CVE-2022-4141

Description

Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.

Related CPE's

a vim vim ********

o fedoraproject fedora 36 *******

o fedoraproject fedora 37 *******

References

https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f

ExploitIssue TrackingPatchThird Party Advisory

https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5

PatchThird Party Advisory

FEDORA-2022-1e14f3ae45

Mailing ListThird Party Advisory

FEDORA-2022-fc4c513d06

Mailing ListThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io