly revert commit 98874dca6d0b60ccd6fc3a140b3ec
* runtime(vim): update base-syntax after v9.1.0936
* 9.1.0942: a few typos were found
* 9.1.0941: ComplMatchIns doesn't work after multibyte chars
* runtime(doc): Fix style in fold.txt
* translation(sv): Fix typo in Swedish translation
* 9.1.0940: Wrong cursor shape with "gq" and 'indentexpr' executes :normal
* runtime(doc): fix some small errors
* 9.1.0939: make installtutor fails
* 9.1.0938: exclusive selection not respected when re-selecting block mode
* 9.1.0937: test_undolist() is flaky
* 9.1.0936: cannot highlight completed text
* 9.1.0935: SpotBugs compiler can be improved
* 9.1.0934: hard to view an existing buffer in the preview window
* runtime(doc): document how to minimize fold computation costs
* 9.1.0933: Vim9: vim9compile.c can be further improved
* 9.1.0932: new Italian tutor not installed
* runtime(doc): fix a few minor errors from the last doc updates
* translation(it): add Italian translation for the interactive tutor
* runtime(doc): update the change.txt help file
* runtime(help): Add Vim lang annotation support for codeblocks
* 9.1.0931: ml_get error in terminal buffer
* 9.1.0930: tests: test_terminal2 may hang in GUI mode
* 9.1.0929: filetype: lalrpop files are not recognized
* 9.1.0928: tests: test_popupwin fails because the filter command fails
* editorconfig: set trim_trailing_whitespace = false for src/testdir/test*.vim
* 9.1.0927: style issues in insexpand.c
* 9.1.0926: filetype: Pixi lock files are not recognized
* runtime(doc): Add a reference to |++opt| and |+cmd| at `:h :pedit`
* runtime(doc): add a note about inclusive motions and exclusive selection
* 9.1.0925: Vim9: expression compiled when not necessary
* 9.1.0923: too many strlen() calls in filepath.c
* 9.1.0923: wrong MIN macro in popupmenu.c
* 9.1.0921: popupmenu logic is a bit convoluted
* 9.1.0920: Vim9: compile_assignment() too long
* 9.1.0919: filetype: some assembler files are not recognized
* runtime(netrw): do not pollute search history with symlinks
* 9.1.0918: tiny Vim crashes with fuzzy buffer completion
* 9.1.0917: various vartabstop and shiftround bugs when shifting lines
* runtime(typst): add definition lists to formatlistpat, update maintainer
* 9.1.0916: messages.c is exceeding 80 columns
* runtime(proto): include filetype plugin for protobuf
* 9.1.0915: GVim: default font size a bit too small
* 9.1.0914: Vim9: compile_assignment() is too long
* 9.1.0913: no error check for neg values for 'messagesopt'
* runtime(netrw): only check first arg of netrw_browsex_viewer for being executable
* 9.1.0912: xxd: integer overflow with sparse files and -autoskip
* 9.1.0911: Variable name for 'messagesopt' doesn't match short name
* 9.1.0910: 'messagesopt' does not check max wait time
* runtime(doc): update wrong Vietnamese localization tag
* 9.1.0909: Vim9: crash when calling instance method
Update to 9.1.0908:
* 9.1.0908: not possible to configure :messages
* 9.1.0907: printoptions:portrait does not change postscript Orientation
* runtime(doc): Add vietnamese.txt to helps main TOC
* 9.1.0906: filetype: Nvidia PTX files are not recognized
* runtime(doc): updated version9.txt with changes from v9.1.0905
* 9.1.0905: Missing information in CompleteDone event
* 9.1.0904: Vim9: copy-paste error in class_defining_member()
* 9.1.0903: potential overflow in spell_soundfold_wsal()
* runtime(netrw): do not detach when launching external programs in gvim
* runtime(doc): make tag alignment more consistent in filetype.txt
* runtime(doc): fix wrong syntax and style of vietnamese.txt
* translation(it): update Italian manpage for vimtutor
* runtime(lua): add optional lua function folding
* Filelist: include translations for Chapter 2 tutor
* translation(vi): Update Vietnamese translation
* runtime(doc): include vietnamese.txt
* runtime(tutor): fix another typo in tutor2
* runtime(doc): fix typo in vimtutor manpage
* translation(it): update Italian manpage for vimtutor
* translation(it): include Italian version of tutor chapter 2
* runtime(tutor): regenerated some translated tutor1 files
* runtime(tutor): fix typo in Chapter 2
* 9.1.0902: filetype: Conda configuration files are not recognized
* runtime(doc): Tweak documentation style a bit
* runtime(tutor): update the tutor files and re-number the chapters
* runtime(tutor): Update the makefiles for tutor1 and tutor2 files
* 9.1.0901: MS-Windows: vimtutor batch script can be improved
* runtime(doc): remove buffer-local completeopt todo item
* 9.1.0900: Vim9: digraph_getlist() does not accept bool arg
* runtime(typst): provide a formatlistpat in ftplugin
* runtime(doc): Update documentation for "noselect" in 'completeopt'
* 9.1.0899: default for 'backspace' can be set in C code
* runtime(helptoc): reload cached g:helptoc.shell_prompt when starting toc
* translation(ru): Updated messages translation
* 9.1.0898: runtime(compiler): pytest compiler not included
* 9.1.0897: filetype: pyrex files are not detected
* runtime(compiler): update eslint compiler
* 9.1.0896: completion list wrong after v9.1.0891
* runtime(doc): document changed default value for 'history'
* 9.1.0895: default history value is too small
* 9.1.0894: No test for what the spotbug compiler parses
* 9.1.0893: No test that undofile format does not regress
* translation(de): update German manpages
* runtime(compiler): include spotbugs Java linter
* 9.1.0892: the max value of 'tabheight' is limited by other tabpages
* runtime(po): remove poDiffOld/New, add po-format flags to syntax file
* 9.1.0891: building the completion list array is inefficient
* patch 9.1.0890: %! item not allowed for 'rulerformat'
* runtime(gzip): load undofile if there exists one
* 9.1.0889: Possible unnecessary redraw after adding/deleting lines
* 9.1.0888: leftcol property not available in getwininfo()
* 9.1.0887: Wrong expression in sign.c
* 9.1.0886: filetype: debian control file not detected
* runtime(c3): include c3 filetype plugin
* 9.1.0885: style of sign.c can be improved
* 9.1.0884: gcc warns about uninitialized variable
* runtime(apache): Update syntax directives for apache server 2.4.62
* translation(ru): updated vimtutor translation, update MAINTAINERS file
* 9.1.0883: message history cleanup is missing some tests
* runtime(doc): Expand docs on :! vs. :term
* runtime(netrw): Fixing powershell execution issues on Windows
* 9.1.0882: too many strlen() calls in insexpand.c
* 9.1.0881: GUI: message dialog may not get focus
* runtime(netrw): update netrw's decompress logic
* runtime(apache): Update syntax keyword definition
* runtime(misc): add Italian LICENSE and (top-level) README file
* 9.1.0880: filetype: C3 files are not recognized
* runtime(doc): add helptag for :HelpToc command
* 9.1.0879: source is not consistently formatted
* Add clang-format config file
* runtime(compiler): fix escaping of arguments passed to :CompilerSet
* 9.1.0878: termdebug: cannot enable DEBUG mode
* 9.1.0877: tests: missing test for termdebug + decimal signs
* 9.1.0876: filetype: openCL files are not recognized
* 9.1.0875: filetype: hyprlang detection can be improved
* 9.1.0874: filetype: karel files are not detected
* 9.1.0873: filetype: Vivado files are not recognized
* 9.1.0872: No test for W23 message
* 9.1.0871: getcellpixels() can be further improved
* 9.1.0870: too many strlen() calls in eval.c
* 9.1.0869: Problem: curswant not set on gm in folded line
* 9.1.0868: the warning about missing clipboard can be improved
* runtime(doc): Makefile does not clean up all temporary files
* 9.1.0867: ins_compl_add() has too many args
* editorconfig: don't trim trailing whitespaces in runtime/doc
* translation(am): Remove duplicate keys in desktop files
* runtime(doc): update helptags
* runtime(filetype): remove duplicated *.org file pattern
* runtime(cfg): only consider leading // as starting a comment
* 9.1.0866: filetype: LLVM IR files are not recognized
* 9.1.0865: filetype: org files are not recognized
* 9.1.0864: message history is fixed to 200
* 9.1.0863: getcellpixels() can be further improved
* runtime(sh): better function support for bash/zsh in indent script
* runtime(netrw): small fixes to netrw#BrowseX
* 9.1.0862: 'wildmenu' not enabled by default in nocp mode
* runtime(doc): update how to report issues for mac Vim
* runtime(doc): mention option-backslash at :h CompilerSet
* runtime(compiler): include a Java Maven compiler plugin
* runtime(racket): update Racket runtime files
* runtime(doc): improve indentation in examples for netrw-handler
* runtime(doc): improve examples for netrw-handler functions
* runtime(idris2): include filetype,indent+syntax plugins for (L)Idris2 + ipkg
* runtime(doc): clarify the use of filters and external commands
* 9.1.0861: Vim9: no runtime check for object member access of any var
* runtime(compiler): update pylint linter
* 9.1.0860: tests: mouse_shape tests use hard code sleep value
* 9.1.0859: several problems with the GLVS plugin
* 9.1.0858: Coverity complains about dead code
* runtime(tar): Update tar.vim to support permissions
* 9.1.0857: xxd: --- is incorrectly recognized as end-of-options
* 9.1.0851: too many strlen() calls in getchar.c
* 9.1.0850: Vim9: cannot access nested object inside objects
* runtime(tex): extra Number highlighting causes issues
* runtime(vim): Fix indent after :silent! function
* 9.1.0849: there are a few typos in the source
* runtime(netrw): directory symlink not resolved in tree view
* runtime(doc): add a table of supported Operating Systems
* runtime(tex): update Last Change header in syntax script
* runtime(doc): fix typo in g:termdebug_config
* runtime(vim): Update base-syntax, improve :normal highlighting
* runtime(tex): add Number highlighting to syntax file
* runtime(doc): Tweak documentation style a bit
* 9.1.0848: if_lua: v:false/v:true are not evaluated to boolean
* runtime(dune): use :setl instead of :set in ftplugin
* runtime(termdebug): allow to use decimal signs
* translation(it): Updated Italian vimtutor
* runtime(compiler): improve cppcheck
* git: git-blame-ignore-revs shown as an error on Github
* 9.1.0847: tests: test_popupwin fails because of updated help file
* 9.1.0846: debug symbols for xxd are not cleaned in Makefile
* runtime(structurizr): Update structurizr syntax
* runtime(8th): updated 8th syntax
* runtime(doc): Add pi_tutor.txt to help TOC
* runtime(compiler): add mypy and ruff compiler; update pylint linter
* runtime(netrw): fix several bugs in netrw tree listing
* runtime(netrw): prevent polluting the search history
* 9.1.0845: vimtutor shell script can be improved
* 9.1.0844: if_python: no way to pass local vars to python
* 9.1.0843: too many strlen() calls in undo.c
* runtime(doc): update default value for fillchars option
* runtime(compiler): fix typo in cppcheck compiler plugin
* runtime(doc): simplify vimtutor manpage a bit more
* runtime(matchparen): Add matchparen_disable_cursor_hl config option
* 9.1.0842: not checking for the sync() systemcall
* 9.1.0841: tests: still preferring python2 over python3
* 9.1.0840: filetype: idris2 files are not recognized
* 9.1.0839: filetype: leo files are not recognized
* runtime(cook): include cook filetype plugin
* runtime(debversions): Update Debian versions
* patch 9.1.0838: vimtutor is bash-specific
* runtime(doc): add help specific modeline to pi_tutor.txt
* Filelist: vimtutor chapter 2 is missing in Filelist
* 9.1.0837: cross-compiling has some issues
* runtime(vimtutor): Add a second chapter
- update to 9.1.0836
* 9.1.0836: The vimtutor can be improved
* 9.1.0835: :setglobal doesn't work properly for 'ffu' and 'tsrfu'
* 9.1.0834: tests: 2html test fails
* 9.1.0833: CI: recent ASAN changes do not work for indent tests
* 9.1.0832: :set doesn't work for 'cot' and 'bkc' after :setlocal
* runtime(doc): update help-toc description
* runtime(2html): Make links use color scheme colors in TOhtml
* 9.1.0831: 'findexpr' can't be used as lambad or Funcref
* Filelist: include helptoc package
* runtime(doc): include a TOC Vim9 plugin
* Filelist: ignore .git-blame-ignore-revs
* 9.1.0830: using wrong highlight group for spaces for popupmenu
* runtime(typst): synchronize updates from the upstream typst.vim
* git: ignore reformatting commit for git-blame (after v9.1.0829)
* 9.1.0829: Vim source code uses a mix of tabs and spaces
* 9.1.0828: string_T struct could be used more often
* 9.1.0827: CI: tests can be improved
* runtime(doc): remove stray sentence in pi_netrw.txt
* 9.1.0826: filetype: sway files are not recognized
* runtime(doc): Include netrw-gp in TOC
* runtime(doc): mention 'iskeyword' at :h charclass()
* runtime(doc): update help tags
* 9.1.0825: compile error for non-diff builds
* runtime(netrw): fix E874 when browsing remote directory which contains `~` character
* runtime(doc): update coding style documentation
* runtime(debversions): Add plucky (25.04) as Ubuntu release name
* 9.1.0824: too many strlen() calls in register.c
* 9.1.0823: filetype: Zephyr overlay files not recognized
* runtime(doc): Clean up minor formatting issues for builtin functions
* runtime(netrw): make :Launch/Open autoloadable
* runtime(netrw): fix regression with x mapping on Cygwin
* runtime(netrw): fix filetype detection for remote files
* 9.1.0822: topline might be changed in diff mode unexpectedly
* CI: huge linux builds should also run syntax & indent tests
* 9.1.0821: 'findexpr' completion doesn't set v:fname to cmdline argument
* 9.1.0820: tests: Mac OS tests are too flaky
* runtime(awk): Highlight more awk comments in syntax script
* runtime(netrw): add missing change for s:redir()
* 9.1.0819: tests: using findexpr and imported func not tested
* runtime(netrw): improve netrw's open-handling further
* runtime(netrw): fix syntax error in netrwPlugin.vim
* runtime(netrw): simplify gx file handling
* 9.1.0818: some global functions are only used in single files
* 9.1.0817: termdebug: cannot evaluate expr in a popup
* runtime(defaults): Detect putty terminal and switch to dark background
* 9.1.0816: tests: not clear what tests cause asan failures
* runtime(doc): Remove some completed items from todo.txt
* 9.1.0815: "above" virtual text causes wrong 'colorcolumn' position
* runtime(syntax-tests): tiny vim fails because of line-continuation
* 9.1.0814: mapset() may remove unrelated mapping
* 9.1.0813: no error handling with setglobal and number types
* 9.1.0812: Coverity warns about dereferencing NULL ptr
* 9.1.0811: :find expansion does not consider 'findexpr'
* 9.1.0810: cannot easily adjust the |:find| command
* 9.1.0809: filetype: petalinux config files not recognized
* 9.1.0808: Terminal scrollback doesn't shrink when decreasing 'termwinscroll'
* 9.1.0807: tests: having 'nolist' in modelines isn't always desired
* 9.1.0806: tests: no error check when setting global 'briopt'
* 9.1.0805: tests: minor issues in gen_opt_test.vim
* 9.1.0804: tests: no error check when setting global 'cc'
* 9.1.0803: tests: no error check when setting global 'isk'
* 9.1.0802: tests: no error check when setting global 'fdm' to empty value
* 9.1.0801: tests: no error check when setting global 'termwinkey'
* 9.1.0800: tests: no error check when setting global 'termwinsize'
* runtime(doc): :ownsyntax also resets 'spelloptions'
* 9.1.0799: tests: gettwinvar()/gettabwinvar() tests are not comprehensive
* runtime(doc): Fix wrong Mac default options
* 9.1.0798: too many strlen() calls in cmdhist.c
* 9.1.0797: testing of options can be further improved
* 9.1.0796: filetype: libtool files are not recognized
* (typst): add folding to typst ftplugin
* runtime(netrw): deprecate and remove netrwFileHandlers#Invoke()
* 9.1.0795: filetype: Vivado memory info file are not recognized
* 9.1.0794: tests: tests may fail on Windows environment
* runtime(doc): improve the :colorscheme documentation
* 9.1.0793: xxd: -e does add one extra space
* 9.1.0792: tests: Test_set_values() is not comprehensive enough
* runtime(swayconfig): add flag for bindsym/bindcode to syntax script
* 9.1.0791: tests: errors in gen_opt_test.vim are not shown
* runtime(compiler): check for compile_commands in build dirs for cppcheck
* 9.1.0790: Amiga: AmigaOS4 build should use default runtime (newlib)
* runtime(help): Update help syntax
* runtime(help): fix end of sentence highlight in code examples
* runtime(jinja): Support jinja syntax as secondary filetype
* 9.1.0789: tests: ':resize + 5' has invalid space after '+'
* 9.1.0788: <CSI>27;<mod>u is not decoded to literal Escape in kitty/foot
* 9.1.0787: cursor position changed when using hidden terminal
* 9.1.0786: tests: quickfix update test does not test location list
* runtime(doc): add some docs for file-watcher programs
* CI: uploading failed screendumps still fails on Cirrus CI
* 9.1.0785: cannot preserve error position when setting quickfix list
* 9.1.0784: there are several problems with python 3.13
* 9.1.0783: 'spell' option setting has problems
* 9.1.0782: tests: using wrong neomuttlog file name
* runtime(doc): add preview flag to statusline example
* 9.1.0781: tests: test_filetype fails
* 9.1.0780: MS-Windows: incorrect Win32 error checking
* 9.1.0779: filetype: neomuttlog files are not recognized
* 9.1.0778: filetype: lf config files are not recognized
* runtime(comment): fix commment toggle with mixed tabs & spaces
* runtime(misc): Use consistent "Vim script" spelling
* runtime(gleam): add ftplugin for gleam files
* runtime(doc): link help-writing from write-local-help
* 9.1.0777: filetype: Some upstream php files are not recognized
* runtime(java): Define javaBlockStart and javaBlockOtherStart hl groups
* runtime(doc): mention conversion rules for remote_expr()
* runtime(tutor): Fix missing :s command in spanish translation section 4.4
* 9.1.0776: test_strftime may fail because of missing TZ data
* translation(am): Add Armenian language translation
* 9.1.0775: tests: not enough tests for setting options
* 9.1.0774: "shellcmdline" doesn't work with getcompletion()
* 9.1.0773: filetype: some Apache files are not recognized
* 9.1.0772: some missing changes from v9.1.0771
* 9.1.0771: completion attribute hl_group is confusing
* 9.1.0770: current command line completion is a bit limited
* 9.1.0769: filetype: MLIR files are not recognized
* 9.1.0768: MS-Windows: incorrect cursor position when restoring screen
* runtime(nasm): Update nasm syntax script
* 9.1.0767: A condition is always true in ex_getln.c
* runtime(skill): Update syntax file to fix string escapes
* runtime(help): highlight CTRL-<Key> correctly
* runtime(doc): add missing usr_52 entry to toc
* 9.1.0766: too many strlen() calls in ex_getln.c
* runtime(doc): correct `vi` registers 1-9 documentation error
* 9.1.0765: No test for patches 6.2.418 and 7.3.489
* runtime(spec): set comments and commentstring options
* NSIS: Include libgcc_s_sjlj-1.dll again
* runtime(doc): clarify the effect of 'startofline' option
* 9.1.0764: [security]: use-after-free when closing a buffer
* runtime(vim): Update base-syntax file, improve class, enum and interface highlighting
* 9.1.0763: tests: cannot run single syntax tests
* 9.1.0762: 'cedit', 'termwinkey' and 'wildchar' may not be parsed correctly
* 9.1.0761: :cd completion fails on Windows with backslash in path
* 9.1.0760: tests: no error reported, if gen_opt_test.vim fails
* 9.1.0759: screenpos() may return invalid position
* runtime(misc): unset compiler in various ftplugins
* runtime(doc): update formatting and syntax
* runtime(compiler): add cppcheck linter compiler plugin
* runtime(doc): Fix style in documents
* runtime(doc): Fix to two-space convention in user manual
* runtime(comment): consider &tabstop in lines after whitespace indent
* 9.1.0758: it's possible to set an invalid key to 'wildcharm'
* runtime(java): Manage circularity for every :syn-included syntax file
* 9.1.0757: tests: messages files contains ANSI escape sequences
* 9.1.0756: missing change from patch v9.1.0754
* 9.1.0755: quickfix list does not handle hardlinks well
* runtime(doc): 'filetype', 'syntax' and 'keymap' only allow alphanumeric + some characters
* runtime(systemd): small fixes to &keywordprg in ftplugin
* CI: macos-12 runner is being sunset, switch to 13
* 9.1.0754: fixed order of items in insert-mode completion menu
* runtime(comment): commenting might be off by one column
* 9.1.0753: Wrong display when typing in diff mode with 'smoothscroll'
* 9.1.0752: can set 'cedit' to an invalid value
* runtime(doc): add `usr` tag to usr_toc.txt
* 9.1.0751: Error callback for term_start() not used
* 9.1.0750: there are some Win9x legacy references
* runtime(java): Recognise the CommonMark form (///) of Javadoc comments
* 9.1.0749: filetype: http files not recognized
* runtime(comment): fix syntax error
* CI: uploading failed screendump tests does not work Cirrus
* 9.1.0748: :keep* commmands are sometimes misidentified as :k
* runtime(indent): allow matching negative numbers for gnu indent config file
* runtime(comment): add gC mapping to (un)comment rest of line
* 9.1.0747: various typos in repo found
* 9.1.0746: tests: Test_halfpage_longline() fails on large terminals
* runtime(doc): reformat gnat example
* runtime(doc): reformat ada_standard_types section
* 9.1.0745: filetype: bun and deno history files not recognized
* runtime(glvs): Correct the tag name of glvs-autoinstal
* runtime(doc): include short form for :earlier/:later
* runtime(doc): remove completed TODO
* 9.1.0744: filetype: notmuch configs are not recognised
* 9.1.0743: diff mode does not handle overlapping diffs correctly
* runtime(glvs): fix a few issues
* runtime(doc): Fix typo in :help :command-modifiers
* 9.1.0742: getcmdprompt() implementation can be improved
* runtime(docs): update `:set?` command behavior table
* runtime(doc): update vim90 to vim91 in docs
* runtime(doc): fix typo in :h dos-colors
* 9.1.0741: No way to get prompt for input()/confirm()
* runtime(doc): fix typo in version9.txt nrformat -> nrformats
* runtime(rmd,rrst): 'fex' option not properly restored
* runtime(netrw): remove extraneous closing bracket
* 9.1.0740: incorrect internal diff with empty file
* 9.1.0739: [security]: use-after-free in ex_getln.c
* runtime(filetype): tests: Test_filetype_detection() fails
* runtime(dist): do not output a message if executable is not found
* 9.1.0738: filetype: rapid files are not recognized
* runtime(modconf): remove erroneous :endif in ftplugin
* runtime(lyrics): support multiple timestamps in syntax script
* runtime(java): Optionally recognise _module_ import declarations
* runtime(vim): Update base-syntax, improve folding function matches
* CI: upload failed screendump tests also for Cirrus
* 9.1.0737: tests: screendump tests may require a bit more time
* runtime(misc): simplify keywordprg in various ftplugins
* runtime(java): Optionally recognise all primitive constants in _switch-case_ labels
* runtime(zsh,sh): set and unset compiler in ftplugin
* runtime(netrw): using inefficient highlight pattern for 'mf'
* 9.1.0736: Unicode tables are outdated
* 9.1.0735: filetype: salt files are not recognized
* 9.1.0734: filetype: jinja files are not recognized
* runtime(zathurarc): add double-click-follow to syntax script
* translation(ru): Updated messages translation
* translation(it): updated xxd man page
* translation(ru): updated xxd man page
* 9.1.0733: keyword completion does not work with fuzzy
* 9.1.0732: xxd: cannot use -b and -i together
* runtime(java): Highlight javaConceptKind modifiers with StorageClass
* runtime(doc): reword and reformat how to use defaults.vim
* 9.1.0731: inconsistent case sensitive extension matching
* runtime(vim): Update base-syntax, match Vim9 bool/null literal args to :if/:while/:return
* runtime(netrw): delete confirmation not strict enough
* 9.1.0730: Crash with cursor-screenline and narrow window
* 9.1.0729: Wrong cursor-screenline when resizing window
* 9.1.0728: [security]: heap-use-after-free in garbage collection with location list user data
* runtime(doc): clarify the effect of the timeout for search()-functions
* runtime(idlang): update syntax script
* runtime(spec): Recognize epoch when making spec changelog in ftplugin
* runtime(spec): add file triggers to syntax script
* 9.1.0727: too many strlen() calls in option.c
* runtime(make): add compiler/make.vim to reset compiler plugin settings
* runtime(java): Recognise all available standard doclet tags
* 9.1.0726: not using correct python3 API with dynamic linking
* runtime(dosini): Update syntax script, spellcheck comments only
* runtime(doc): Revert outdated comment in completeopt's fuzzy documentation
* 9.1.0725: filetype: swiftinterface files are not recognized
* runtime(pandoc): Update compiler plugin to use actual 'spelllang'
* runtime(groff): Add compiler plugin for groff
* 9.1.0724: if_python: link error with python 3.13 and stable ABI
* 9.1.0723: if_python: dynamic linking fails with python3 >= 3.13
* 9.1.0722: crash with large id in text_prop interface
* 9.1.0721: tests: test_mksession does not consider XDG_CONFIG_HOME
* runtime(glvs): update GetLatestVimScripts plugin
* runtime(doc): Fix typo in :help :hide text
* runtime(doc): buffers can be re-used
* 9.1.0720: Wrong breakindentopt=list:-1 with multibyte or TABs
* 9.1.0719: Resetting cell widths can make 'listchars' or 'fillchars' invalid
* runtime(doc): Update version9.txt and mention $MYVIMDIR
- Update to 9.1.0718:
* v9.1.0718: hard to know the users personal Vim Runtime Directory
* v9.1.0717: Unnecessary nextcmd NULL checks in parse_command_modifiers()
Maintainers: fix typo in author name
* v9.1.0716: resetting setcellwidth( doesn't update the screen
runtime(hcl,terraform): Add runtime files for HCL and Terraform
runtime(tmux): Update syntax script
* v9.1.0715: Not correctly parsing color names (after v9.1.0709)
* v9.1.0714: GuiEnter_Turkish test may fail
* v9.1.0713: Newline causes E749 in Ex mode
* v9.1.0712: missing dependency of Test_gettext_makefile
* v9.1.0711: test_xxd may file when using different xxd
* v9.1.0710: popup window may hide part of Command line
runtime(vim): Update syntax, improve user-command matching
* v9.1.0709: GUIEnter event not found in Turkish locale
runtime(sudoers): improve recognized Runas_Spec and Tag_Spec items
* v9.1.0708: Recursive window update does not account for reset skipcol
runtime(nu): include filetype plugin
* v9.1.0707: invalid cursor position may cause a crash
* v9.1.0706: test_gettext fails when using shadow dir
CI: Install locales-all package
* v9.1.0705: Sorting of fuzzy filename completion is not stable
translation(pt): update Portuguese/Brazilian menu translation
runtime(vim): Update base-syntax, match bracket mark ranges
runtime(doc): Update :help :command-complete list
* v9.1.0704: inserting with a count is inefficient
runtime(doc): use mkdir -p to save a command
* v9.1.0703: crash with 2byte encoding and glob2regpat()
runtime(hollywood): update syn highlight for If-Then statements
and For-In-Loops
* v9.1.0702: Patch 9.1.0700 broke CI
* v9.1.0701: crash with NFA regex engine when searching for
composing chars
* v9.1.0700: crash with 2byte encoding and glob2regpat()
* v9.1.0699: "dvgo" is not always an inclusive motion
runtime(java): Provide support for syntax preview features
* v9.1.0698: "Untitled" file not removed when running Test_crash1_3
alone
* v9.1.0697: heap-buffer-overflow in ins_typebuf
* v9.1.0696: installing runtime files fails when using SHADOWDIR
runtime(doc): fix typo
* v9.1.0695: test_crash leaves Untitled file around
translation(br): Update Brazilian translation
translation(pt): Update menu_pt_br
* v9.1.0694: matchparen is slow on a long line
* v9.1.0693: Configure doesn't show result when not using python3
stable abi
* v9.1.0692: Wrong patlen value in ex_substitute()
* v9.1.0691: stable-abi may cause segfault on Python 3.11
runtime(vim): Update base-syntax, match :loadkeymap after colon and bar
runtime(mane): Improve <Plug>ManBS mapping
* v9.1.0690: cannot set special highlight kind in popupmenu
translation(pt): Revert and fix wrong Portuguese menu translation
files
translation(pt): revert Portuguese menu translation
translation(br): Update Brazilian translations
runtime(vim): Update base-syntax, improve :let-heredoc highlighting
* v9.1.0689: buffer-overflow in do_search( with 'rightleft'
runtime(vim): Improve heredoc handling for all embedded scripts
* v9.1.0688: dereferences NULL pointer in check_type_is_value()
* v9.1.0687: Makefile may not install desktop files
runtime(man): Fix <Plug>ManBS
runtime(java): Make the bundled &foldtext function optional
runtime(netrw): Change line on `mx` if command output exists
runtime(netrw): Fix `mf`-selected entry highlighting
runtime(htmlangular): add html syntax highlighting
translation(it): Fix filemode of Italian manpages
runtime(doc): Update outdated man.vim plugin information
runtime(zip): simplify condition to detect MS-Windows
* v9.1.0686: zip-plugin has problems with special characters
runtime(pandoc): escape quotes in &errorformat for pandoc
translation(it): updated Italian manpage
* v9.1.0685: too many strlen( calls in usercmd.c
runtime(doc): fix grammar in :h :keeppatterns
runtime(pandoc): refine pandoc compiler settings
* v9.1.0684: completion is inserted on Enter with "noselect"
translation(ru): update man pages
* v9.1.0683: mode( returns wrong value with <Cmd> mapping
runtime(doc): remove trailing whitespace in cmdline.txt
* v9.1.0682: Segfault with uninitialized funcref
* v9.1.0681: Analyzing failed screendumps is hard
runtime(doc): more clarification for the :keeppatterns needed
* v9.1.0680: VMS does not have defined uintptr_t
runtime(doc): improve typedchar documentation for KeyInputPre autocmd
runtime(dist): verify that executable is in $PATH
translation(it): update Italian manpages
runtime(doc): clarify the effect of :keeppatterns after * v9.1.0677
runtime(doc): update Makefile and make it portable between GNU and BSD
* v9.1.0679: Rename from w_closing to w_locked is incomplete
runtime(colors): update colorschemes
runtime(vim): Update base-syntax, improve :let-heredoc highlighting
runtime(doc): Updating the examples in the xxd manpage
translation(ru): Updated uganda.rux
runtime(yaml): do not re-indent when commenting out lines
* v9.1.0678: use-after-free in alist_add()
* v9.1.0677 :keepp does not retain the substitute pattern
translation(ja): Update Japanese translations to latest release
runtime(netrw): Drop committed trace lines
runtime(netrw): Error popup not always used
runtime(netrw): ErrorMsg( may throw E121
runtime(tutor): update Makefile and make it portable between GNU and BSD
translation: improve the po/cleanup.vim script
runtime(lang): update Makefile and make it portable between GNU and BSD
* v9.1.0676: style issues with man pages
* v9.1.0675: Patch v9.1.0674 causes problems
runtime(dosbatch): Show %%i as an argument in syntax file
runtime(dosbatch): Add syn-sync to syntax file
runtime(sql, mysql): fix E169: Command too recursive with
sql_type_default = "mysql"
* v9.1.0674: compiling abstract method fails because of missing return
runtime(javascript): fix a few issues with syntax higlighting
runtime(mediawiki): fix typo in doc, test for b:did_ftplugin var
runtime(termdebug): Fix wrong test for balloon feature
runtime(doc): Remove mentioning of the voting feature
runtime(doc): add help tags for json + markdown global variables
* v9.1.0673: too recursive func calls when calling super-class method
runtime(syntax-tests): Facilitate the viewing of rendered screendumps
runtime(doc): fix a few style issues
* v9.1.0672: marker folds may get corrupted on undo
* v9.1.0671 Problem: crash with WinNewPre autocommand
* v9.1.0670: po file encoding fails on *BSD during make
translation(it): Update Italian translation
translation: Stop using msgconv
* v9.1.0669: stable python ABI not used by default
Update .gitignore and .hgignore files
* v9.1.0668: build-error with python3.12 and stable ABI
translations: Update generated po files
* v9.1.0667: Some other options reset curswant unnecessarily when set
* v9.1.0666: assert_equal( doesn't show multibyte string correctly
runtime(doc): clarify directory of Vim's executable vs CWD
* v9.1.0665 :for loop
runtime(proto): Add indent script for protobuf filetype
* v9.1.0664: console vim did not switch back to main screen on exit
runtime(zip): zip plugin does not work with Vim 9.0
* v9.1.0663: zip test still resets 'shellslash' option
runtime(zip): use defer to restore old settings
runtime(zip): add a generic Message function
runtime(zip): increment base version of zip plugin
runtime(zip): raise minimum Vim version to * v9.0
runtime(zip): refactor save and restore of options
runtime(zip): remove test for fnameescape
runtime(zip): use :echomsg instead of :echo
runtime(zip): clean up and remove comments
* v9.1.0662: filecopy( may return wrong value when readlink( fails
* v9.1.0661: the zip plugin is not tested.
runtime(zip): Fix for FreeBSD's unzip command
runtime(doc): capitalize correctly
* v9.1.0660: Shift-Insert does work on old conhost
translation(it): update Italian manpage
runtime(lua): add/subtract a 'shiftwidth' after '('/')' in indentexpr
runtime(zip): escape '[' on Unix as well
* v9.1.0659: MSVC Makefile is a bit hard to read
runtime(doc): fix typo in syntax.txt
runtime(doc): -x is only available when compiled with crypt feature
* v9.1.0658: Coverity warns about dereferencing NULL pointer.
runtime(colors): update Todo highlight in habamax colorscheme
* v9.1.0657: MSVC build time can be optimized
* v9.1.0656: MSVC Makefile CPU handling can be improved
* v9.1.0655: goaccess config file not recognized
CI: update clang compiler to version 20
runtime(netrw): honor `g:netrw_alt{o,v}` for `:{S,H,V}explore`
* v9.1.0654: completion does not respect completeslash with fuzzy
* v9.1.0653: Patch v9.1.0648 not completely right
* v9.1.0652: too many strlen( calls in syntax.c
* v9.1.0651 :append
* v9.1.0650: Coverity warning in cstrncmp()
* v9.1.0649: Wrong comment for "len" argument of call_simple_func()
* v9.1.0648: [security] double-free in dialog_changed()
* v9.1.0647: [security] use-after-free in tagstack_clear_entry
runtime(doc): re-format tag example lines, mention ctags --list-kinds
* v9.1.0646: imported function may not be found
runtime(java): Document "g:java_space_errors" and "g:java_comment_strings"
runtime(java): Cluster optional group definitions and their group links
runtime(java): Tidy up the syntax file
runtime(java): Tidy up the documentation for "ft-java-syntax"
runtime(colors): update habamax scheme - tweak diff/search/todo colors
runtime(nohlsearch): add missing loaded_hlsearch guard
runtime(kivy): Updated maintainer info for syntax script
Maintainers: Add maintainer for ondir ftplugin + syntax files
runtime(netrw): removing trailing slash when copying files in same
directory
* v9.1.0645: wrong match when searching multi-byte char case-insensitive
runtime(html): update syntax script to sync by 250 minlines by default
* v9.1.0644: Unnecessary STRLEN( when applying mapping
runtime(zip): Opening a remote zipfile don't work
runtime(cuda): source c and cpp ftplugins
* v9.1.0643: cursor may end up on invalid position
* v9.1.0642: Check that mapping rhs starts with lhs fails if not
simplified
* v9.1.0641: OLE enabled in console version
runtime(thrift): add ftplugin, indent and syntax scripts
* v9.1.0640: Makefile can be improved
* v9.1.0639: channel timeout may wrap around
* v9.1.0638: E1510 may happen when formatting a message for smsg()
* v9.1.0637: Style issues in MSVC Makefile
- Update apparmor.vim to latest version (from AppArmor 4.0.2)
- add support for "all" and "userns" rules, and new profile flags
- Update to 9.1.0636:
* 9.1.0636: filetype: ziggy files are not recognized
* 9.1.0635: filetype: SuperHTML template files not recognized
* 9.1.0634: Ctrl-P not working by default
* 9.1.0633: Compilation warnings with `-Wunused-parameter`
* 9.1.0632: MS-Windows: Compiler Warnings
Add support for Files-Included in syntax script
tweak documentation style a bit
* 9.1.0631: wrong completion list displayed with non-existing dir + fuzzy completion
* 9.1.0630: MS-Windows: build fails with VIMDLL and mzscheme
* 9.1.0629: Rename of pum hl_group is incomplete
* 9.1.0628: MinGW: coverage files are not cleaned up
* 9.1.0627: MinGW: build-error when COVERAGE is enabled
* 9.1.0626: Vim9: need more tests with null objects
include initial filetype plugin
* 9.1.0625: tests: test output all translated messages for all translations
* 9.1.0624: ex command modifiers not found
* 9.1.0623: Mingw: errors when trying to delete non-existing files
* 9.1.0622: MS-Windows: mingw-build can be optimized
* 9.1.0621: MS-Windows: startup code can be improved
* 9.1.0620: Vim9: segfauls with null objects
* 9.1.0619: tests: test_popup fails
* 9.1.0618: cannot mark deprecated attributes in completion menu
* 9.1.0617: Cursor moves beyond first line of folded end of buffer
* 9.1.0616: filetype: Make syntax highlighting off for MS Makefiles
* 9.1.0615: Unnecessary STRLEN() in make_percent_swname()
Add single-line comment syntax
Add syntax test for comments
Update maintainer info
* 9.1.0614: tests: screendump tests fail due to recent syntax changes
* 9.1.0613: tests: termdebug test may fail and leave file around
Update base-syntax, improve :set highlighting
Optionally highlight the :: token for method references
* 9.1.0612: filetype: deno.lock file not recognized
Use delete() for deleting directory
escape filename before trying to delete it
* 9.1.0611: ambiguous mappings not correctly resolved with modifyOtherKeys
correctly extract file from zip browser
* 9.1.0610: filetype: OpenGL Shading Language files are not detected
Fix endless recursion in netrw#Explore()
* 9.1.0609: outdated comments in Makefile
update syntax script
Fix flow mapping key detection
Remove orphaned YAML syntax dump files
* 9.1.0608: Coverity warns about a few potential issues
Update syntax script and remove syn sync
* 9.1.0607: termdebug: uses inconsistent style
* 9.1.0606: tests: generated files may cause failure in test_codestyle
* 9.1.0605: internal error with fuzzy completion
* 9.1.0604: popup_filter during Press Enter prompt seems to hang
translation: Update Serbian messages translation
* 9.1.0603: filetype: use correct extension for Dracula
* 9.1.0602: filetype: Prolog detection can be improved
fix more inconsistencies in assert function docs
* 9.1.0601: Wrong cursor position with 'breakindent' when wide char doesn't fit
Update base-syntax, improve :map highlighting
* 9.1.0600: Unused function and unused error constants
* 9.1.0599: Termdebug: still get E1023 when specifying arguments
correct wrong comment options
fix typo "a xterm" -> "an xterm"
* 9.1.0598: fuzzy completion does not work with default completion
* 9.1.0597: KeyInputPre cannot get the (unmapped typed) key
* 9.1.0596: filetype: devscripts config files are not recognized
gdb file/folder check is now performed only in CWD.
quote filename arguments using double quotes
update syntax to SDC-standard 2.1
minor updates.
Cleanup :match and :loadkeymap syntax test files
Update base-syntax, match types in Vim9 variable declarations
* 9.1.0595: make errors out with the po Makefile
* 9.1.0594: Unnecessary redraw when setting 'winfixbuf'
using wrong highlight for UTF-8
include simple syntax plugin
* 9.1.0593: filetype: Asymptote files are not recognized
add recommended indent options to ftplugin
add recommended indent options to ftplugin
add recommended indent options to ftplugin
* 9.1.0592: filetype: Mediawiki files are not recognized
* 9.1.0591: filetype: *.wl files are not recognized
* 9.1.0590: Vim9: crash when accessing getregionpos() return value
'cpoptions': Include "z" in the documented default
* 9.1.0589: vi: d{motion} and cw work differently than expected
update included colorschemes
grammar fixes in options.txt
- Update to 9.1.0588:
* 9.1.0588: The maze program no longer compiles on newer clang
runtime(typst): Add typst runtime files
* 9.1.0587: tests: Test_gui_lowlevel_keyevent is still flaky
* 9.1.0586: ocaml runtime files are outdated
runtime(termdebug): fix a few issues
* 9.1.0585: tests: test_cpoptions leaves swapfiles around
* 9.1.0584: Warning about redeclaring f_id() non-static
runtime(doc): Add hint how to load termdebug from vimrc
runtime(doc): document global insert behavior
* 9.1.0583: filetype: *.pdf_tex files are not recognized
* 9.1.0582: Printed line doesn't overwrite colon when pressing Enter in Ex mode
* 9.1.0581: Various lines are indented inconsistently
* 9.1.0580: :lmap mapping for keypad key not applied when typed in Select mode
* 9.1.0579: Ex command is still executed after giving E1247
* 9.1.0578: no tests for :Tohtml
* 9.1.0577: Unnecessary checks for v:sizeoflong in test_put.vim
* 9.1.0576: tests: still an issue with test_gettext_make
* 9.1.0575: Wrong comments in alt_tabpage()
* 9.1.0574: ex: wrong handling of commands after bar
runtime(doc): add a note for netrw bug reports
* 9.1.0573: ex: no implicit print for single addresses
runtime(vim): make &indentexpr available from the outside
* 9.1.0572: cannot specify tab page closing behaviour
runtime(doc): remove obsolete Ex insert behavior
* 9.1.0571: tests: Test_gui_lowlevel_keyevent is flaky
runtime(logindefs): update syntax with new keywords
* 9.1.0570: tests: test_gettext_make can be improved
runtime(filetype): Fix Prolog file detection regex
* 9.1.0569: fnamemodify() treats ".." and "../" differently
runtime(mojo): include mojo ftplugin and indent script
* 9.1.0568: Cannot expand paths from 'cdpath' setting
* 9.1.0567: Cannot use relative paths as findfile() stop directories
* 9.1.0566: Stop dir in findfile() doesn't work properly w/o trailing slash
* 9.1.0565: Stop directory doesn't work properly in 'tags'
* 9.1.0564: id() can be faster
* 9.1.0563: Cannot process any Key event
* 9.1.0562: tests: inconsistency in test_findfile.vim
runtime(fstab): Add missing keywords to fstab syntax
* 9.1.0561: netbeans: variable used un-initialized (Coverity)
* 9.1.0560: bindtextdomain() does not indicate an error
* 9.1.0559: translation of vim scripts can be improved
* 9.1.0558: filetype: prolog detection can be improved
* 9.1.0557: moving in the buffer list doesn't work as documented
runtime(doc): fix inconsistencies in :h file-searching
* 9.1.0556: :bwipe doesn't remove file from jumplist of other tabpages
runtime(htmlangular): correct comment
* 9.1.0555: filetype: angular ft detection is still problematic
* 9.1.0554: :bw leaves jumplist and tagstack data around
* 9.1.0553: filetype: *.mcmeta files are not recognized
* 9.1.0552: No test for antlr4 filetype
* 9.1.0551: filetype: htmlangular files are not properly detected
* 9.1.0550: filetype: antlr4 files are not recognized
* 9.1.0549: fuzzycollect regex based completion not working as expected
runtime(doc): autocmd_add() accepts a list not a dict
* 9.1.0548: it's not possible to get a unique id for some vars
runtime(tmux): Update syntax script
* 9.1.0547: No way to get the arity of a Vim function
* 9.1.0546: vim-tiny fails on CTRL-X/CTRL-A
runtime(hlsplaylist): include hlsplaylist ftplugin file
runtime(doc): fix typo in :h ft-csv-syntax
runtime(doc): Correct shell command to get $VIMRUNTIME into
shell
* 9.1.0545: MSVC conversion warning
* 9.1.0544: filetype: ldapconf files are not recognized
runtime(cmakecache): include cmakecache ftplugin file
runtime(lex): include lex ftplugin file
runtime(yacc): include yacc ftplugin file
runtime(squirrel): include squirrel ftplugin file
runtime(objcpp): include objcpp ftplugin file
runtime(tf): include tf ftplugin file
runtime(mysql): include mysql ftplugin file
runtime(javacc): include javacc ftplugin file
runtime(cabal): include cabal ftplugin file
runtime(cuda): include CUDA ftplugin file
runtime(editorconfig): include editorconfig ftplugin file
runtime(kivy): update kivy syntax, include ftplugin
runtime(syntax-tests): Stop generating redundant "*_* 99.dump"
files
* 9.1.0543: Behavior of CursorMovedC is strange
runtime(vim): Update base-syntax, improve :match command
highlighting
* 9.1.0542: Vim9: confusing string() output for object functions
* 9.1.0541: failing test with Vim configured without channel
* 9.1.0540: Unused assignment in sign_define_cmd()
runtime(doc): add page-scrolling keys to index.txt
runtime(doc): add reference to xterm-focus-event from
FocusGained/Lost
* 9.1.0539: Not enough tests for what v9.1.0535 fixed
runtime(doc): clarify how to re-init csv syntax file
* 9.1.0538: not possible to assign priority when defining a sign
* 9.1.0537: signed number detection for CTRL-X/A can be improved
* 9.1.0536: filetype: zone files are not recognized
* 9.1.0535: newline escape wrong in ex mode
runtime(man): honor cmd modifiers before `g:ft_man_open_mode`
runtime(man): use `nnoremap` to map to Ex commands
* 9.1.0534: completion wrong with fuzzy when cycling back to original
runtime(syntax-tests): Abort and report failed cursor progress
runtime(syntax-tests): Introduce self tests for screen dumping
runtime(syntax-tests): Clear and redraw the ruler line with
the shell info
runtime(syntax-tests): Allow for folded and wrapped lines in
syntax test files
* 9.1.0533: Vim9: need more tests for nested objects equality
CI: Pre-v* 9.0.0110 versions generate bogus documentation tag entries
runtime(doc): Remove wrong help tag CTRL-SHIFT-CR
* 9.1.0532: filetype: Cedar files not recognized
runtime(doc): document further keys that scroll page up/down
* 9.1.0531: resource leak in mch_get_random()
runtime(tutor): Fix wrong spanish translation
runtime(netrw): fix remaining case of register clobber
* 9.1.0530: xxd: MSVC warning about non-ASCII character
* 9.1.0529: silent! causes following try/catch to not work
runtime(rust): use shiftwidth() in indent script
* 9.1.0528: spell completion message still wrong in translations
* 9.1.0527: inconsistent parameter in Makefiles for Vim executable
* 9.1.0526: Unwanted cursor movement with pagescroll at start of buffer
runtime(doc): mention $XDG_CONFIG_HOME instead of $HOME/.config
* 9.1.0525: Right release selects immediately when pum is truncated.
* 9.1.0524: the recursive parameter in the *_equal functions can be removed
runtime(termdebug): Add Deprecation warnings
* 9.1.0523: Vim9: cannot downcast an object
* 9.1.0522: Vim9: string(object) hangs for recursive references
* 9.1.0521: if_py: _PyObject_CallFunction_SizeT is dropped in Python 3.13
* 9.1.0520: Vim9: incorrect type checking for modifying lists
runtime(manpager): avoid readonly prompt
* 9.1.0519: MS-Windows: libvterm compilation can be optimized
* 9.1.0518: initialize the random buffer can be improved
* 9.1.0517: MS-Windows: too long lines in Make_mvc.mak
runtime(terraform): Add filetype plugin for terraform
runtime(dockerfile): enable spellchecking of comments in
syntax script
runtime(doc): rename variable for pandoc markdown support
runtime(doc): In builtin overview use {buf} as param for
appendbufline/setbufline
runtime(doc): clarify, that register 1-* 9 will always be shifted
runtime(netrw): save and restore register 0-* 9, a and unnamed
runtime(termdebug): Refactored StartDebug_term and EndDebug
functions
runtime(java): Compose "g:java_highlight_signature" and
"g:java_highlight_functions"
* 9.1.0516: need more tests for nested dicts and list comparision
* 9.1.0515: Vim9: segfault in object_equal()
* 9.1.0514: Vim9: issue with comparing objects recursively
runtime(termdebug): Change some variables to Enums
runtime(vim): Update base-syntax, fix function tail comments
* 9.1.0513: Vim9: segfault with object comparison
- Update to 9.1.0512:
* Mode message for spell completion doesn't match allowed keys
* CursorMovedC triggered wrongly with setcmdpos()
* update runtime files
* CI: test_gettext fails on MacOS14 + MSVC Win
* not possible to translate Vim script messages
* termdebug plugin can be further improved
* add gomod filetype plugin
* hard to detect cursor movement in the command line
* Optionally highlight parameterised types
* filetype: .envrc & .prettierignore not recognized
* filetype: Faust files are not recognized
* inner-tag textobject confused about ">" in attributes
* cannot use fuzzy keyword completion
* Remove the group exclusion list from @javaTop
* wrong return type for execute() function
* MS-Windows: too much legacy code
* too complicated mapping restore in termdebug
* simplify mapping
* cannot switch buffer in a popup
* MS-Windows: doesn't handle symlinks properly
* getcmdcompltype() interferes with cmdline completion
* termdebug can be further improved
* update htmldjango detection
* Improve Turkish documentation
* include a simple csv filetype and syntax plugin
* include the the simple nohlsearch package
* matched text is highlighted case-sensitively
* Matched text isn't highlighted in cmdline pum
* Fix typos in several documents
* clarify when text properties are cleared
* improve the vim-shebang example
* revert unintended formatting changes for termdebug
* Add a config variable for commonly used compiler options
* Wrong matched text highlighted in pum with 'rightleft'
* bump length of character references in syntax script
* properly check mapping variables using null_dict
* fix KdlIndent and kdlComment in indent script
* Test for patch 9.1.0489 doesn't fail without the fix
* Fold multi-line comments with the syntax kind of &fdm
* using wrong type for PlaceSign()
* filetype: Vim-script files not detected by shebang line
* revert unintended change to zip#Write()
* add another tag for vim-shebang feature
* Cmdline pum doesn't work properly with 'rightleft'
* minor style problems with patch 9.1.0487
* default completion may break with fuzzy
* Wrong padding for pum "kind" with 'rightleft'
* Update base-syntax, match shebang lines
* MS-Windows: handle files with spaces properly
* Restore HTML syntax file tests
* completed item not update on fuzzy completion
* filetype: Snakemake files are not recognized
* make TermDebugSendCommand() a global function again
* close all buffers in the same way
* Matched text shouldn't be highlighted in "kind" and "menu"
* fix wrong helptag for :defer
* Update base-syntax, match :sleep arg
* include Georgian keymap
* Sorting of completeopt+=fuzzy is not stable
* correctly test for windows in NetrwGlob()
* glob() on windows fails with [] in directory name
* rewrite mkdir() doc and simplify {flags} meaning
* glob() not sufficiently tested
* update return type for job_info()
* termdebug plugin needs more love
* correct return types for job_start() and job_status()
* Update base-syntax, match :catch and :throw args
* Include element values in non-marker annotations
* Vim9: term_getjob() throws an exception on error
* fuzzy string matching executed when not needed
* fuzzy_match_str_with_pos() does unnecessary list operations
* restore description of "$" in col() and virtcol()
* deduplicate getpos(), line(), col(), virtcol()
* Update g:vimsyn_comment_strings dump file tests
* Use string interpolation instead of string concat
* potential deref of NULL pointer in fuzzy_match_str_with_pos
* block_editing errors out when using <enter>
* Update base-syntax, configurable comment string highlighting
* fix typos in syntax.txt
* Cannot see matched text in popup menu
* Update base-syntax, match multiline continued comments
* clarify documentation for "v" position at line()
* cmod_split modifier is always reset in term_start()
* remove line-continuation characters
* use shiftwidth() instead of &tabstop in indent script
* Remove orphaned screen dump files
* include syntax, indent and ftplugin files
* CI: Test_ColonEight() fails on github runners
* add missing Enabled field in syntax script
* basic svelte ftplugin file
* term_start() does not clear vertical modifier
* fix mousemodel restoration by comparing against null_string
* Added definitions of Vim scripts and plugins
* Exclude lambda expressions from _when_ _switch-case_ label clauses
* Fix saved_mousemodel check
* Inconsistencies between functions for option flags
* Crash when using autocmd_get() after removing event inside autocmd
* Fix small style issues
* add return type info for Vim function descriptions
* Update Italian Vim manpage
* disable the q mapping
* Change 'cms' for C++ to '// %s'
* fix type mismatch error
* Fix wrong email address
* convert termdebug plugin to Vim9 script
- Update to 9.1.0470:
* tests Test_ColonEight_MultiByte() fails sporadically
* Cannot have buffer-local value for 'completeopt'
* GvimExt does not consult HKEY_CURRENT_USER
* typos in some comments
* runtime(vim): Update base-syntax, allow whitespace before
:substitute pattern
* Missing comments for fuzzy completion
* runtime(man): update Vim manpage
* runtime(comment): clarify the usage of 'commentstring' option
value
* runtime(doc): clarify how fuzzy 'completeopt' should work
* runtime(netrw): prevent accidental data loss
* missing filecopy() function
* no whitespace padding in commentstring option in ftplugins
* no fuzzy-matching support for insert-completion
* eval5() and eval7 are too complex
* too many strlen() calls in drawline.c
* filetype lintstagedrc files are not recognized
* Vim9 import autoload does not work with symlink
* Coverity complains about division by zero
* tests test_gui fails on Wayland
* Left shift is incorrect with vartabstop and shiftwidth=0
* runtime(doc): clarify 'shortmess' flag "S"
* MS-Windows compiler warning for size_t to int conversion
* runtime(doc): include some vim9 script examples in the help
* minor issues in test_filetype with rasi test
* filetype rasi files are not recognized
* runtime(java): Improve the matching of lambda expressions
* Configure checks for libelf unnecessarily
* No test for escaping '<' with shellescape()
* check.vim complains about overlong comment lines
* translation(it): Update Italian translation
* evalc. code too complex
* MS-Windows Compiler warnings
- Update to 9.1.0448:
* compiler warning in eval.c
* remove remaining css code
* Add ft_hare.txt to Reference Manual TOC
* re-generate vim syntax from generator
* fix syntax vim bug
* completion may be wrong when deleting all chars
* getregionpos() inconsistent for partly-selected multibyte char
* fix highlighting nested and escaped quotes in string props
* remove the indent plugin since it has too many issues
* update Debian runtime files
* Coverity warning after 9.1.0440
* Not enough tests for getregion() with multibyte chars
* Can't use blockwise selection with width for getregion()
* update outdated syntax files
* fix floating_modifier highlight
* hare runtime files outdated
* getregionpos() can't properly indicate positions beyond eol
* function get_lval() is too long
* Cannot filter the history
* Wrong Ex command executed when :g uses '?' as delimiter
* support floating_modifier none; revert broken highlighting
* Motif requires non-const char pointer for XPM data
* Crash when using '?' as separator for :s
* filetype: cygport files are not recognized
* make errors trying to access autoload/zig
* Wrong yanking with exclusive selection and ve=all
* add missing help tags file
* Ancient XPM preprocessor hack may cause build errors
* include basic rescript ftplugin file
* eval.c is too long
* getregionpos() doesn't handle one char selection
* check for gdb file/dir before using as buffer name
* refactor zig ftplugin, remove auto format
* Coverity complains about eval.c refactor
* Tag guessing leaves wrong search history with very short names
* some issues with termdebug mapping test
* update matchit plugin to v1.20
* too many strlen() calls in search.c
* set commentstring option
* update vb indent plugin as vim9script
* filetype: purescript files are not recognized
* filetype: slint files are not recognized
* basic nim ftplugin file for comments
* Add Arduino ftplugin and indent files
* include basic typst ftplugin file
* include basic prisma ftplugin file
* include basic v ftplugin for comment support
* getregionpos() wrong with blockwise mode and multibyte
* function echo_string_core() is too long
* hyprlang files are not recognized
* add basic dart ftplugin file
* basic ftplugin file for graphql
* mention comment plugin at :h 'commentstring'
* set commentstring for sql files in ftplugin
* :browse oldfiles prompts even with single entry
* eval.c not sufficiently tested
* clarify why E195 is returned
* clarify temporary file clean up
* fix :NoMatchParen not working
* Cannot move to previous/next rare word
* add basic ftplugin file for sshdconfig
* if_py: find_module has been removed in Python 3.12.0a7
* some screen dump tests can be improved
* Some functions are not tested
* clarify instal instructions for comment package
* Unable to leave long line with 'smoothscroll' and 'scrolloff'
* fix typo in vim9script help file
* Remove trailing spaces
* clarify {special} argument for shellescape()
update to 9.1.0413:
* smoothscroll may cause infinite loop
* add missing entries for the keys CTRL-W g<Tab> and <C-Tab>
* update vi_diff.txt: add default value for 'flash'
* typo in regexp_bt.c in DEBUG code
* allow indented commands
* Fix wrong define regex in ftplugin
* Filter out non-Latin-1 characters for syntax tests
* prefer scp over pscp
* fix typo in usr_52.txt
* too long functions in eval.c
* warning about uninitialized variable
* too many strlen() calls in the regexp engine
* E16 fix, async keyword support for define
* Stuck with long line and half-page scrolling
* Divide by zero with getmousepos() and 'smoothscroll'
* update and remove some invalid links
* update translation of xxd manpage
* Recursively delete directories by default with netrw delete command
* Strive to remain compatible for at least Vim 7.0
* tests: xxd buffer overflow fails on 32-bit
* Stop handpicking syntax groups for @javaTop
* [security] xxd: buffer-overflow with specific flags
* Vim9: not able to import file from start dir
* filetype: mdd files detected as zsh filetype
* filetype: zsh module files are not recognized
* Remove hardcoded private.ppk logic from netrw
* Vim9: confusing error message for unknown type
* block_editing errors out when using del
* add new items to scripts section in syntax plugin
* Vim9: imported vars are not properly type checked
* Wrong display with 'smoothscroll' when changing quickfix list
* filetype: jj files are not recognized
* getregionpos() may leak memory on error
* The CODEOWNERS File is not useful
* Remove and cleanup Win9x legacy from netrw
* add MsgArea to 'highlight' option description
* Cannot get a list of positions describing a region
* Fix digit separator in syntax script for octals and floats
* Update link to Wikipedia Vi page
* clear $MANPAGER in ftplugin before shelling out
* Fix typos in help documents
* 'viewdir' not respecting $XDG_CONFIG_HOME
* tests: Vim9 debug tests may be flaky
* correct getscriptinfo() example
* Vim9: could improve testing
* test_sound fails on macos-12
* update Serbian menu
* update Slovak menu
* update Slovenian menu
* update Portuguese menu
* update Dutch menu
* update Korean menu
* update Icelandic menu
* update Czech menu
* update Afrikaans menu
* update German menu
* filetype: inko files are not recognized
* filetype: templ files are not recognized
* cursor() and getregion() don't handle v:maxcol well
* Vim9: null value tests not sufficient
* update Catalan menu
* filetype: stylus files not recognized
* update spanish menu localization
* regenerate helptags
* Vim9: crash with null_class and null_object
* Add tags about lazyloading of menu
* tests: vt420 terminfo entry may not be found
* filetype: .out files recognized as tex files
* filetype: Kbuild files are not recognized
* cbuffer and similar commands don't accept a range
* Improve the recognition of the "indent" method declarations
* Fix a typo in usr_30.txt
* remove undefined var s:save_cpoptions and add include setting
* missing setlocal in indent plugin
* Calculating line height for unnecessary amount of lines
* improve syntax file performance
* There are a few typos
* Vim9: no comments allowed after class vars
* CI: remove trailing white space in documentation
* Formatting text wrong when 'breakindent' is set
* Add oracular (24.10) as Ubuntu release name
* Vim9: Trailing commands after class/enum keywords ignored
* tests: 1-second delay after Test_BufEnter_botline()
* update helptags for jq syntax
* include syntax, ftplugin and compiler plugin
* fix typo synconcealend -> synconcealed
* include a simple comment toggling plugin
* wrong botline in BufEnter
* clarify syntax vs matching mechanism
* fix undefined variable in indent plugin
* ops.c code uses too many strlen() calls
* Calling CLEAR_FIELD() on the same struct twice
* Vim9: compile_def_function() still too long
* Update Serbian messages
* clarify the effect of setting the shell to powershell
* Improve the recognition of the "style" method declarations
* Vim9: problem when importing autoloaded scripts
* compile_def_function is too long
* filetype: ondir files are not recognized
* Crash when typing many keys with D- modifier
* tests: test_vim9_builtin is a bit slow
* update documentation
* change the download URL of "libsodium"
* tests: test_winfixbuf is a bit slow
* Add filetype, syntax and indent plugin for Astro
* expanding rc config files does not work well
* Vim9: vim9type.c is too complicated
* Vim9: does not handle autoloaded variables well
* minor spell fix in starting.txt
* wrong drawing in GUI with setcellwidth()
* Add include and suffixesadd
* Page scrolling should place cursor at window boundaries
* align command line table
* minor fixes to starting.txt
* fix comment definition in filetype plugin
* filetype: flake.lock files are not recognized
* runtime(uci): No support for uci file types
* Support "g:ftplugin_java_source_path" with archived files
* tests: Test_autoload_import_relative_compiled fails on Windows
* Finding cmd modifiers and cmdline-specials is inefficient
* No test that completing a partial mapping clears 'showcmd'
* tests: test_vim9_dissamble may fail
* Vim9: need static type for typealias
* X11 does not ignore smooth scroll event
* A few typos in test_xdg when testing gvimrc
* Patch v9.1.0338 fixed sourcing a script with import
* Problem: gvimrc not sourced from XDG_CONFIG_HOME
* Cursor wrong after using setcellwidth() in terminal
* 'showcmd' wrong for partial mapping with multibyte
* tests: test_taglist fails when 'helplang' contains non-english
* Problem: a few memory leaks are found
* Problem: Error with matchaddpos() and empty list
* tests: xdg test uses screen dumps
* Vim9: import through symlinks not correctly handled
* Missing entry for XDG vimrc file in :version
* tests: typo in test_xdg
* runtime(i3config/swayconfig): update syntax scripts
* document pandoc compiler and enable configuring arguments
* String interpolation fails for List type
* No test for highlight behavior with 'ambiwidth'
* tests: test_xdg fails on the appimage repo
* tests: some assert_equal() calls have wrong order of args
* make install does not install all files
* runtime(doc): fix typos in starting.txt
- Updated to version 9.1 with patch level 0330, fixes the following problems
* Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
For the complete list of changes see https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330
Patchnames
SUSE-SLE-Micro-6.0-217
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for vim",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for vim fixes the following issues:\n\nvim was updated to 9.1.1101:\n\n- CVE-2024-43374: Fixed use-after-free in alist_add() (bsc#1229238)\n- CVE-2024-43790: Fixed Out of bounds read when performing a search command (bsc#1229685)\n- CVE-2024-43802: Fixed heap-buffer-overflow in ins_typebuf() (bsc#1229822)\n- CVE-2024-45306: Fixed heap-buffer-overflow in Vim (bsc#1230078)\n- CVE-2024-47814: Fixed use-after-free when closing buffers in Vim (bsc#1231373)\n- CVE-2025-1215: Fixed manipulation of the argument --log leads to memory corruption (bsc#1237137)\n- CVE-2025-22134: Fixed heap-buffer-overflow in Vim \u003c 9.1.1003 (bsc#1235695)\n- CVE-2025-24014: Fixed segmentation fault in win_line() in Vim \u003c 9.1.1043 (bsc#1236151)\n\nUpdate to 9.1.1101:\n\n * insexpand.c hard to read\n * tests: Test_log_nonexistent only works on Linux\n * Update base-syntax, improve variable matching\n * Vim9: import with extends may crash\n * leaking memory with completing multi lines\n * --log with non-existent path causes a crash\n * if_perl: Perl 5.38 adds new symbols causing link failure\n * tests: matchparen plugin test wrongly named\n * Vim9: problem finding implemented method in type hierarchy\n * runtime(qf): Update syntax file, match second delimiter\n * tests: output of test ...win32_ctrl_z depends on python version\n * tests: fix expected return code for python 3.13 on Windows\n * tests: timeout might be a bit too small\n * tests: test_terminwscroll_topline2 unreliable\n * tests: No check when tests are run under Github actions\n * tests: plugin tests are named inconsistently\n * Vim9: import with extends may crash\n * completion doesn\u0027t work with multi lines\n * filetype: cmmt files are not recognized\n * Unable to persistently ignore events in a window and its buffers\n * improve syntax highlighting\n * setreg() doesn\u0027t correctly handle mbyte chars in blockwise mode\n * unexpected DCS responses may cause out of bounds reads\n * has(\u0027bsd\u0027) is true for GNU/Hurd\n * filetype: Mill files are not recognized\n * GUI late startup leads to uninitialized scrollbars\n * Add support for lz4 to tar \u0026 gzip plugin\n * Terminal ansi colors off by one after tgc reset\n * included syntax items do not understand contains=TOP\n * vim_strnchr() is strange and unnecessary\n * Vim9: len variable not used in compile_load()\n * runtime(vim): Update base-syntax, match :debuggreedy count prefix\n * Strange error when heredoc marker starts with \"trim\"\n * tests: test_compiler fails on Windows without Maven\n * \u0027diffopt\u0027 \"linematch\" cannot be used with {n} less than 10\n * args missing after failing to redefine a function\n * Cannot control cursor positioning of getchar()\n * preinsert text completions not deleted with \u003cC-W\u003e/\u003cC-U\u003e\n * getchar() can\u0027t distinguish between C-I and Tab\n * tests: Test_termwinscroll_topline2 fails on MacOS\n * heap-use-after-free and stack-use-after-scope with :14verbose\n * no digraph for \"Approaches the limit\"\n * not possible to use plural forms with gettext()\n * too many strlen() calls in userfunc.c\n * terminal: E315 when dragging the terminal with the mouse\n * runtime(openPlugin): fix unclosed parenthesis in GetWordUnderCursor()\n * runtime(doc): Tweak documentation style a bit\n * tests: test_glvs fails when unarchiver not available\n * Vim always enables \u0027termguicolors\u0027 in a terminal\n * completion: input text deleted with preinsert when adding leader\n * translation(sr): Missing Serbian translation for the tutor\n * Superfluous cleanup steps in test_ins_complete.vim\n * runtime(netrw): correct wrong version check\n * Vim doesn\u0027t highlight to be inserted text when completing\n * runtime(netrw): upstream snapshot of v176\n * runtime(dist/vim9): fix regressions in dist#vim9#Open\n * runtime(hyprlang): fix string recognition\n * make install fails because of a missing dependency\n * runtime(asm): add byte directives to syntax script\n * Vim doesn\u0027t work well with TERM=xterm-direct\n * runtime(filetype): commit 99181205c5f8284a3 breaks V lang detection\n * runtime: decouple Open and Launch commands and gx mapping from netrw\n * \"nosort\" enables fuzzy filtering even if \"fuzzy\" isn\u0027t in \u0027completeopt\u0027\n * runtime(just): fix typo in syntax file\n * runtime(filetype): Improve Verilog detection by checking for modules definition\n * tests: off-by-one error in CheckCWD in test_debugger.vim\n * tests: no support for env variables when running Vim in terminal\n * too many strlen() calls in os_unix.c\n * insert-completed items are always sorted\n * crash after scrolling and pasting in silent Ex mode\n * Makefiles uses non-portable syntax\n * fuzzymatching doesn\u0027t prefer matching camelcase\n * filetype: N-Tripels and TriG files are not recognized\n * Vim9: Patch 9.1.1014 causes regressions\n * translation(sr): Update Serbian messages translation\n\nUpdate to 9.1.1043:\n\n * [security]: segfault in win_line()\n * update helptags\n * filetype: just files are not recognized\n * Update base-syntax, match ternary and falsy operators\n * Vim9: out-of-bound access when echoing an enum\n * Vim9: imported type cannot be used as func return type\n * runtime(kconfig): updated ftplugin and syntax script\n * runtime(doc): rename last t_BG reference to t_RB\n * Vim9: comments are outdated\n * tests: test_channel.py fails with IPv6\n * runtime(vim): Update base-syntax, fix is/isnot operator matching\n * Vim9: confusing error when using abstract method via super\n * make install fails when using shadowdir\n * Vim9: memory leak with blob2str()\n * runtime(tex): add texEmphStyle to texMatchGroup in syntax script\n * runtime(netrw): upstream snapshot of v175\n * Vim9: compiling abstract method fails without return\n * runtime(c): add new constexpr keyword to syntax file (C23)\n * tests: shaderslang was removed from test_filetype erroneously\n * link error when FEAT_SPELL not defined\n * Coverity complains about insecure data handling\n * runtime(sh): update syntax script\n * runtime(c): Add missing syntax test files\n * filetype: setting bash filetype is backwards incompatible\n * runtime(c): Update syntax and ftplugin files\n * the installer can be improved\n * too many strlen() calls in screen.c\n * no sanitize check when running linematch\n * filetype: swc configuration files are not recognized\n * runtime(netrw): change netrw maintainer\n * wrong return type of blob2str()\n * blob2str/str2blob() do not support list of strings\n * runtime(doc): fix typo in usr_02.txt\n * Coverity complains about dereferencing NULL pointer\n * linematch option value not completed\n * string might be used without a trailing NUL\n * no way to get current selected item in a async context\n * filetype: fd ignore files are not recognized\n * v9.1.0743 causes regression with diff mode\n * runtime(doc): fix base64 encode/decode examples\n * Vim9: Patch 9.1.1013 causes a few problems\n * Not possible to convert string2blob and blob2string\n * Coverity complains about dereferencing NULL value\n * Vim9: variable not found in transitive import\n * runtime(colors): Update colorschemes, include new unokai colorscheme\n * runtime(lyrics): support milliseconds in syntax script\n * runtime(vim): Split Vim legacy and Vim9 script indent tests\n * Vim9: class interface inheritance not correctly working\n * popupmenu internal error with some abbr in completion item\n * filetype: VisualCode setting file not recognized\n * diff feature can be improved\n * filetype: various ignore are not recognized\n * tests: Load screendump files with \"git vimdumps\"\n * PmenuMatch completion highlight can be combined\n * completion text is highlighted even with no pattern found\n * tests: a few termdebug tests are flaky\n * [security]: heap-buffer-overflow with visual mode\n * runtime(doc): add package-\u003cname\u003e helptags for included packages\n * Vim9: unknown func error with interface declaring func var\n * runtime(filetype): don\u0027t detect string interpolation as angular\n * ComplMatchIns highlight hard to read on light background\n * runtime(vim): Update base-syntax, highlight literal string quote escape\n * runtime(editorconfig): set omnifunc to syntaxcomplete func\n * tests: ruby tests fail with Ruby 3.4\n * Vim9: leaking finished exception\n * runtime(tiasm): use correct syntax name tiasm in syntax script\n * filetype: TI assembly files are not recognized\n * too many strlen() calls in drawscreen.c\n * runtime(xf86conf): add section name OutputClass to syntax script\n * ComplMatchIns may highlight wrong text\n * runtime(vim): Update base-syntax, improve ex-bang matching\n * runtime(doc): clarify buffer deletion on popup_close()\n * filetype: shaderslang files are not detected\n * Vim9: not able to use comment after opening curly brace\n\nUpdate to 9.1.0993:\n\n * 9.1.0993: New \u0027cmdheight\u0027 behavior may be surprising\n * runtime(sh): fix typo in Last Change header\n * 9.1.0992: Vim9: double-free after v9.1.0988\n * 9.1.0991: v:stacktrace has wrong type in Vim9 script\n * runtime(sh): add PS0 to bashSpecialVariables in syntax script\n * runtime(vim): Remove trailing comma from match_words\n * runtime(zsh): sync syntax script with upstream repo\n * runtime(doc): Capitalise the mnemonic \"Zero\" for the \u0027z\u0027 flag of search()\n * 9.1.0990: Inconsistent behavior when changing cmdheight\n * 9.1.0989: Vim9: Whitespace after the final enum value causes a syntax error\n * runtime(java): Quietly opt out for unsupported markdown.vim versions\n * runtime(vim): fix failing vim syntax test\n * 9.1.0988: Vim9: no error when using uninitialized var in new()\n * runtime(doc): update index.txt\n * 9.1.0987: filetype: cake files are not recognized\n * 9.1.0986: filetype: \u0027jj\u0027 filetype is a bit imprecise\n * runtime(jj): Support diffs in jj syntax\n * runtime(vim): Update matchit pattern, no Vim9 short names\n * 9.1.0985: Vim9: some ex commands can be shortened\n * 9.1.0984: exception handling can be improved\n * runtime(doc): update doc for :horizontal\n * runtime(doc): update index.txt, windows.txt and version9.txt\n * runtime(doc): Tweak documentation about base64 function\n * runtime(chordpro): update syntax script\n * 9.1.0983: not able to get the displayed items in complete_info()\n * runtime(doc): use standard SGR format at :h xterm-true-color\n * 9.1.0982: TI linker files are not recognized\n * runtime(vim): update vim generator syntax script\n * 9.1.0981: tests: typo in test_filetype.vim\n * 9.1.0980: no support for base64 en-/decoding functions in Vim Script\n * syntax(sh): Improve the recognition of bracket expressions\n * runtime(doc): mention how NUL bytes are handled\n * 9.1.0979: VMS: type warning with $XDG_VIMRC_FILE\n * 9.1.0978: GUI tests sometimes fail when setting \u0027scroll\u0027 options\n * 9.1.0977: filetype: msbuild filetypes are not recognized\n * 9.1.0976: Vim9: missing return statement with throw\n * 9.1.0975: Vim9: interpolated string expr not working in object methods\n * 9.1.0974: typo in change of commit v9.1.0873\n * 9.1.0973: too many strlen() calls in fileio.c\n * runtime(sh): set shellcheck as the compiler for supported shells\n * runtime(doc): Fix enum example syntax\n * 9.1.0972: filetype: TI linker map files are not recognized\n * runtime(vim): Improve syntax script generator for Vim Script\n * 9.1.0971: filetype: SLNX files are not recognized\n * 9.1.0970: VMS: build errors on VMS architecture\n * runtime(doc): Fix documentation typos\n * runtime(doc): update for new keyprotocol option value (after v9.1.0969)\n * 9.1.0969: ghostty not using kitty protocol by default\n * 9.1.0968: tests: GetFileNameChecks() isn\u0027t fully sorted by filetype name\n * runtime(doc): update version9.txt for bash filetype\n * runtime(netrw): update last change header for #16265\n * runtime(doc): fix doc error in :r behaviour\n * 9.1.0967: SpotBugs compiler setup can be further improved\n * 9.1.0966: Vim9: :enum command can be shortened\n * runtime(compiler): include a basic bash syntax checker compiler\n * 9.1.0965: filetype: sh filetype set when detecting the use of bash\n * runtime(doc): clarify ARCH value for 32-bit in INSTALLpc.txt\n * 9.1.0963: fuzzy-matching does not prefer full match\n * 9.1.0962: filetype: bun.lock file is not recognized\n * runtime(vim): update indentation plugin for Vim script\n * runtime(doc): tweak documentation style in helphelp.txt\n * runtime(vim): Update base-syntax, allow parens in default arguments\n * runtime(doc): mention auto-format using clang-format for sound.c/sign.c\n * runtime(help): fix typo s/additional/arbitrary/\n * runtime(help): Add better support for language annotation highlighting\n * 9.1.0961: filetype: TI gel files are not recognized\n * 9.1.0960: filetype: hy history files are not recognized\n * translation(fi): Fix typoes in Finish menu translation\n * 9.1.0959: Coverity complains about type conversion\n * runtime(vim): Use supported syntax in indent tests\n * 9.1.0958: filetype: supertux2 config files detected as lisp\n * 9.1.0956: completion may crash, completion highlight wrong with preview window\n * 9.1.0955: Vim9: vim9compile.c can be further improved\n * runtime(doc): move help tag E1182\n * runtime(graphql): contribute vim-graphql to Vim core\n * 9.1.0954: popupmenu.c can be improved\n * 9.1.0953: filetype: APKBUILD files not correctly detected\n * 9.1.0952: Vim9: missing type checking for any type assignment\n * 9.1.0951: filetype: jshell files are not recognized\n * runtime(dockerfile): do not set commentstring in syntax script\n * 9.1.0950: filetype: fennelrc files are not recognized\n * runtime(netrw): do not double escape Vim special characters\n * git: ignore reformatting change of netrw plugin\n * runtime(netrw): more reformating #16248\n * runtime(doc): Add a note about handling symbolic links in starting.txt\n * 9.1.0949: popups inconsistently shifted to the left\n * git: ignore reformatting change of netrw plugin\n * runtime(netrw): change indent size from 1 to 2\n * 9.1.0948: Missing cmdline completion for :pbuffer\n * runtime(tutor): Reformat tutor1\n * 9.1.0947: short-description\n * 9.1.0946: cross-compiling fails on osx-arm64\n * 9.1.0945: ComplMatchIns highlight doesn\u0027t end after inserted text\n * translation(sv): re-include the change from #16240\n * 9.1.0944: tests: test_registers fails when not run under X11\n * 9.1.0943: Vim9: vim9compile.c can be further improved\n * runtime(doc): Update README and mention make check to verify\n * translation(sv): partly revert commit 98874dca6d0b60ccd6fc3a140b3ec\n * runtime(vim): update base-syntax after v9.1.0936\n * 9.1.0942: a few typos were found\n * 9.1.0941: ComplMatchIns doesn\u0027t work after multibyte chars\n * runtime(doc): Fix style in fold.txt\n * translation(sv): Fix typo in Swedish translation\n * 9.1.0940: Wrong cursor shape with \"gq\" and \u0027indentexpr\u0027 executes :normal\n * runtime(doc): fix some small errors\n * 9.1.0939: make installtutor fails\n * 9.1.0938: exclusive selection not respected when re-selecting block