Vulnerability CVE-2023-0049: Information

Description

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-0049

Published: Jan. 4, 2023

Modified: Nov. 7, 2023

Error type identifier: CWE-125

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
vim	sisyphus	9.0.1174-alt1	9.1.0050-alt4	ALT-PU-2023-1031-1	313181	Fixed
vim	sisyphus_e2k	9.0.1174-alt1	9.1.0050-alt3	ALT-PU-2023-2168-1	-	Fixed
vim	sisyphus_riscv64	9.0.1174-alt1	9.1.0050-alt4	ALT-PU-2023-2224-1	-	Fixed
vim	p10	9.0.1174-alt1	9.1.0050-alt3	ALT-PU-2023-1098-1	313277	Fixed
vim	p10_e2k	9.0.1174-alt1	9.1.0050-alt3	ALT-PU-2023-2279-1	-	Fixed
vim	c10f1	9.0.1174-alt1	9.1.0050-alt2	ALT-PU-2023-1098-1	313277	Fixed
vim	c9f2	9.0.1174-alt1	9.1.0050-alt2	ALT-PU-2023-1092-1	313276	Fixed
vim	p11	9.0.1174-alt1	9.1.0050-alt3	ALT-PU-2023-1031-1	313181	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://github.com/vim/vim/commit/7b17eb4b063a234376c1ec909ee293e42cff290c	Patch Third Party Advisory
https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9	Exploit Third Party Advisory
https://support.apple.com/kb/HT213670
20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3
GLSA-202305-16
FEDORA-2023-0f6a9433cf
FEDORA-2023-208f2107d5

Affected configurations:
1. Configuration 1
  cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*
  End excliding
  9.0.1143
  
  Configuration 2
  cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
  cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla

Version: v24.5.3