{"id":"MGASA-2022-0464","summary":"Updated vim packages fix security vulnerability","details":"Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an\nattacker to CTRL-W gf in the expression used in the RHS of the substitute\ncommand. (CVE-2022-4141)\n","modified":"2026-04-16T00:11:51.828268471Z","published":"2022-12-13T22:09:19Z","upstream":["CVE-2022-4141"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0464.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31239"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/AZ3JMSUCR6Y7626RDWQ2HNSUFIQOJ33G/"}],"affected":[{"package":{"name":"vim","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/vim?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.0.963-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0464.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}