mode\n * 9.1.0937: test_undolist() is flaky\n * 9.1.0936: cannot highlight completed text\n * 9.1.0935: SpotBugs compiler can be improved\n * 9.1.0934: hard to view an existing buffer in the preview window\n * runtime(doc): document how to minimize fold computation costs\n * 9.1.0933: Vim9: vim9compile.c can be further improved\n * 9.1.0932: new Italian tutor not installed\n * runtime(doc): fix a few minor errors from the last doc updates\n * translation(it): add Italian translation for the interactive tutor\n * runtime(doc): update the change.txt help file\n * runtime(help): Add Vim lang annotation support for codeblocks\n * 9.1.0931: ml_get error in terminal buffer\n * 9.1.0930: tests: test_terminal2 may hang in GUI mode\n * 9.1.0929: filetype: lalrpop files are not recognized\n * 9.1.0928: tests: test_popupwin fails because the filter command fails\n * editorconfig: set trim_trailing_whitespace = false for src/testdir/test*.vim\n * 9.1.0927: style issues in insexpand.c\n * 9.1.0926: filetype: Pixi lock files are not recognized\n * runtime(doc): Add a reference to |++opt| and |+cmd| at `:h :pedit`\n * runtime(doc): add a note about inclusive motions and exclusive selection\n * 9.1.0925: Vim9: expression compiled when not necessary\n * 9.1.0923: too many strlen() calls in filepath.c\n * 9.1.0923: wrong MIN macro in popupmenu.c\n * 9.1.0921: popupmenu logic is a bit convoluted\n * 9.1.0920: Vim9: compile_assignment() too long\n * 9.1.0919: filetype: some assembler files are not recognized\n * runtime(netrw): do not pollute search history with symlinks\n * 9.1.0918: tiny Vim crashes with fuzzy buffer completion\n * 9.1.0917: various vartabstop and shiftround bugs when shifting lines\n * runtime(typst): add definition lists to formatlistpat, update maintainer\n * 9.1.0916: messages.c is exceeding 80 columns\n * runtime(proto): include filetype plugin for protobuf\n * 9.1.0915: GVim: default font size a bit too small\n * 9.1.0914: Vim9: compile_assignment() is too long\n * 9.1.0913: no error check for neg values for \u0027messagesopt\u0027\n * runtime(netrw): only check first arg of netrw_browsex_viewer for being executable\n * 9.1.0912: xxd: integer overflow with sparse files and -autoskip\n * 9.1.0911: Variable name for \u0027messagesopt\u0027 doesn\u0027t match short name\n * 9.1.0910: \u0027messagesopt\u0027 does not check max wait time\n * runtime(doc): update wrong Vietnamese localization tag\n * 9.1.0909: Vim9: crash when calling instance method\n\nUpdate to 9.1.0908:\n\n * 9.1.0908: not possible to configure :messages\n * 9.1.0907: printoptions:portrait does not change postscript Orientation\n * runtime(doc): Add vietnamese.txt to helps main TOC\n * 9.1.0906: filetype: Nvidia PTX files are not recognized\n * runtime(doc): updated version9.txt with changes from v9.1.0905\n * 9.1.0905: Missing information in CompleteDone event\n * 9.1.0904: Vim9: copy-paste error in class_defining_member()\n * 9.1.0903: potential overflow in spell_soundfold_wsal()\n * runtime(netrw): do not detach when launching external programs in gvim\n * runtime(doc): make tag alignment more consistent in filetype.txt\n * runtime(doc): fix wrong syntax and style of vietnamese.txt\n * translation(it): update Italian manpage for vimtutor\n * runtime(lua): add optional lua function folding\n * Filelist: include translations for Chapter 2 tutor\n * translation(vi): Update Vietnamese translation\n * runtime(doc): include vietnamese.txt\n * runtime(tutor): fix another typo in tutor2\n * runtime(doc): fix typo in vimtutor manpage\n * translation(it): update Italian manpage for vimtutor\n * translation(it): include Italian version of tutor chapter 2\n * runtime(tutor): regenerated some translated tutor1 files\n * runtime(tutor): fix typo in Chapter 2\n * 9.1.0902: filetype: Conda configuration files are not recognized\n * runtime(doc): Tweak documentation style a bit\n * runtime(tutor): update the tutor files and re-number the chapters\n * runtime(tutor): Update the makefiles for tutor1 and tutor2 files\n * 9.1.0901: MS-Windows: vimtutor batch script can be improved\n * runtime(doc): remove buffer-local completeopt todo item\n * 9.1.0900: Vim9: digraph_getlist() does not accept bool arg\n * runtime(typst): provide a formatlistpat in ftplugin\n * runtime(doc): Update documentation for \"noselect\" in \u0027completeopt\u0027\n * 9.1.0899: default for \u0027backspace\u0027 can be set in C code\n * runtime(helptoc): reload cached g:helptoc.shell_prompt when starting toc\n * translation(ru): Updated messages translation\n * 9.1.0898: runtime(compiler): pytest compiler not included\n * 9.1.0897: filetype: pyrex files are not detected\n * runtime(compiler): update eslint compiler\n * 9.1.0896: completion list wrong after v9.1.0891\n * runtime(doc): document changed default value for \u0027history\u0027\n * 9.1.0895: default history value is too small\n * 9.1.0894: No test for what the spotbug compiler parses\n * 9.1.0893: No test that undofile format does not regress\n * translation(de): update German manpages\n * runtime(compiler): include spotbugs Java linter\n * 9.1.0892: the max value of \u0027tabheight\u0027 is limited by other tabpages\n * runtime(po): remove poDiffOld/New, add po-format flags to syntax file\n * 9.1.0891: building the completion list array is inefficient\n * patch 9.1.0890: %! item not allowed for \u0027rulerformat\u0027\n * runtime(gzip): load undofile if there exists one\n * 9.1.0889: Possible unnecessary redraw after adding/deleting lines\n * 9.1.0888: leftcol property not available in getwininfo()\n * 9.1.0887: Wrong expression in sign.c\n * 9.1.0886: filetype: debian control file not detected\n * runtime(c3): include c3 filetype plugin\n * 9.1.0885: style of sign.c can be improved\n * 9.1.0884: gcc warns about uninitialized variable\n * runtime(apache): Update syntax directives for apache server 2.4.62\n * translation(ru): updated vimtutor translation, update MAINTAINERS file\n * 9.1.0883: message history cleanup is missing some tests\n * runtime(doc): Expand docs on :! vs. :term\n * runtime(netrw): Fixing powershell execution issues on Windows\n * 9.1.0882: too many strlen() calls in insexpand.c\n * 9.1.0881: GUI: message dialog may not get focus\n * runtime(netrw): update netrw\u0027s decompress logic\n * runtime(apache): Update syntax keyword definition\n * runtime(misc): add Italian LICENSE and (top-level) README file\n * 9.1.0880: filetype: C3 files are not recognized\n * runtime(doc): add helptag for :HelpToc command\n * 9.1.0879: source is not consistently formatted\n * Add clang-format config file\n * runtime(compiler): fix escaping of arguments passed to :CompilerSet\n * 9.1.0878: termdebug: cannot enable DEBUG mode\n * 9.1.0877: tests: missing test for termdebug + decimal signs\n * 9.1.0876: filetype: openCL files are not recognized\n * 9.1.0875: filetype: hyprlang detection can be improved\n * 9.1.0874: filetype: karel files are not detected\n * 9.1.0873: filetype: Vivado files are not recognized\n * 9.1.0872: No test for W23 message\n * 9.1.0871: getcellpixels() can be further improved\n * 9.1.0870: too many strlen() calls in eval.c\n * 9.1.0869: Problem: curswant not set on gm in folded line\n * 9.1.0868: the warning about missing clipboard can be improved\n * runtime(doc): Makefile does not clean up all temporary files\n * 9.1.0867: ins_compl_add() has too many args\n * editorconfig: don\u0027t trim trailing whitespaces in runtime/doc\n * translation(am): Remove duplicate keys in desktop files\n * runtime(doc): update helptags\n * runtime(filetype): remove duplicated *.org file pattern\n * runtime(cfg): only consider leading // as starting a comment\n * 9.1.0866: filetype: LLVM IR files are not recognized\n * 9.1.0865: filetype: org files are not recognized\n * 9.1.0864: message history is fixed to 200\n * 9.1.0863: getcellpixels() can be further improved\n * runtime(sh): better function support for bash/zsh in indent script\n * runtime(netrw): small fixes to netrw#BrowseX\n * 9.1.0862: \u0027wildmenu\u0027 not enabled by default in nocp mode\n * runtime(doc): update how to report issues for mac Vim\n * runtime(doc): mention option-backslash at :h CompilerSet\n * runtime(compiler): include a Java Maven compiler plugin\n * runtime(racket): update Racket runtime files\n * runtime(doc): improve indentation in examples for netrw-handler\n * runtime(doc): improve examples for netrw-handler functions\n * runtime(idris2): include filetype,indent+syntax plugins for (L)Idris2 + ipkg\n * runtime(doc): clarify the use of filters and external commands\n * 9.1.0861: Vim9: no runtime check for object member access of any var\n * runtime(compiler): update pylint linter\n * 9.1.0860: tests: mouse_shape tests use hard code sleep value\n * 9.1.0859: several problems with the GLVS plugin\n * 9.1.0858: Coverity complains about dead code\n * runtime(tar): Update tar.vim to support permissions\n * 9.1.0857: xxd: --- is incorrectly recognized as end-of-options\n * 9.1.0851: too many strlen() calls in getchar.c\n * 9.1.0850: Vim9: cannot access nested object inside objects\n * runtime(tex): extra Number highlighting causes issues\n * runtime(vim): Fix indent after :silent! function\n * 9.1.0849: there are a few typos in the source\n * runtime(netrw): directory symlink not resolved in tree view\n * runtime(doc): add a table of supported Operating Systems\n * runtime(tex): update Last Change header in syntax script\n * runtime(doc): fix typo in g:termdebug_config\n * runtime(vim): Update base-syntax, improve :normal highlighting\n * runtime(tex): add Number highlighting to syntax file\n * runtime(doc): Tweak documentation style a bit\n * 9.1.0848: if_lua: v:false/v:true are not evaluated to boolean\n * runtime(dune): use :setl instead of :set in ftplugin\n * runtime(termdebug): allow to use decimal signs\n * translation(it): Updated Italian vimtutor\n * runtime(compiler): improve cppcheck\n * git: git-blame-ignore-revs shown as an error on Github\n * 9.1.0847: tests: test_popupwin fails because of updated help file\n * 9.1.0846: debug symbols for xxd are not cleaned in Makefile\n * runtime(structurizr): Update structurizr syntax\n * runtime(8th): updated 8th syntax\n * runtime(doc): Add pi_tutor.txt to help TOC\n * runtime(compiler): add mypy and ruff compiler; update pylint linter\n * runtime(netrw): fix several bugs in netrw tree listing\n * runtime(netrw): prevent polluting the search history\n * 9.1.0845: vimtutor shell script can be improved\n * 9.1.0844: if_python: no way to pass local vars to python\n * 9.1.0843: too many strlen() calls in undo.c\n * runtime(doc): update default value for fillchars option\n * runtime(compiler): fix typo in cppcheck compiler plugin\n * runtime(doc): simplify vimtutor manpage a bit more\n * runtime(matchparen): Add matchparen_disable_cursor_hl config option\n * 9.1.0842: not checking for the sync() systemcall\n * 9.1.0841: tests: still preferring python2 over python3\n * 9.1.0840: filetype: idris2 files are not recognized\n * 9.1.0839: filetype: leo files are not recognized\n * runtime(cook): include cook filetype plugin\n * runtime(debversions): Update Debian versions\n * patch 9.1.0838: vimtutor is bash-specific\n * runtime(doc): add help specific modeline to pi_tutor.txt\n * Filelist: vimtutor chapter 2 is missing in Filelist\n * 9.1.0837: cross-compiling has some issues\n * runtime(vimtutor): Add a second chapter\n\n\n- update to 9.1.0836 \n * 9.1.0836: The vimtutor can be improved\n * 9.1.0835: :setglobal doesn\u0027t work properly for \u0027ffu\u0027 and \u0027tsrfu\u0027\n * 9.1.0834: tests: 2html test fails\n * 9.1.0833: CI: recent ASAN changes do not work for indent tests\n * 9.1.0832: :set doesn\u0027t work for \u0027cot\u0027 and \u0027bkc\u0027 after :setlocal\n * runtime(doc): update help-toc description\n * runtime(2html): Make links use color scheme colors in TOhtml\n * 9.1.0831: \u0027findexpr\u0027 can\u0027t be used as lambad or Funcref\n * Filelist: include helptoc package\n * runtime(doc): include a TOC Vim9 plugin\n * Filelist: ignore .git-blame-ignore-revs\n * 9.1.0830: using wrong highlight group for spaces for popupmenu\n * runtime(typst): synchronize updates from the upstream typst.vim\n * git: ignore reformatting commit for git-blame (after v9.1.0829)\n * 9.1.0829: Vim source code uses a mix of tabs and spaces\n * 9.1.0828: string_T struct could be used more often\n * 9.1.0827: CI: tests can be improved\n * runtime(doc): remove stray sentence in pi_netrw.txt\n * 9.1.0826: filetype: sway files are not recognized\n * runtime(doc): Include netrw-gp in TOC\n * runtime(doc): mention \u0027iskeyword\u0027 at :h charclass()\n * runtime(doc): update help tags\n * 9.1.0825: compile error for non-diff builds\n * runtime(netrw): fix E874 when browsing remote directory which contains `~` character\n * runtime(doc): update coding style documentation\n * runtime(debversions): Add plucky (25.04) as Ubuntu release name\n * 9.1.0824: too many strlen() calls in register.c\n * 9.1.0823: filetype: Zephyr overlay files not recognized\n * runtime(doc): Clean up minor formatting issues for builtin functions\n * runtime(netrw): make :Launch/Open autoloadable\n * runtime(netrw): fix regression with x mapping on Cygwin\n * runtime(netrw): fix filetype detection for remote files\n * 9.1.0822: topline might be changed in diff mode unexpectedly\n * CI: huge linux builds should also run syntax \u0026 indent tests\n * 9.1.0821: \u0027findexpr\u0027 completion doesn\u0027t set v:fname to cmdline argument\n * 9.1.0820: tests: Mac OS tests are too flaky\n * runtime(awk): Highlight more awk comments in syntax script\n * runtime(netrw): add missing change for s:redir()\n * 9.1.0819: tests: using findexpr and imported func not tested\n * runtime(netrw): improve netrw\u0027s open-handling further\n * runtime(netrw): fix syntax error in netrwPlugin.vim\n * runtime(netrw): simplify gx file handling\n * 9.1.0818: some global functions are only used in single files\n * 9.1.0817: termdebug: cannot evaluate expr in a popup\n * runtime(defaults): Detect putty terminal and switch to dark background\n * 9.1.0816: tests: not clear what tests cause asan failures\n * runtime(doc): Remove some completed items from todo.txt\n * 9.1.0815: \"above\" virtual text causes wrong \u0027colorcolumn\u0027 position\n * runtime(syntax-tests): tiny vim fails because of line-continuation\n * 9.1.0814: mapset() may remove unrelated mapping\n * 9.1.0813: no error handling with setglobal and number types\n * 9.1.0812: Coverity warns about dereferencing NULL ptr\n * 9.1.0811: :find expansion does not consider \u0027findexpr\u0027\n * 9.1.0810: cannot easily adjust the |:find| command\n * 9.1.0809: filetype: petalinux config files not recognized\n * 9.1.0808: Terminal scrollback doesn\u0027t shrink when decreasing \u0027termwinscroll\u0027\n * 9.1.0807: tests: having \u0027nolist\u0027 in modelines isn\u0027t always desired\n * 9.1.0806: tests: no error check when setting global \u0027briopt\u0027\n * 9.1.0805: tests: minor issues in gen_opt_test.vim\n * 9.1.0804: tests: no error check when setting global \u0027cc\u0027\n * 9.1.0803: tests: no error check when setting global \u0027isk\u0027\n * 9.1.0802: tests: no error check when setting global \u0027fdm\u0027 to empty value\n * 9.1.0801: tests: no error check when setting global \u0027termwinkey\u0027\n * 9.1.0800: tests: no error check when setting global \u0027termwinsize\u0027\n * runtime(doc): :ownsyntax also resets \u0027spelloptions\u0027\n * 9.1.0799: tests: gettwinvar()/gettabwinvar() tests are not comprehensive\n * runtime(doc): Fix wrong Mac default options\n * 9.1.0798: too many strlen() calls in cmdhist.c\n * 9.1.0797: testing of options can be further improved\n * 9.1.0796: filetype: libtool files are not recognized\n * (typst): add folding to typst ftplugin\n * runtime(netrw): deprecate and remove netrwFileHandlers#Invoke()\n * 9.1.0795: filetype: Vivado memory info file are not recognized\n * 9.1.0794: tests: tests may fail on Windows environment\n * runtime(doc): improve the :colorscheme documentation\n * 9.1.0793: xxd: -e does add one extra space\n * 9.1.0792: tests: Test_set_values() is not comprehensive enough\n * runtime(swayconfig): add flag for bindsym/bindcode to syntax script\n * 9.1.0791: tests: errors in gen_opt_test.vim are not shown\n * runtime(compiler): check for compile_commands in build dirs for cppcheck\n * 9.1.0790: Amiga: AmigaOS4 build should use default runtime (newlib)\n * runtime(help): Update help syntax\n * runtime(help): fix end of sentence highlight in code examples\n * runtime(jinja): Support jinja syntax as secondary filetype\n * 9.1.0789: tests: \u0027:resize + 5\u0027 has invalid space after \u0027+\u0027\n * 9.1.0788: \u003cCSI\u003e27;\u003cmod\u003eu is not decoded to literal Escape in kitty/foot\n * 9.1.0787: cursor position changed when using hidden terminal\n * 9.1.0786: tests: quickfix update test does not test location list\n * runtime(doc): add some docs for file-watcher programs\n * CI: uploading failed screendumps still fails on Cirrus CI\n * 9.1.0785: cannot preserve error position when setting quickfix list\n * 9.1.0784: there are several problems with python 3.13\n * 9.1.0783: \u0027spell\u0027 option setting has problems\n * 9.1.0782: tests: using wrong neomuttlog file name\n * runtime(doc): add preview flag to statusline example\n * 9.1.0781: tests: test_filetype fails\n * 9.1.0780: MS-Windows: incorrect Win32 error checking\n * 9.1.0779: filetype: neomuttlog files are not recognized\n * 9.1.0778: filetype: lf config files are not recognized\n * runtime(comment): fix commment toggle with mixed tabs \u0026 spaces\n * runtime(misc): Use consistent \"Vim script\" spelling\n * runtime(gleam): add ftplugin for gleam files\n * runtime(doc): link help-writing from write-local-help\n * 9.1.0777: filetype: Some upstream php files are not recognized\n * runtime(java): Define javaBlockStart and javaBlockOtherStart hl groups\n * runtime(doc): mention conversion rules for remote_expr()\n * runtime(tutor): Fix missing :s command in spanish translation section 4.4\n * 9.1.0776: test_strftime may fail because of missing TZ data\n * translation(am): Add Armenian language translation\n * 9.1.0775: tests: not enough tests for setting options\n * 9.1.0774: \"shellcmdline\" doesn\u0027t work with getcompletion()\n * 9.1.0773: filetype: some Apache files are not recognized\n * 9.1.0772: some missing changes from v9.1.0771\n * 9.1.0771: completion attribute hl_group is confusing\n * 9.1.0770: current command line completion is a bit limited\n * 9.1.0769: filetype: MLIR files are not recognized\n * 9.1.0768: MS-Windows: incorrect cursor position when restoring screen\n * runtime(nasm): Update nasm syntax script\n * 9.1.0767: A condition is always true in ex_getln.c\n * runtime(skill): Update syntax file to fix string escapes\n * runtime(help): highlight CTRL-\u003cKey\u003e correctly\n * runtime(doc): add missing usr_52 entry to toc\n * 9.1.0766: too many strlen() calls in ex_getln.c\n * runtime(doc): correct `vi` registers 1-9 documentation error\n * 9.1.0765: No test for patches 6.2.418 and 7.3.489\n * runtime(spec): set comments and commentstring options\n * NSIS: Include libgcc_s_sjlj-1.dll again\n * runtime(doc): clarify the effect of \u0027startofline\u0027 option\n * 9.1.0764: [security]: use-after-free when closing a buffer\n * runtime(vim): Update base-syntax file, improve class, enum and interface highlighting\n * 9.1.0763: tests: cannot run single syntax tests\n * 9.1.0762: \u0027cedit\u0027, \u0027termwinkey\u0027 and \u0027wildchar\u0027 may not be parsed correctly\n * 9.1.0761: :cd completion fails on Windows with backslash in path\n * 9.1.0760: tests: no error reported, if gen_opt_test.vim fails\n * 9.1.0759: screenpos() may return invalid position\n * runtime(misc): unset compiler in various ftplugins\n * runtime(doc): update formatting and syntax\n * runtime(compiler): add cppcheck linter compiler plugin\n * runtime(doc): Fix style in documents\n * runtime(doc): Fix to two-space convention in user manual\n * runtime(comment): consider \u0026tabstop in lines after whitespace indent\n * 9.1.0758: it\u0027s possible to set an invalid key to \u0027wildcharm\u0027\n * runtime(java): Manage circularity for every :syn-included syntax file\n * 9.1.0757: tests: messages files contains ANSI escape sequences\n * 9.1.0756: missing change from patch v9.1.0754\n * 9.1.0755: quickfix list does not handle hardlinks well\n * runtime(doc): \u0027filetype\u0027, \u0027syntax\u0027 and \u0027keymap\u0027 only allow alphanumeric + some characters\n * runtime(systemd): small fixes to \u0026keywordprg in ftplugin\n * CI: macos-12 runner is being sunset, switch to 13\n * 9.1.0754: fixed order of items in insert-mode completion menu\n * runtime(comment): commenting might be off by one column\n * 9.1.0753: Wrong display when typing in diff mode with \u0027smoothscroll\u0027\n * 9.1.0752: can set \u0027cedit\u0027 to an invalid value\n * runtime(doc): add `usr` tag to usr_toc.txt\n * 9.1.0751: Error callback for term_start() not used\n * 9.1.0750: there are some Win9x legacy references\n * runtime(java): Recognise the CommonMark form (///) of Javadoc comments\n * 9.1.0749: filetype: http files not recognized\n * runtime(comment): fix syntax error\n * CI: uploading failed screendump tests does not work Cirrus\n * 9.1.0748: :keep* commmands are sometimes misidentified as :k\n * runtime(indent): allow matching negative numbers for gnu indent config file\n * runtime(comment): add gC mapping to (un)comment rest of line\n * 9.1.0747: various typos in repo found\n * 9.1.0746: tests: Test_halfpage_longline() fails on large terminals\n * runtime(doc): reformat gnat example\n * runtime(doc): reformat ada_standard_types section\n * 9.1.0745: filetype: bun and deno history files not recognized\n * runtime(glvs): Correct the tag name of glvs-autoinstal\n * runtime(doc): include short form for :earlier/:later\n * runtime(doc): remove completed TODO\n * 9.1.0744: filetype: notmuch configs are not recognised\n * 9.1.0743: diff mode does not handle overlapping diffs correctly\n * runtime(glvs): fix a few issues\n * runtime(doc): Fix typo in :help :command-modifiers\n * 9.1.0742: getcmdprompt() implementation can be improved\n * runtime(docs): update `:set?` command behavior table\n * runtime(doc): update vim90 to vim91 in docs\n * runtime(doc): fix typo in :h dos-colors\n * 9.1.0741: No way to get prompt for input()/confirm()\n * runtime(doc): fix typo in version9.txt nrformat -\u003e nrformats\n * runtime(rmd,rrst): \u0027fex\u0027 option not properly restored\n * runtime(netrw): remove extraneous closing bracket\n * 9.1.0740: incorrect internal diff with empty file\n * 9.1.0739: [security]: use-after-free in ex_getln.c\n * runtime(filetype): tests: Test_filetype_detection() fails\n * runtime(dist): do not output a message if executable is not found\n * 9.1.0738: filetype: rapid files are not recognized\n * runtime(modconf): remove erroneous :endif in ftplugin\n * runtime(lyrics): support multiple timestamps in syntax script\n * runtime(java): Optionally recognise _module_ import declarations\n * runtime(vim): Update base-syntax, improve folding function matches\n * CI: upload failed screendump tests also for Cirrus\n * 9.1.0737: tests: screendump tests may require a bit more time\n * runtime(misc): simplify keywordprg in various ftplugins\n * runtime(java): Optionally recognise all primitive constants in _switch-case_ labels\n * runtime(zsh,sh): set and unset compiler in ftplugin\n * runtime(netrw): using inefficient highlight pattern for \u0027mf\u0027\n * 9.1.0736: Unicode tables are outdated\n * 9.1.0735: filetype: salt files are not recognized\n * 9.1.0734: filetype: jinja files are not recognized\n * runtime(zathurarc): add double-click-follow to syntax script\n * translation(ru): Updated messages translation\n * translation(it): updated xxd man page\n * translation(ru): updated xxd man page\n * 9.1.0733: keyword completion does not work with fuzzy\n * 9.1.0732: xxd: cannot use -b and -i together\n * runtime(java): Highlight javaConceptKind modifiers with StorageClass\n * runtime(doc): reword and reformat how to use defaults.vim\n * 9.1.0731: inconsistent case sensitive extension matching\n * runtime(vim): Update base-syntax, match Vim9 bool/null literal args to :if/:while/:return\n * runtime(netrw): delete confirmation not strict enough\n * 9.1.0730: Crash with cursor-screenline and narrow window\n * 9.1.0729: Wrong cursor-screenline when resizing window\n * 9.1.0728: [security]: heap-use-after-free in garbage collection with location list user data\n * runtime(doc): clarify the effect of the timeout for search()-functions\n * runtime(idlang): update syntax script\n * runtime(spec): Recognize epoch when making spec changelog in ftplugin\n * runtime(spec): add file triggers to syntax script\n * 9.1.0727: too many strlen() calls in option.c\n * runtime(make): add compiler/make.vim to reset compiler plugin settings\n * runtime(java): Recognise all available standard doclet tags\n * 9.1.0726: not using correct python3 API with dynamic linking\n * runtime(dosini): Update syntax script, spellcheck comments only\n * runtime(doc): Revert outdated comment in completeopt\u0027s fuzzy documentation\n * 9.1.0725: filetype: swiftinterface files are not recognized\n * runtime(pandoc): Update compiler plugin to use actual \u0027spelllang\u0027\n * runtime(groff): Add compiler plugin for groff\n * 9.1.0724: if_python: link error with python 3.13 and stable ABI\n * 9.1.0723: if_python: dynamic linking fails with python3 \u003e= 3.13\n * 9.1.0722: crash with large id in text_prop interface\n * 9.1.0721: tests: test_mksession does not consider XDG_CONFIG_HOME\n * runtime(glvs): update GetLatestVimScripts plugin\n * runtime(doc): Fix typo in :help :hide text\n * runtime(doc): buffers can be re-used\n * 9.1.0720: Wrong breakindentopt=list:-1 with multibyte or TABs\n * 9.1.0719: Resetting cell widths can make \u0027listchars\u0027 or \u0027fillchars\u0027 invalid\n * runtime(doc): Update version9.txt and mention $MYVIMDIR\n- Update to 9.1.0718:\n * v9.1.0718: hard to know the users personal Vim Runtime Directory\n * v9.1.0717: Unnecessary nextcmd NULL checks in parse_command_modifiers()\n Maintainers: fix typo in author name\n * v9.1.0716: resetting setcellwidth( doesn\u0027t update the screen\n runtime(hcl,terraform): Add runtime files for HCL and Terraform\n runtime(tmux): Update syntax script\n * v9.1.0715: Not correctly parsing color names (after v9.1.0709)\n * v9.1.0714: GuiEnter_Turkish test may fail\n * v9.1.0713: Newline causes E749 in Ex mode\n * v9.1.0712: missing dependency of Test_gettext_makefile\n * v9.1.0711: test_xxd may file when using different xxd\n * v9.1.0710: popup window may hide part of Command line\n runtime(vim): Update syntax, improve user-command matching\n * v9.1.0709: GUIEnter event not found in Turkish locale\n runtime(sudoers): improve recognized Runas_Spec and Tag_Spec items\n * v9.1.0708: Recursive window update does not account for reset skipcol\n runtime(nu): include filetype plugin\n * v9.1.0707: invalid cursor position may cause a crash\n * v9.1.0706: test_gettext fails when using shadow dir\n CI: Install locales-all package\n * v9.1.0705: Sorting of fuzzy filename completion is not stable\n translation(pt): update Portuguese/Brazilian menu translation\n runtime(vim): Update base-syntax, match bracket mark ranges\n runtime(doc): Update :help :command-complete list\n * v9.1.0704: inserting with a count is inefficient\n runtime(doc): use mkdir -p to save a command\n * v9.1.0703: crash with 2byte encoding and glob2regpat()\n runtime(hollywood): update syn highlight for If-Then statements\n and For-In-Loops\n * v9.1.0702: Patch 9.1.0700 broke CI\n * v9.1.0701: crash with NFA regex engine when searching for\n composing chars\n * v9.1.0700: crash with 2byte encoding and glob2regpat()\n * v9.1.0699: \"dvgo\" is not always an inclusive motion\n runtime(java): Provide support for syntax preview features\n * v9.1.0698: \"Untitled\" file not removed when running Test_crash1_3\n alone\n * v9.1.0697: heap-buffer-overflow in ins_typebuf\n * v9.1.0696: installing runtime files fails when using SHADOWDIR\n runtime(doc): fix typo\n * v9.1.0695: test_crash leaves Untitled file around\n translation(br): Update Brazilian translation\n translation(pt): Update menu_pt_br\n * v9.1.0694: matchparen is slow on a long line\n * v9.1.0693: Configure doesn\u0027t show result when not using python3\n stable abi\n * v9.1.0692: Wrong patlen value in ex_substitute()\n * v9.1.0691: stable-abi may cause segfault on Python 3.11\n runtime(vim): Update base-syntax, match :loadkeymap after colon and bar\n runtime(mane): Improve \u003cPlug\u003eManBS mapping\n * v9.1.0690: cannot set special highlight kind in popupmenu\n translation(pt): Revert and fix wrong Portuguese menu translation\n files\n translation(pt): revert Portuguese menu translation\n translation(br): Update Brazilian translations\n runtime(vim): Update base-syntax, improve :let-heredoc highlighting\n * v9.1.0689: buffer-overflow in do_search( with \u0027rightleft\u0027\n runtime(vim): Improve heredoc handling for all embedded scripts\n * v9.1.0688: dereferences NULL pointer in check_type_is_value()\n * v9.1.0687: Makefile may not install desktop files\n runtime(man): Fix \u003cPlug\u003eManBS\n runtime(java): Make the bundled \u0026foldtext function optional\n runtime(netrw): Change line on `mx` if command output exists\n runtime(netrw): Fix `mf`-selected entry highlighting\n runtime(htmlangular): add html syntax highlighting\n translation(it): Fix filemode of Italian manpages\n runtime(doc): Update outdated man.vim plugin information\n runtime(zip): simplify condition to detect MS-Windows\n * v9.1.0686: zip-plugin has problems with special characters\n runtime(pandoc): escape quotes in \u0026errorformat for pandoc\n translation(it): updated Italian manpage\n * v9.1.0685: too many strlen( calls in usercmd.c\n runtime(doc): fix grammar in :h :keeppatterns\n runtime(pandoc): refine pandoc compiler settings\n * v9.1.0684: completion is inserted on Enter with \"noselect\"\n translation(ru): update man pages\n * v9.1.0683: mode( returns wrong value with \u003cCmd\u003e mapping\n runtime(doc): remove trailing whitespace in cmdline.txt\n * v9.1.0682: Segfault with uninitialized funcref\n * v9.1.0681: Analyzing failed screendumps is hard\n runtime(doc): more clarification for the :keeppatterns needed\n * v9.1.0680: VMS does not have defined uintptr_t\n runtime(doc): improve typedchar documentation for KeyInputPre autocmd\n runtime(dist): verify that executable is in $PATH\n translation(it): update Italian manpages\n runtime(doc): clarify the effect of :keeppatterns after * v9.1.0677\n runtime(doc): update Makefile and make it portable between GNU and BSD\n * v9.1.0679: Rename from w_closing to w_locked is incomplete\n runtime(colors): update colorschemes\n runtime(vim): Update base-syntax, improve :let-heredoc highlighting\n runtime(doc): Updating the examples in the xxd manpage\n translation(ru): Updated uganda.rux\n runtime(yaml): do not re-indent when commenting out lines\n * v9.1.0678: use-after-free in alist_add()\n * v9.1.0677 :keepp does not retain the substitute pattern\n translation(ja): Update Japanese translations to latest release\n runtime(netrw): Drop committed trace lines\n runtime(netrw): Error popup not always used\n runtime(netrw): ErrorMsg( may throw E121\n runtime(tutor): update Makefile and make it portable between GNU and BSD\n translation: improve the po/cleanup.vim script\n runtime(lang): update Makefile and make it portable between GNU and BSD\n * v9.1.0676: style issues with man pages\n * v9.1.0675: Patch v9.1.0674 causes problems\n runtime(dosbatch): Show %%i as an argument in syntax file\n runtime(dosbatch): Add syn-sync to syntax file\n runtime(sql, mysql): fix E169: Command too recursive with\n sql_type_default = \"mysql\"\n * v9.1.0674: compiling abstract method fails because of missing return\n runtime(javascript): fix a few issues with syntax higlighting\n runtime(mediawiki): fix typo in doc, test for b:did_ftplugin var\n runtime(termdebug): Fix wrong test for balloon feature\n runtime(doc): Remove mentioning of the voting feature\n runtime(doc): add help tags for json + markdown global variables\n * v9.1.0673: too recursive func calls when calling super-class method\n runtime(syntax-tests): Facilitate the viewing of rendered screendumps\n runtime(doc): fix a few style issues\n * v9.1.0672: marker folds may get corrupted on undo\n * v9.1.0671 Problem: crash with WinNewPre autocommand\n * v9.1.0670: po file encoding fails on *BSD during make\n translation(it): Update Italian translation\n translation: Stop using msgconv\n * v9.1.0669: stable python ABI not used by default\n Update .gitignore and .hgignore files\n * v9.1.0668: build-error with python3.12 and stable ABI\n translations: Update generated po files\n * v9.1.0667: Some other options reset curswant unnecessarily when set\n * v9.1.0666: assert_equal( doesn\u0027t show multibyte string correctly\n runtime(doc): clarify directory of Vim\u0027s executable vs CWD\n * v9.1.0665 :for loop\n runtime(proto): Add indent script for protobuf filetype\n * v9.1.0664: console vim did not switch back to main screen on exit\n runtime(zip): zip plugin does not work with Vim 9.0\n * v9.1.0663: zip test still resets \u0027shellslash\u0027 option\n runtime(zip): use defer to restore old settings\n runtime(zip): add a generic Message function\n runtime(zip): increment base version of zip plugin\n runtime(zip): raise minimum Vim version to * v9.0\n runtime(zip): refactor save and restore of options\n runtime(zip): remove test for fnameescape\n runtime(zip): use :echomsg instead of :echo\n runtime(zip): clean up and remove comments\n * v9.1.0662: filecopy( may return wrong value when readlink( fails\n * v9.1.0661: the zip plugin is not tested.\n runtime(zip): Fix for FreeBSD\u0027s unzip command\n runtime(doc): capitalize correctly\n * v9.1.0660: Shift-Insert does work on old conhost\n translation(it): update Italian manpage\n runtime(lua): add/subtract a \u0027shiftwidth\u0027 after \u0027(\u0027/\u0027)\u0027 in indentexpr\n runtime(zip): escape \u0027[\u0027 on Unix as well\n * v9.1.0659: MSVC Makefile is a bit hard to read\n runtime(doc): fix typo in syntax.txt\n runtime(doc): -x is only available when compiled with crypt feature\n * v9.1.0658: Coverity warns about dereferencing NULL pointer.\n runtime(colors): update Todo highlight in habamax colorscheme\n * v9.1.0657: MSVC build time can be optimized\n * v9.1.0656: MSVC Makefile CPU handling can be improved\n * v9.1.0655: goaccess config file not recognized\n CI: update clang compiler to version 20\n runtime(netrw): honor `g:netrw_alt{o,v}` for `:{S,H,V}explore`\n * v9.1.0654: completion does not respect completeslash with fuzzy\n * v9.1.0653: Patch v9.1.0648 not completely right\n * v9.1.0652: too many strlen( calls in syntax.c\n * v9.1.0651 :append\n * v9.1.0650: Coverity warning in cstrncmp()\n * v9.1.0649: Wrong comment for \"len\" argument of call_simple_func()\n * v9.1.0648: [security] double-free in dialog_changed()\n * v9.1.0647: [security] use-after-free in tagstack_clear_entry\n runtime(doc): re-format tag example lines, mention ctags --list-kinds\n * v9.1.0646: imported function may not be found\n runtime(java): Document \"g:java_space_errors\" and \"g:java_comment_strings\"\n runtime(java): Cluster optional group definitions and their group links\n runtime(java): Tidy up the syntax file\n runtime(java): Tidy up the documentation for \"ft-java-syntax\"\n runtime(colors): update habamax scheme - tweak diff/search/todo colors\n runtime(nohlsearch): add missing loaded_hlsearch guard\n runtime(kivy): Updated maintainer info for syntax script\n Maintainers: Add maintainer for ondir ftplugin + syntax files\n runtime(netrw): removing trailing slash when copying files in same\n directory\n * v9.1.0645: wrong match when searching multi-byte char case-insensitive\n runtime(html): update syntax script to sync by 250 minlines by default\n * v9.1.0644: Unnecessary STRLEN( when applying mapping\n runtime(zip): Opening a remote zipfile don\u0027t work\n runtime(cuda): source c and cpp ftplugins\n * v9.1.0643: cursor may end up on invalid position\n * v9.1.0642: Check that mapping rhs starts with lhs fails if not\n simplified\n * v9.1.0641: OLE enabled in console version\n runtime(thrift): add ftplugin, indent and syntax scripts\n * v9.1.0640: Makefile can be improved\n * v9.1.0639: channel timeout may wrap around\n * v9.1.0638: E1510 may happen when formatting a message for smsg()\n * v9.1.0637: Style issues in MSVC Makefile\n- Update apparmor.vim to latest version (from AppArmor 4.0.2)\n - add support for \"all\" and \"userns\" rules, and new profile flags\n- Update to 9.1.0636:\n * 9.1.0636: filetype: ziggy files are not recognized\n * 9.1.0635: filetype: SuperHTML template files not recognized\n * 9.1.0634: Ctrl-P not working by default\n * 9.1.0633: Compilation warnings with `-Wunused-parameter`\n * 9.1.0632: MS-Windows: Compiler Warnings\n Add support for Files-Included in syntax script\n tweak documentation style a bit\n * 9.1.0631: wrong completion list displayed with non-existing dir + fuzzy completion\n * 9.1.0630: MS-Windows: build fails with VIMDLL and mzscheme\n * 9.1.0629: Rename of pum hl_group is incomplete\n * 9.1.0628: MinGW: coverage files are not cleaned up\n * 9.1.0627: MinGW: build-error when COVERAGE is enabled\n * 9.1.0626: Vim9: need more tests with null objects\n include initial filetype plugin\n * 9.1.0625: tests: test output all translated messages for all translations\n * 9.1.0624: ex command modifiers not found\n * 9.1.0623: Mingw: errors when trying to delete non-existing files\n * 9.1.0622: MS-Windows: mingw-build can be optimized\n * 9.1.0621: MS-Windows: startup code can be improved\n * 9.1.0620: Vim9: segfauls with null objects\n * 9.1.0619: tests: test_popup fails\n * 9.1.0618: cannot mark deprecated attributes in completion menu\n * 9.1.0617: Cursor moves beyond first line of folded end of buffer\n * 9.1.0616: filetype: Make syntax highlighting off for MS Makefiles\n * 9.1.0615: Unnecessary STRLEN() in make_percent_swname()\n Add single-line comment syntax\n Add syntax test for comments\n Update maintainer info\n * 9.1.0614: tests: screendump tests fail due to recent syntax changes\n * 9.1.0613: tests: termdebug test may fail and leave file around\n Update base-syntax, improve :set highlighting\n Optionally highlight the :: token for method references\n * 9.1.0612: filetype: deno.lock file not recognized\n Use delete() for deleting directory\n escape filename before trying to delete it\n * 9.1.0611: ambiguous mappings not correctly resolved with modifyOtherKeys\n correctly extract file from zip browser\n * 9.1.0610: filetype: OpenGL Shading Language files are not detected\n Fix endless recursion in netrw#Explore()\n * 9.1.0609: outdated comments in Makefile\n update syntax script\n Fix flow mapping key detection\n Remove orphaned YAML syntax dump files\n * 9.1.0608: Coverity warns about a few potential issues\n Update syntax script and remove syn sync\n * 9.1.0607: termdebug: uses inconsistent style\n * 9.1.0606: tests: generated files may cause failure in test_codestyle\n * 9.1.0605: internal error with fuzzy completion\n * 9.1.0604: popup_filter during Press Enter prompt seems to hang\n translation: Update Serbian messages translation\n * 9.1.0603: filetype: use correct extension for Dracula\n * 9.1.0602: filetype: Prolog detection can be improved\n fix more inconsistencies in assert function docs\n * 9.1.0601: Wrong cursor position with \u0027breakindent\u0027 when wide char doesn\u0027t fit\n Update base-syntax, improve :map highlighting\n * 9.1.0600: Unused function and unused error constants\n * 9.1.0599: Termdebug: still get E1023 when specifying arguments\n correct wrong comment options\n fix typo \"a xterm\" -\u003e \"an xterm\"\n * 9.1.0598: fuzzy completion does not work with default completion\n * 9.1.0597: KeyInputPre cannot get the (unmapped typed) key\n * 9.1.0596: filetype: devscripts config files are not recognized\n gdb file/folder check is now performed only in CWD.\n quote filename arguments using double quotes\n update syntax to SDC-standard 2.1\n minor updates.\n Cleanup :match and :loadkeymap syntax test files\n Update base-syntax, match types in Vim9 variable declarations\n * 9.1.0595: make errors out with the po Makefile\n * 9.1.0594: Unnecessary redraw when setting \u0027winfixbuf\u0027\n using wrong highlight for UTF-8\n include simple syntax plugin\n * 9.1.0593: filetype: Asymptote files are not recognized\n add recommended indent options to ftplugin\n add recommended indent options to ftplugin\n add recommended indent options to ftplugin\n * 9.1.0592: filetype: Mediawiki files are not recognized\n * 9.1.0591: filetype: *.wl files are not recognized\n * 9.1.0590: Vim9: crash when accessing getregionpos() return value\n \u0027cpoptions\u0027: Include \"z\" in the documented default\n * 9.1.0589: vi: d{motion} and cw work differently than expected\n update included colorschemes\n grammar fixes in options.txt\n- Update to 9.1.0588:\n * 9.1.0588: The maze program no longer compiles on newer clang\n runtime(typst): Add typst runtime files\n * 9.1.0587: tests: Test_gui_lowlevel_keyevent is still flaky\n * 9.1.0586: ocaml runtime files are outdated\n runtime(termdebug): fix a few issues\n * 9.1.0585: tests: test_cpoptions leaves swapfiles around\n * 9.1.0584: Warning about redeclaring f_id() non-static\n runtime(doc): Add hint how to load termdebug from vimrc\n runtime(doc): document global insert behavior\n * 9.1.0583: filetype: *.pdf_tex files are not recognized\n * 9.1.0582: Printed line doesn\u0027t overwrite colon when pressing Enter in Ex mode\n * 9.1.0581: Various lines are indented inconsistently\n * 9.1.0580: :lmap mapping for keypad key not applied when typed in Select mode\n * 9.1.0579: Ex command is still executed after giving E1247\n * 9.1.0578: no tests for :Tohtml\n * 9.1.0577: Unnecessary checks for v:sizeoflong in test_put.vim\n * 9.1.0576: tests: still an issue with test_gettext_make\n * 9.1.0575: Wrong comments in alt_tabpage()\n * 9.1.0574: ex: wrong handling of commands after bar\n runtime(doc): add a note for netrw bug reports\n * 9.1.0573: ex: no implicit print for single addresses\n runtime(vim): make \u0026indentexpr available from the outside\n * 9.1.0572: cannot specify tab page closing behaviour\n runtime(doc): remove obsolete Ex insert behavior\n * 9.1.0571: tests: Test_gui_lowlevel_keyevent is flaky\n runtime(logindefs): update syntax with new keywords\n * 9.1.0570: tests: test_gettext_make can be improved\n runtime(filetype): Fix Prolog file detection regex\n * 9.1.0569: fnamemodify() treats \"..\" and \"../\" differently\n runtime(mojo): include mojo ftplugin and indent script\n * 9.1.0568: Cannot expand paths from \u0027cdpath\u0027 setting\n * 9.1.0567: Cannot use relative paths as findfile() stop directories\n * 9.1.0566: Stop dir in findfile() doesn\u0027t work properly w/o trailing slash\n * 9.1.0565: Stop directory doesn\u0027t work properly in \u0027tags\u0027\n * 9.1.0564: id() can be faster\n * 9.1.0563: Cannot process any Key event\n * 9.1.0562: tests: inconsistency in test_findfile.vim\n runtime(fstab): Add missing keywords to fstab syntax\n * 9.1.0561: netbeans: variable used un-initialized (Coverity)\n * 9.1.0560: bindtextdomain() does not indicate an error\n * 9.1.0559: translation of vim scripts can be improved\n * 9.1.0558: filetype: prolog detection can be improved\n * 9.1.0557: moving in the buffer list doesn\u0027t work as documented\n runtime(doc): fix inconsistencies in :h file-searching\n * 9.1.0556: :bwipe doesn\u0027t remove file from jumplist of other tabpages\n runtime(htmlangular): correct comment\n * 9.1.0555: filetype: angular ft detection is still problematic\n * 9.1.0554: :bw leaves jumplist and tagstack data around\n * 9.1.0553: filetype: *.mcmeta files are not recognized\n * 9.1.0552: No test for antlr4 filetype\n * 9.1.0551: filetype: htmlangular files are not properly detected\n * 9.1.0550: filetype: antlr4 files are not recognized\n * 9.1.0549: fuzzycollect regex based completion not working as expected\n runtime(doc): autocmd_add() accepts a list not a dict\n * 9.1.0548: it\u0027s not possible to get a unique id for some vars\n runtime(tmux): Update syntax script\n * 9.1.0547: No way to get the arity of a Vim function\n * 9.1.0546: vim-tiny fails on CTRL-X/CTRL-A\n runtime(hlsplaylist): include hlsplaylist ftplugin file\n runtime(doc): fix typo in :h ft-csv-syntax\n runtime(doc): Correct shell command to get $VIMRUNTIME into\n shell\n * 9.1.0545: MSVC conversion warning\n * 9.1.0544: filetype: ldapconf files are not recognized\n runtime(cmakecache): include cmakecache ftplugin file\n runtime(lex): include lex ftplugin file\n runtime(yacc): include yacc ftplugin file\n runtime(squirrel): include squirrel ftplugin file\n runtime(objcpp): include objcpp ftplugin file\n runtime(tf): include tf ftplugin file\n runtime(mysql): include mysql ftplugin file\n runtime(javacc): include javacc ftplugin file\n runtime(cabal): include cabal ftplugin file\n runtime(cuda): include CUDA ftplugin file\n runtime(editorconfig): include editorconfig ftplugin file\n runtime(kivy): update kivy syntax, include ftplugin\n runtime(syntax-tests): Stop generating redundant \"*_* 99.dump\"\n files\n * 9.1.0543: Behavior of CursorMovedC is strange\n runtime(vim): Update base-syntax, improve :match command\n highlighting\n * 9.1.0542: Vim9: confusing string() output for object functions\n * 9.1.0541: failing test with Vim configured without channel\n * 9.1.0540: Unused assignment in sign_define_cmd()\n runtime(doc): add page-scrolling keys to index.txt\n runtime(doc): add reference to xterm-focus-event from\n FocusGained/Lost\n * 9.1.0539: Not enough tests for what v9.1.0535 fixed\n runtime(doc): clarify how to re-init csv syntax file\n * 9.1.0538: not possible to assign priority when defining a sign\n * 9.1.0537: signed number detection for CTRL-X/A can be improved\n * 9.1.0536: filetype: zone files are not recognized\n * 9.1.0535: newline escape wrong in ex mode\n runtime(man): honor cmd modifiers before `g:ft_man_open_mode`\n runtime(man): use `nnoremap` to map to Ex commands\n * 9.1.0534: completion wrong with fuzzy when cycling back to original\n runtime(syntax-tests): Abort and report failed cursor progress\n runtime(syntax-tests): Introduce self tests for screen dumping\n runtime(syntax-tests): Clear and redraw the ruler line with\n the shell info\n runtime(syntax-tests): Allow for folded and wrapped lines in\n syntax test files\n * 9.1.0533: Vim9: need more tests for nested objects equality\n CI: Pre-v* 9.0.0110 versions generate bogus documentation tag entries\n runtime(doc): Remove wrong help tag CTRL-SHIFT-CR\n * 9.1.0532: filetype: Cedar files not recognized\n runtime(doc): document further keys that scroll page up/down\n * 9.1.0531: resource leak in mch_get_random()\n runtime(tutor): Fix wrong spanish translation\n runtime(netrw): fix remaining case of register clobber\n * 9.1.0530: xxd: MSVC warning about non-ASCII character\n * 9.1.0529: silent! causes following try/catch to not work\n runtime(rust): use shiftwidth() in indent script\n * 9.1.0528: spell completion message still wrong in translations\n * 9.1.0527: inconsistent parameter in Makefiles for Vim executable\n * 9.1.0526: Unwanted cursor movement with pagescroll at start of buffer\n runtime(doc): mention $XDG_CONFIG_HOME instead of $HOME/.config\n * 9.1.0525: Right release selects immediately when pum is truncated.\n * 9.1.0524: the recursive parameter in the *_equal functions can be removed\n runtime(termdebug): Add Deprecation warnings\n * 9.1.0523: Vim9: cannot downcast an object\n * 9.1.0522: Vim9: string(object) hangs for recursive references\n * 9.1.0521: if_py: _PyObject_CallFunction_SizeT is dropped in Python 3.13\n * 9.1.0520: Vim9: incorrect type checking for modifying lists\n runtime(manpager): avoid readonly prompt\n * 9.1.0519: MS-Windows: libvterm compilation can be optimized\n * 9.1.0518: initialize the random buffer can be improved\n * 9.1.0517: MS-Windows: too long lines in Make_mvc.mak\n runtime(terraform): Add filetype plugin for terraform\n runtime(dockerfile): enable spellchecking of comments in\n syntax script\n runtime(doc): rename variable for pandoc markdown support\n runtime(doc): In builtin overview use {buf} as param for\n appendbufline/setbufline\n runtime(doc): clarify, that register 1-* 9 will always be shifted\n runtime(netrw): save and restore register 0-* 9, a and unnamed\n runtime(termdebug): Refactored StartDebug_term and EndDebug\n functions\n runtime(java): Compose \"g:java_highlight_signature\" and\n \"g:java_highlight_functions\"\n * 9.1.0516: need more tests for nested dicts and list comparision\n * 9.1.0515: Vim9: segfault in object_equal()\n * 9.1.0514: Vim9: issue with comparing objects recursively\n runtime(termdebug): Change some variables to Enums\n runtime(vim): Update base-syntax, fix function tail comments\n * 9.1.0513: Vim9: segfault with object comparison\n- Update to 9.1.0512:\n * Mode message for spell completion doesn\u0027t match allowed keys\n * CursorMovedC triggered wrongly with setcmdpos()\n * update runtime files\n * CI: test_gettext fails on MacOS14 + MSVC Win\n * not possible to translate Vim script messages\n * termdebug plugin can be further improved\n * add gomod filetype plugin\n * hard to detect cursor movement in the command line\n * Optionally highlight parameterised types\n * filetype: .envrc \u0026 .prettierignore not recognized\n * filetype: Faust files are not recognized\n * inner-tag textobject confused about \"\u003e\" in attributes\n * cannot use fuzzy keyword completion\n * Remove the group exclusion list from @javaTop\n * wrong return type for execute() function\n * MS-Windows: too much legacy code\n * too complicated mapping restore in termdebug\n * simplify mapping\n * cannot switch buffer in a popup\n * MS-Windows: doesn\u0027t handle symlinks properly\n * getcmdcompltype() interferes with cmdline completion\n * termdebug can be further improved\n * update htmldjango detection\n * Improve Turkish documentation\n * include a simple csv filetype and syntax plugin\n * include the the simple nohlsearch package\n * matched text is highlighted case-sensitively\n * Matched text isn\u0027t highlighted in cmdline pum\n * Fix typos in several documents\n * clarify when text properties are cleared\n * improve the vim-shebang example\n * revert unintended formatting changes for termdebug\n * Add a config variable for commonly used compiler options\n * Wrong matched text highlighted in pum with \u0027rightleft\u0027\n * bump length of character references in syntax script\n * properly check mapping variables using null_dict\n * fix KdlIndent and kdlComment in indent script\n * Test for patch 9.1.0489 doesn\u0027t fail without the fix\n * Fold multi-line comments with the syntax kind of \u0026fdm\n * using wrong type for PlaceSign()\n * filetype: Vim-script files not detected by shebang line\n * revert unintended change to zip#Write()\n * add another tag for vim-shebang feature\n * Cmdline pum doesn\u0027t work properly with \u0027rightleft\u0027\n * minor style problems with patch 9.1.0487\n * default completion may break with fuzzy\n * Wrong padding for pum \"kind\" with \u0027rightleft\u0027\n * Update base-syntax, match shebang lines\n * MS-Windows: handle files with spaces properly\n * Restore HTML syntax file tests\n * completed item not update on fuzzy completion\n * filetype: Snakemake files are not recognized\n * make TermDebugSendCommand() a global function again\n * close all buffers in the same way\n * Matched text shouldn\u0027t be highlighted in \"kind\" and \"menu\"\n * fix wrong helptag for :defer\n * Update base-syntax, match :sleep arg\n * include Georgian keymap\n * Sorting of completeopt+=fuzzy is not stable\n * correctly test for windows in NetrwGlob()\n * glob() on windows fails with [] in directory name\n * rewrite mkdir() doc and simplify {flags} meaning\n * glob() not sufficiently tested\n * update return type for job_info()\n * termdebug plugin needs more love\n * correct return types for job_start() and job_status()\n * Update base-syntax, match :catch and :throw args\n * Include element values in non-marker annotations\n * Vim9: term_getjob() throws an exception on error\n * fuzzy string matching executed when not needed\n * fuzzy_match_str_with_pos() does unnecessary list operations\n * restore description of \"$\" in col() and virtcol()\n * deduplicate getpos(), line(), col(), virtcol()\n * Update g:vimsyn_comment_strings dump file tests\n * Use string interpolation instead of string concat\n * potential deref of NULL pointer in fuzzy_match_str_with_pos\n * block_editing errors out when using \u003center\u003e\n * Update base-syntax, configurable comment string highlighting\n * fix typos in syntax.txt\n * Cannot see matched text in popup menu\n * Update base-syntax, match multiline continued comments\n * clarify documentation for \"v\" position at line()\n * cmod_split modifier is always reset in term_start()\n * remove line-continuation characters\n * use shiftwidth() instead of \u0026tabstop in indent script\n * Remove orphaned screen dump files\n * include syntax, indent and ftplugin files\n * CI: Test_ColonEight() fails on github runners\n * add missing Enabled field in syntax script\n * basic svelte ftplugin file\n * term_start() does not clear vertical modifier\n * fix mousemodel restoration by comparing against null_string\n * Added definitions of Vim scripts and plugins\n * Exclude lambda expressions from _when_ _switch-case_ label clauses\n * Fix saved_mousemodel check\n * Inconsistencies between functions for option flags\n * Crash when using autocmd_get() after removing event inside autocmd\n * Fix small style issues\n * add return type info for Vim function descriptions\n * Update Italian Vim manpage\n * disable the q mapping\n * Change \u0027cms\u0027 for C++ to \u0027// %s\u0027\n * fix type mismatch error\n * Fix wrong email address\n * convert termdebug plugin to Vim9 script\n- Update to 9.1.0470:\n * tests Test_ColonEight_MultiByte() fails sporadically\n * Cannot have buffer-local value for \u0027completeopt\u0027\n * GvimExt does not consult HKEY_CURRENT_USER\n * typos in some comments\n * runtime(vim): Update base-syntax, allow whitespace before\n :substitute pattern\n * Missing comments for fuzzy completion\n * runtime(man): update Vim manpage\n * runtime(comment): clarify the usage of \u0027commentstring\u0027 option\n value\n * runtime(doc): clarify how fuzzy \u0027completeopt\u0027 should work\n * runtime(netrw): prevent accidental data loss\n * missing filecopy() function\n * no whitespace padding in commentstring option in ftplugins\n * no fuzzy-matching support for insert-completion\n * eval5() and eval7 are too complex\n * too many strlen() calls in drawline.c\n * filetype lintstagedrc files are not recognized\n * Vim9 import autoload does not work with symlink\n * Coverity complains about division by zero\n * tests test_gui fails on Wayland\n * Left shift is incorrect with vartabstop and shiftwidth=0\n * runtime(doc): clarify \u0027shortmess\u0027 flag \"S\"\n * MS-Windows compiler warning for size_t to int conversion\n * runtime(doc): include some vim9 script examples in the help\n * minor issues in test_filetype with rasi test\n * filetype rasi files are not recognized\n * runtime(java): Improve the matching of lambda expressions\n * Configure checks for libelf unnecessarily\n * No test for escaping \u0027\u003c\u0027 with shellescape()\n * check.vim complains about overlong comment lines\n * translation(it): Update Italian translation\n * evalc. code too complex\n * MS-Windows Compiler warnings \n- Update to 9.1.0448:\n * compiler warning in eval.c\n * remove remaining css code\n * Add ft_hare.txt to Reference Manual TOC\n * re-generate vim syntax from generator\n * fix syntax vim bug\n * completion may be wrong when deleting all chars\n * getregionpos() inconsistent for partly-selected multibyte char\n * fix highlighting nested and escaped quotes in string props\n * remove the indent plugin since it has too many issues\n * update Debian runtime files\n * Coverity warning after 9.1.0440\n * Not enough tests for getregion() with multibyte chars\n * Can\u0027t use blockwise selection with width for getregion()\n * update outdated syntax files\n * fix floating_modifier highlight\n * hare runtime files outdated\n * getregionpos() can\u0027t properly indicate positions beyond eol\n * function get_lval() is too long\n * Cannot filter the history\n * Wrong Ex command executed when :g uses \u0027?\u0027 as delimiter\n * support floating_modifier none; revert broken highlighting\n * Motif requires non-const char pointer for XPM data\n * Crash when using \u0027?