CVE-2022-4141
Summary
| CVE | CVE-2022-4141 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-11-25 14:15:00 UTC |
|---|
| Updated | 2023-11-07 03:57:00 UTC |
|---|
| Description | Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Vim, gVim: Multiple Vulnerabilities (GLSA 202305-16) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| huntr – Security Bounties for any GitHub repository |
CONFIRM |
huntr.dev |
|
| [SECURITY] Fedora 36 Update: vim-9.0.1006-1.fc36 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 37 Update: vim-9.0.1006-1.fc37 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| [SECURITY] Fedora 37 Update: vim-9.0.1006-1.fc37 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| patch 9.0.0947: invalid memory access in substitute with function · vim/vim@cc762a4 · GitHub |
MISC |
github.com |
|
| [SECURITY] [DLA 3453-1] vim security update |
MLIST |
lists.debian.org |
|
| [SECURITY] Fedora 36 Update: vim-9.0.1006-1.fc36 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 181841 Debian Security Update for vim (DLA 3453-1)
- 183551 Debian Security Update for vim (CVE-2022-4141)
- 283388 Fedora Security Update for vim (FEDORA-2022-fc4c513d06)
- 283389 Fedora Security Update for vim (FEDORA-2022-1e14f3ae45)
- 354650 Amazon Linux Security Advisory for vim : ALAS2-2023-1912
- 354686 Amazon Linux Security Advisory for vim : ALAS-2023-1664
- 354693 Amazon Linux Security Advisory for vim : ALAS2022-2023-269
- 355135 Amazon Linux Security Advisory for vim : ALAS2023-2023-098
- 502811 Alpine Linux Security Update for vim
- 503137 Alpine Linux Security Update for vim
- 505952 Alpine Linux Security Update for vim
- 672583 EulerOS Security Update for vim (EulerOS-SA-2023-1342)
- 672642 EulerOS Security Update for vim (EulerOS-SA-2023-1403)
- 672655 EulerOS Security Update for vim (EulerOS-SA-2023-1375)
- 672740 EulerOS Security Update for vim (EulerOS-SA-2023-1460)
- 672753 EulerOS Security Update for vim (EulerOS-SA-2023-1485)
- 672788 EulerOS Security Update for vim (EulerOS-SA-2023-1543)
- 672823 EulerOS Security Update for vim (EulerOS-SA-2023-1568)
- 672837 EulerOS Security Update for vim (EulerOS-SA-2023-1579)
- 672847 EulerOS Security Update for vim (EulerOS-SA-2023-1589)
- 673090 EulerOS Security Update for vim (EulerOS-SA-2023-2179)
- 710718 Gentoo Linux Vim, gVim Multiple Vulnerabilities (GLSA 202305-16)
- 753073 SUSE Enterprise Linux Security Update for vim (SUSE-SU-2022:4631-1)
- 753603 SUSE Enterprise Linux Security Update for vim (SUSE-SU-2023:0209-1)
- 904573 Common Base Linux Mariner (CBL-Mariner) Security Update for vim (11510)
- 904581 Common Base Linux Mariner (CBL-Mariner) Security Update for vim (11504)
- 904625 Common Base Linux Mariner (CBL-Mariner) Security Update for vim (11510-1)
- 904648 Common Base Linux Mariner (CBL-Mariner) Security Update for vim (11504-1)
