CVE-2021-4187

🗓️ 29 Dec 2021 17:10:09Reported by @huntrdevType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 166 Views

vim vulnerable to Use After Free CVE-2021-418

Reporter	Title	Published	Views	Family All 79
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Vim-minimal Package Issues	8 Aug 202417:27	–	ibm
Huntr	None in vim/vim	27 Dec 202115:57	–	huntr
Tenable Nessus	Amazon Linux 2022 : vim-common, vim-data, vim-default-editor (ALAS2022-2022-014)	11 Dec 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2022 : vim-common, vim-data, vim-default-editor (ALAS2022-2022-155)	20 Oct 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-098)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : vim, --advisory ALAS2-2022-1743 (ALAS-2022-1743)	14 Feb 202200:00	–	nessus
Tenable Nessus	Amazon Linux AMI : vim (ALAS-2022-1557)	20 Jan 202200:00	–	nessus
Tenable Nessus	Debian dla-4097 : vim - security update	30 Mar 202500:00	–	nessus
Tenable Nessus	GLSA-202208-32 : Vim, gVim: Multiple Vulnerabilities	21 Aug 202200:00	–	nessus
Tenable Nessus	macOS 12.x < 12.3 (HT213183)	21 Mar 202200:00	–	nessus

NVD

Node

vim vimRange≤8.2.3912

Node

fedoraproject fedoraMatch34

fedoraproject fedoraMatch35

Node

apple mac_os_xMatch10.15.7

apple mac_os_xMatch10.15.7security_update_2020-001

apple mac_os_xMatch10.15.7security_update_2021-001

apple mac_os_xMatch10.15.7security_update_2021-002

apple mac_os_xMatch10.15.7security_update_2021-003

apple mac_os_xMatch10.15.7security_update_2021-004

apple mac_os_xMatch10.15.7security_update_2021-005

apple mac_os_xMatch10.15.7security_update_2021-006

apple mac_os_xMatch10.15.7security_update_2021-007

apple mac_os_xMatch10.15.7security_update_2021-008

apple mac_os_xMatch10.15.7security_update_2022-001

apple mac_os_xMatch10.15.7security_update_2022-002

apple mac_os_xMatch10.15.7security_update_2022-003

apple macosRange<12.3

apple macosRange11.0–11.6.6

apple macosMatch10.15.7security_update_2022-004

[
  {
    "product": "vim/vim",
    "vendor": "vim",
    "versions": [
      {
        "lessThan": "8.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
security	www.security.gentoo.org/glsa/202208-32
support	www.support.apple.com/kb/HT213183
support	www.support.apple.com/kb/HT213256
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/
github	www.github.com/vim/vim/commit/4bf1006cae7e87259ccd5219128c3dba75774441
huntr	www.huntr.dev/bounties/a8bee03a-6e2e-43bf-bee3-4968c5386a2e
seclists	www.seclists.org/fulldisclosure/2022/Jul/14
openwall	www.openwall.com/lists/oss-security/2022/01/15/1
seclists	www.seclists.org/fulldisclosure/2022/May/35
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/

03 Nov 2025 21:15Current

7.9High risk

Vulners AI Score7.9

CVSS 26.8

CVSS 3.17.8

CVSS 36.8

EPSS0.0029

CWE-416