CVE-2022-32168
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-32168
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-32168.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-32168
- Published
- 2022-09-28T09:15:09.520Z
- Modified
- 2025-11-14T13:20:05.042256Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.
- References
Affected packages
Git / github.com/notepad-plus-plus/notepad-plus-plus
Affected ranges
- Type
- GIT
- Repo
- https://github.com/notepad-plus-plus/notepad-plus-plus
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
7.*
7.2.2
7.3.1
Other
patch-1_#167
patch-2_#268
patch-3_#283
v6
v7
v8
v5.*
v5.4.2
v5.4.3
v5.4.4
v5.4.5
v5.5
v5.5.1
v5.6
v5.6.1
v5.6.2
v5.6.3
v5.6.4
v5.6.5
v5.6.6
v5.6.7
v5.6.8
v5.7
v5.8
v5.8.1
v5.8.2
v5.8.3
v5.8.4
v5.8.5
v5.8.6
v5.8.7
v5.9
v5.9.1
v5.9.2
v5.9.3
v5.9.4
v5.9.5
v5.9.6
v5.9.6.1
v5.9.6.2
v5.9.7
v5.9.8
v6.*
v6.1
v6.1.1
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.2
v6.2.1
v6.2.2
v6.2.3_-_End_of_World_Edition
v6.3
v6.3.1
v6.3.2
v6.3.3
v6.4
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.5
v6.5.1
v6.5.2
v6.5.3
v6.5.4
v6.5.5
v6.6
v6.6.1
v6.6.2
v6.6.3
v6.6.4
v6.6.6_-_Friday_the_13th_edition
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7.1
v6.7.2
v6.7.3
v6.7.4_-_Je_suis_Charlie_edition
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.8.1
v6.7.8.2
v6.7.9
v6.7.9.1
v6.7.9.2
v6.8
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9
v6.9.1
v6.9.2
v7.*
v7.1
v7.2
v7.2.1
v7.2.2
v7.3
v7.3.1
v7.3.2
v7.3.3
v7.4
v7.4.1
v7.4.2
v7.5
v7.5.1
v7.5.2
v7.5.3
v7.5.4
v7.5.5
v7.5.6
v7.5.7
v7.5.8
v7.5.9
v7.6
v7.6.1
v7.6.2
v7.6.3
v7.6.4
v7.6.5
v7.6.6
v7.7
v7.7.1
v7.8
v7.8.1
v7.8.2
v7.8.3
v7.8.4
v7.8.5
v7.8.6
v7.8.7
v7.8.8
v7.8.9
v7.9
v7.9.1
v7.9.2
v7.9.3
v7.9.4
v7.9.5
v8.*
v8.1
v8.1.1
v8.1.2
v8.1.3
v8.1.4
v8.1.5
v8.1.6
v8.1.7
v8.1.8
v8.1.9
v8.1.9.1
v8.1.9.2
v8.1.9.3
v8.2
v8.2.1
v8.3
v8.3.1
v8.3.2
v8.3.3
v8.4
v8.4.1
v8.4.2
v8.4.3
v8.4.4
v8.4.5
Database specific
vanir_signatures
[
{
"digest": {
"length": 9882.0,
"function_hash": "56126566255679402210989258455246417856"
},
"target": {
"file": "PowerEditor/src/Parameters.cpp",
"function": "NppParameters::load"
},
"deprecated": false,
"id": "CVE-2022-32168-18f1e3b6",
"signature_version": "v1",
"source": "https://github.com/notepad-plus-plus/notepad-plus-plus/commit/85d7215d9b3e0d5a8433fc31aec4f2966821051e",
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"156828762122024156172431670660865497337",
"289976768516006381916454693285740277141",
"315489414279550385234886527173753352515",
"330040123989432357509843978171413098250"
],
"threshold": 0.9
},
"target": {
"file": "PowerEditor/src/MISC/Exception/MiniDumper.cpp"
},
"deprecated": false,
"id": "CVE-2022-32168-31dcddf2",
"signature_version": "v1",
"source": "https://github.com/notepad-plus-plus/notepad-plus-plus/commit/85d7215d9b3e0d5a8433fc31aec4f2966821051e",
"signature_type": "Line"
},
{
"digest": {
"length": 1707.0,
"function_hash": "152159363464505116515835069211305167594"
},
"target": {
"file": "PowerEditor/src/MISC/Exception/MiniDumper.cpp",
"function": "MiniDumper::writeDump"
},
"deprecated": false,
"id": "CVE-2022-32168-bb116b01",
"signature_version": "v1",
"source": "https://github.com/notepad-plus-plus/notepad-plus-plus/commit/85d7215d9b3e0d5a8433fc31aec4f2966821051e",
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"248477528690320277183539524766857091859",
"16117762653192841860348303873268124393",
"82498138416130312033565184262729199023",
"215444973407686749867596856775498582603"
],
"threshold": 0.9
},
"target": {
"file": "PowerEditor/src/Parameters.cpp"
},
"deprecated": false,
"id": "CVE-2022-32168-d0fa637b",
"signature_version": "v1",
"source": "https://github.com/notepad-plus-plus/notepad-plus-plus/commit/85d7215d9b3e0d5a8433fc31aec4f2966821051e",
"signature_type": "Line"
}
]