CVE-2022-4141

Name

CVE-2022-4141

Description

Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
CONFIRM	https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f
MISC	https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5
vendor-advisory	https://security.gentoo.org/glsa/202305-16
mailing-list	https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html
vendor-advisory	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AZ3JMSUCR6Y7626RDWQ2HNSUFIQOJ33G/
vendor-advisory	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6ZNKVN4GICORTVFKVCM4MSOXCYWNHUC/
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/03/msg00023.html

Match rules

CPE URI	Source package	Min version	Max version
	vim/vim	>= unspecified	< 9.0.0947

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
vim	edge-main	9.0.0999-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
vim	3.22-main	9.0.0999-r0	None	fixed
vim	3.21-main	9.0.0999-r0	None	fixed
vim	3.20-main	9.0.0999-r0	None	fixed
vim	3.19-main	9.0.0999-r0	None	fixed
vim	3.18-main	9.0.0999-r0	None	fixed
vim	3.17-main	9.0.0999-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed