CVE-2024-43790 heap-buffer-overflow in do_search() in Vim < 9.1.0689

🗓️ 22 Aug 2024 21:23:07Reported by GoogleType

osv🔗 osv.dev👁 37 Views

Vim buffer overflow vulnerability when searching and displaying the search pattern, fixed in patch v9.1.068

Reporter	Title	Published	Views	Family All 51
AlpineLinux	CVE-2024-43790	22 Aug 202421:23	–	alpinelinux
Tenable Nessus	Azure Linux 3.0 Security Update: vim (CVE-2024-43790)	10 Feb 202500:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: vim (CVE-2024-43790)	13 Dec 202400:00	–	nessus
Tenable Nessus	Photon OS 4.0: Vim PHSA-2024-4.0-0689	11 Sep 202400:00	–	nessus
Tenable Nessus	Photon OS 5.0: Vim PHSA-2024-5.0-0371	11 Sep 202400:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : vim (SUSE-SU-2025:0722-1)	27 Feb 202500:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : vim (SUSE-SU-2025:0723-1)	27 Feb 202500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2024-43790	5 Mar 202500:00	–	nessus
Tenable Nessus	Vim < 9.1.0689 Heap Buffer Overflow	30 Aug 202400:00	–	nessus
BDU FSTEC	The vulnerability of the do_search() function in the Vim text editor allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.	17 Sep 202400:00	–	bdu_fstec

Source	Link
github	www.github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43790.json
github	www.github.com/vim/vim/security/advisories/GHSA-v2x2-cjcg-f9jm
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-43790
security	www.security.netapp.com/advisory/ntap-20240920-0005/
github	www.github.com/vim/vim/commit/cacb6693c10bb19f28a50eca47bc

12 Apr 2026 09:00Current

4.5Medium risk

Vulners AI Score4.5

CVSS 3.14.5

EPSS0.00083