Cloud Vulnerability DB
A community-led vulnerabilities database
Introducing Wiz for Exposure Management: Unify, prioritize, and remediate exposures everywhere.
Vulnerability DatabaseCVE-2021-4187
CVE-2021-4187:
NixOS vulnerability analysis and mitigation
Overview
CVE-2021-4187 is a Use After Free vulnerability affecting the Vim text editor. The vulnerability was discovered and disclosed in December 2021, affecting Vim versions prior to 8.2.3923. The issue was fixed in Vim patch 8.2.3923 through improved memory handling (VIM Commit).
Technical details
The vulnerability is a Use After Free issue that occurs when a nested function has a line break in the argument list. The problem was addressed by setting cmdlinep when freeing the previous line (VIM Commit).
Impact
If exploited, this vulnerability could lead to unexpected application termination or potential arbitrary code execution in the context of the Vim application (Apple Security).
Mitigation and workarounds
The vulnerability was patched in Vim version 8.2.3923. Users are advised to upgrade to this version or later. Multiple operating system vendors have released security updates including Apple in macOS updates, Fedora in package vim-8.2.4006-1, and Debian in version 2:9.0.1378-2 (Debian Tracker, Fedora Update).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management