\u0027 as separator for :s\n * filetype: cygport files are not recognized\n * make errors trying to access autoload/zig\n * Wrong yanking with exclusive selection and ve=all\n * add missing help tags file\n * Ancient XPM preprocessor hack may cause build errors\n * include basic rescript ftplugin file\n * eval.c is too long\n * getregionpos() doesn\u0027t handle one char selection\n * check for gdb file/dir before using as buffer name\n * refactor zig ftplugin, remove auto format\n * Coverity complains about eval.c refactor\n * Tag guessing leaves wrong search history with very short names\n * some issues with termdebug mapping test\n * update matchit plugin to v1.20\n * too many strlen() calls in search.c\n * set commentstring option\n * update vb indent plugin as vim9script\n * filetype: purescript files are not recognized\n * filetype: slint files are not recognized\n * basic nim ftplugin file for comments \n * Add Arduino ftplugin and indent files \n * include basic typst ftplugin file \n * include basic prisma ftplugin file \n * include basic v ftplugin for comment support \n * getregionpos() wrong with blockwise mode and multibyte\n * function echo_string_core() is too long\n * hyprlang files are not recognized\n * add basic dart ftplugin file\n * basic ftplugin file for graphql\n * mention comment plugin at :h \u0027commentstring\u0027\n * set commentstring for sql files in ftplugin\n * :browse oldfiles prompts even with single entry\n * eval.c not sufficiently tested\n * clarify why E195 is returned\n * clarify temporary file clean up\n * fix :NoMatchParen not working \n * Cannot move to previous/next rare word\n * add basic ftplugin file for sshdconfig \n * if_py: find_module has been removed in Python 3.12.0a7\n * some screen dump tests can be improved\n * Some functions are not tested\n * clarify instal instructions for comment package\n * Unable to leave long line with \u0027smoothscroll\u0027 and \u0027scrolloff\u0027\n * fix typo in vim9script help file \n * Remove trailing spaces \n * clarify {special} argument for shellescape()\n\nupdate to 9.1.0413:\n\n * smoothscroll may cause infinite loop\n * add missing entries for the keys CTRL-W g\u003cTab\u003e and \u003cC-Tab\u003e\n * update vi_diff.txt: add default value for \u0027flash\u0027\n * typo in regexp_bt.c in DEBUG code\n * allow indented commands \n * Fix wrong define regex in ftplugin \n * Filter out non-Latin-1 characters for syntax tests \n * prefer scp over pscp\n * fix typo in usr_52.txt\n * too long functions in eval.c\n * warning about uninitialized variable\n * too many strlen() calls in the regexp engine\n * E16 fix, async keyword support for define \n * Stuck with long line and half-page scrolling\n * Divide by zero with getmousepos() and \u0027smoothscroll\u0027\n * update and remove some invalid links\n * update translation of xxd manpage\n * Recursively delete directories by default with netrw delete command\n * Strive to remain compatible for at least Vim 7.0 \n * tests: xxd buffer overflow fails on 32-bit\n * Stop handpicking syntax groups for @javaTop \n * [security] xxd: buffer-overflow with specific flags\n * Vim9: not able to import file from start dir\n * filetype: mdd files detected as zsh filetype\n * filetype: zsh module files are not recognized\n * Remove hardcoded private.ppk logic from netrw\n * Vim9: confusing error message for unknown type\n * block_editing errors out when using del\n * add new items to scripts section in syntax plugin\n * Vim9: imported vars are not properly type checked\n * Wrong display with \u0027smoothscroll\u0027 when changing quickfix list\n * filetype: jj files are not recognized\n * getregionpos() may leak memory on error\n * The CODEOWNERS File is not useful\n * Remove and cleanup Win9x legacy from netrw\n * add MsgArea to \u0027highlight\u0027 option description\n * Cannot get a list of positions describing a region\n * Fix digit separator in syntax script for octals and floats\n * Update link to Wikipedia Vi page\n * clear $MANPAGER in ftplugin before shelling out\n * Fix typos in help documents\n * \u0027viewdir\u0027 not respecting $XDG_CONFIG_HOME\n * tests: Vim9 debug tests may be flaky\n * correct getscriptinfo() example \n * Vim9: could improve testing\n * test_sound fails on macos-12 \n * update Serbian menu\n * update Slovak menu\n * update Slovenian menu\n * update Portuguese menu\n * update Dutch menu\n * update Korean menu\n * update Icelandic menu\n * update Czech menu\n * update Afrikaans menu\n * update German menu\n * filetype: inko files are not recognized\n * filetype: templ files are not recognized\n * cursor() and getregion() don\u0027t handle v:maxcol well\n * Vim9: null value tests not sufficient\n * update Catalan menu\n * filetype: stylus files not recognized\n * update spanish menu localization\n * regenerate helptags \n * Vim9: crash with null_class and null_object\n * Add tags about lazyloading of menu \n * tests: vt420 terminfo entry may not be found\n * filetype: .out files recognized as tex files\n * filetype: Kbuild files are not recognized\n * cbuffer and similar commands don\u0027t accept a range\n * Improve the recognition of the \"indent\" method declarations \n * Fix a typo in usr_30.txt\n * remove undefined var s:save_cpoptions and add include setting\n * missing setlocal in indent plugin \n * Calculating line height for unnecessary amount of lines\n * improve syntax file performance \n * There are a few typos\n * Vim9: no comments allowed after class vars\n * CI: remove trailing white space in documentation\n * Formatting text wrong when \u0027breakindent\u0027 is set\n * Add oracular (24.10) as Ubuntu release name\n * Vim9: Trailing commands after class/enum keywords ignored\n * tests: 1-second delay after Test_BufEnter_botline()\n * update helptags for jq syntax \n * include syntax, ftplugin and compiler plugin\n * fix typo synconcealend -\u003e synconcealed \n * include a simple comment toggling plugin\n * wrong botline in BufEnter\n * clarify syntax vs matching mechanism\n * fix undefined variable in indent plugin\n * ops.c code uses too many strlen() calls\n * Calling CLEAR_FIELD() on the same struct twice\n * Vim9: compile_def_function() still too long\n * Update Serbian messages \n * clarify the effect of setting the shell to powershell\n * Improve the recognition of the \"style\" method declarations\n * Vim9: problem when importing autoloaded scripts\n * compile_def_function is too long\n * filetype: ondir files are not recognized\n * Crash when typing many keys with D- modifier\n * tests: test_vim9_builtin is a bit slow\n * update documentation\n * change the download URL of \"libsodium\" \n * tests: test_winfixbuf is a bit slow\n * Add filetype, syntax and indent plugin for Astro\n * expanding rc config files does not work well\n * Vim9: vim9type.c is too complicated\n * Vim9: does not handle autoloaded variables well\n * minor spell fix in starting.txt\n * wrong drawing in GUI with setcellwidth()\n * Add include and suffixesadd\n * Page scrolling should place cursor at window boundaries\n * align command line table\n * minor fixes to starting.txt\n * fix comment definition in filetype plugin \n * filetype: flake.lock files are not recognized\n * runtime(uci): No support for uci file types\n * Support \"g:ftplugin_java_source_path\" with archived files\n * tests: Test_autoload_import_relative_compiled fails on Windows\n * Finding cmd modifiers and cmdline-specials is inefficient\n * No test that completing a partial mapping clears \u0027showcmd\u0027\n * tests: test_vim9_dissamble may fail\n * Vim9: need static type for typealias\n * X11 does not ignore smooth scroll event\n * A few typos in test_xdg when testing gvimrc\n * Patch v9.1.0338 fixed sourcing a script with import\n * Problem: gvimrc not sourced from XDG_CONFIG_HOME\n * Cursor wrong after using setcellwidth() in terminal\n * \u0027showcmd\u0027 wrong for partial mapping with multibyte\n * tests: test_taglist fails when \u0027helplang\u0027 contains non-english\n * Problem: a few memory leaks are found\n * Problem: Error with matchaddpos() and empty list\n * tests: xdg test uses screen dumps\n * Vim9: import through symlinks not correctly handled\n * Missing entry for XDG vimrc file in :version\n * tests: typo in test_xdg\n * runtime(i3config/swayconfig): update syntax scripts\n * document pandoc compiler and enable configuring arguments\n * String interpolation fails for List type\n * No test for highlight behavior with \u0027ambiwidth\u0027\n * tests: test_xdg fails on the appimage repo\n * tests: some assert_equal() calls have wrong order of args\n * make install does not install all files\n * runtime(doc): fix typos in starting.txt\n- Updated to version 9.1 with patch level 0330, fixes the following problems\n * Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1\n\nFor the complete list of changes see https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-217",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20128-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20128-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520128-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20128-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021203.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220763",
"url": "https://bugzilla.suse.com/1220763"
},
{
"category": "self",
"summary": "SUSE Bug 1229238",
"url": "https://bugzilla.suse.com/1229238"
},
{
"category": "self",
"summary": "SUSE Bug 1229685",
"url": "https://bugzilla.suse.com/1229685"
},
{
"category": "self",
"summary": "SUSE Bug 1229822",
"url": "https://bugzilla.suse.com/1229822"
},
{
"category": "self",
"summary": "SUSE Bug 1230078",
"url": "https://bugzilla.suse.com/1230078"
},
{
"category": "self",
"summary": "SUSE Bug 1231373",
"url": "https://bugzilla.suse.com/1231373"
},
{
"category": "self",
"summary": "SUSE Bug 1235695",
"url": "https://bugzilla.suse.com/1235695"
},
{
"category": "self",
"summary": "SUSE Bug 1236151",
"url": "https://bugzilla.suse.com/1236151"
},
{
"category": "self",
"summary": "SUSE Bug 1237137",
"url": "https://bugzilla.suse.com/1237137"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43374 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43802 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45306 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45306/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47814 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1215 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22134 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-24014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-24014/"
}
],
"title": "Security update for vim",
"tracking": {
"current_release_date": "2025-02-25T13:12:31Z",
"generator": {
"date": "2025-02-25T13:12:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20128-1",
"initial_release_date": "2025-02-25T13:12:31Z",
"revision_history": [
{
"date": "2025-02-25T13:12:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "vim-small-9.1.1101-1.1.aarch64",
"product": {
"name": "vim-small-9.1.1101-1.1.aarch64",
"product_id": "vim-small-9.1.1101-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "vim-data-common-9.1.1101-1.1.noarch",
"product": {
"name": "vim-data-common-9.1.1101-1.1.noarch",
"product_id": "vim-data-common-9.1.1101-1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "vim-small-9.1.1101-1.1.s390x",
"product": {
"name": "vim-small-9.1.1101-1.1.s390x",
"product_id": "vim-small-9.1.1101-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "vim-small-9.1.1101-1.1.x86_64",
"product": {
"name": "vim-small-9.1.1101-1.1.x86_64",
"product_id": "vim-small-9.1.1101-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-data-common-9.1.1101-1.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch"
},
"product_reference": "vim-data-common-9.1.1101-1.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64"
},
"product_reference": "vim-small-9.1.1101-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x"
},
"product_reference": "vim-small-9.1.1101-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vim-small-9.1.1101-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
},
"product_reference": "vim-small-9.1.1101-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43374"
}
],
"notes": [
{
"category": "general",
"text": "The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autocommand the buffer that was just opened is closed (including the window where it is shown), this causes the window structure to be freed which contains a reference to the argument list that we are actually modifying. Once the autocommands are completed, the references to the window and argument list are no longer valid and as such cause an use-after-free. Impact is low since the user must either intentionally add some unusual autocommands that wipe a buffer during creation (either manually or by sourcing a malicious plugin), but it will crash Vim. The issue has been fixed as of Vim patch v9.1.0678.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43374",
"url": "https://www.suse.com/security/cve/CVE-2024-43374"
},
{
"category": "external",
"summary": "SUSE Bug 1229238 for CVE-2024-43374",
"url": "https://bugzilla.suse.com/1229238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-25T13:12:31Z",
"details": "moderate"
}
],
"title": "CVE-2024-43374"
},
{
"cve": "CVE-2024-43790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43790"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed. This happens by allocating a new buffer. If the search pattern contains some ASCII NUL characters, the buffer allocated will be smaller than the original allocated buffer (because for allocating the reversed buffer, the strlen() function is called, which only counts until it notices an ASCII NUL byte ) and thus the original length indicator is wrong. This causes an overflow when accessing characters inside the msgbuf by the previously (now wrong) length of the msgbuf. The issue has been fixed as of Vim patch v9.1.0689.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43790",
"url": "https://www.suse.com/security/cve/CVE-2024-43790"
},
{
"category": "external",
"summary": "SUSE Bug 1229685 for CVE-2024-43790",
"url": "https://bugzilla.suse.com/1229685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-25T13:12:31Z",
"details": "moderate"
}
],
"title": "CVE-2024-43790"
},
{
"cve": "CVE-2024-43802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43802"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It\u0027s not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43802",
"url": "https://www.suse.com/security/cve/CVE-2024-43802"
},
{
"category": "external",
"summary": "SUSE Bug 1229822 for CVE-2024-43802",
"url": "https://bugzilla.suse.com/1229822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-25T13:12:31Z",
"details": "moderate"
}
],
"title": "CVE-2024-43802"
},
{
"cve": "CVE-2024-45306",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45306"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of\na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at\nthe specified cursor position. It\u0027s not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That\u0027s why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45306",
"url": "https://www.suse.com/security/cve/CVE-2024-45306"
},
{
"category": "external",
"summary": "SUSE Bug 1230078 for CVE-2024-45306",
"url": "https://bugzilla.suse.com/1230078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-25T13:12:31Z",
"details": "moderate"
}
],
"title": "CVE-2024-45306"
},
{
"cve": "CVE-2024-47814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47814"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source, command line text editor. A use-after-free was found in Vim \u003c 9.1.0764. When closing a buffer (visible in a window) a BufWinLeave auto command can cause an use-after-free if this auto command happens to re-open the same buffer in a new split window. Impact is low since the user must have intentionally set up such a strange auto command and run some buffer unload commands. However this may lead to a crash. This issue has been addressed in version 9.1.0764 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47814",
"url": "https://www.suse.com/security/cve/CVE-2024-47814"
},
{
"category": "external",
"summary": "SUSE Bug 1231373 for CVE-2024-47814",
"url": "https://bugzilla.suse.com/1231373"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-25T13:12:31Z",
"details": "low"
}
],
"title": "CVE-2024-47814"
},
{
"cve": "CVE-2025-1215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1215"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1215",
"url": "https://www.suse.com/security/cve/CVE-2025-1215"
},
{
"category": "external",
"summary": "SUSE Bug 1237137 for CVE-2025-1215",
"url": "https://bugzilla.suse.com/1237137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-25T13:12:31Z",
"details": "low"
}
],
"title": "CVE-2025-1215"
},
{
"cve": "CVE-2025-22134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22134"
}
],
"notes": [
{
"category": "general",
"text": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won\u0027t try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22134",
"url": "https://www.suse.com/security/cve/CVE-2025-22134"
},
{
"category": "external",
"summary": "SUSE Bug 1235695 for CVE-2025-22134",
"url": "https://bugzilla.suse.com/1235695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-25T13:12:31Z",
"details": "moderate"
}
],
"title": "CVE-2025-22134"
},
{
"cve": "CVE-2025-24014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-24014"
}
],
"notes": [
{
"category": "general",
"text": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn\u0027t show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn\u0027t been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-24014",
"url": "https://www.suse.com/security/cve/CVE-2025-24014"
},
{
"category": "external",
"summary": "SUSE Bug 1236151 for CVE-2025-24014",
"url": "https://bugzilla.suse.com/1236151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:vim-data-common-9.1.1101-1.1.noarch",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.aarch64",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.s390x",
"SUSE Linux Micro 6.0:vim-small-9.1.1101-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-25T13:12:31Z",
"details": "moderate"
}
],
"title": "CVE-2025-24014"
}
]
}
fkie_cve-2024-43802
Vulnerability from fkie_nvd
Published
2024-08-26 19:15
Modified
2024-11-21 09:35
Severity ?
Summary
Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It's not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the typebuf variable to point outside of the valid buffer size, which can then later lead to a heap-buffer overflow in e.g. ins_typebuf(). Therefore, when flushing the typeahead buffer, check if there is enough space left before advancing the off position. If not, fall back to flush current typebuf contents. It\u0027s not quite clear yet, what can lead to this situation. It seems to happen when error messages occur (which will cause Vim to flush the typeahead buffer) in comnination with several long mappgins and so it may eventually move the off position out of a valid buffer size. Impact is low since it is not easily reproducible and requires to have several mappings active and run into some error condition. But when this happens, this will cause a crash. The issue has been fixed as of Vim patch v9.1.0697. Users are advised to upgrade. There are no known workarounds for this issue."
},
{
"lang": "es",
"value": "Vim es una versi\u00f3n mejorada del editor de texto Unix VI. Al vaciar el b\u00fafer de escritura anticipada, Vim mueve la posici\u00f3n actual en el b\u00fafer de escritura anticipada pero no verifica si queda suficiente espacio en el b\u00fafer para manejar los siguientes caracteres. Por lo tanto, esto puede llevar a que la posici\u00f3n tb_off dentro de la variable typebuf apunte fuera del tama\u00f1o de b\u00fafer v\u00e1lido, lo que luego puede provocar un desbordamiento del b\u00fafer de mont\u00f3n, por ejemplo, en ins_typebuf(). Por lo tanto, al vaciar el b\u00fafer de escritura anticipada, verifique si queda suficiente espacio antes de avanzar a la posici\u00f3n de apagado. De lo contrario, recurra para vaciar el contenido actual de Typebuf. A\u00fan no est\u00e1 del todo claro qu\u00e9 puede conducir a esta situaci\u00f3n. Parece suceder cuando aparecen mensajes de error (lo que har\u00e1 que Vim vac\u00ede el b\u00fafer de escritura anticipada) en combinaci\u00f3n con varios mappgins largos y, por lo tanto, eventualmente puede mover la posici\u00f3n de apagado fuera de un tama\u00f1o de b\u00fafer v\u00e1lido. El impacto es bajo ya que no es f\u00e1cilmente reproducible y requiere tener varias asignaciones activas y ejecutar alguna condici\u00f3n de error. Pero cuando esto sucede, provocar\u00e1 un bloqueo. El problema se solucion\u00f3 a partir del parche Vim v9.1.0697. Se recomienda a los usuarios que actualicen. No se conocen workarounds para este problema."
}
],
"id": "CVE-2024-43802",
"lastModified": "2024-11-21T09:35:53.910",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.4,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-08-26T19:15:07.943",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/vim/vim/commit/322ba9108612bead5eb"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20241004-0008/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…