First published: Thu Nov 16 2023(Updated: )
Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `58f9befca1` which has been included in release version 9.0.2109. Users are advised to upgrade. There are no known workarounds for this vulnerability.
|Affected Software||Affected Version||How to fix|
CVE-2023-48234 is a vulnerability in Vim, an open source command line text editor, that allows for an overflow in nv_z_get_count, potentially causing a crash in certain situations.
The severity of CVE-2023-48234 is medium with a severity value of 4.3.
CVE-2023-48234 has a low impact and requires user interaction, with a potential crash in some cases.
Vim versions up to exclusive 9.0.2109 and Fedora 39 are affected by CVE-2023-48234.
The issue has been addressed in commit 58f9befca1 of Vim.