Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-4170

Опубликовано: 09 дек. 2022
Источник: debian
EPSS Низкий

Описание

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
rxvt-unicodefixed9.31-1package
rxvt-unicodeignoredbookwormpackage
rxvt-unicodenot-affectedbullseyepackage
rxvt-unicodenot-affectedbusterpackage

Примечания

  • https://www.openwall.com/lists/oss-security/2022/12/05/1

  • http://cvs.schmorp.de/rxvt-unicode/src/perl/background?r1=1.105&r2=1.109

  • Not exploitable due to a bug since 9.30 upstream

EPSS

Процентиль: 86%
0.02979
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-4170

CVSS3: 9.8
ubuntu
около 3 лет назад

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.

nvd логотип

CVE-2022-4170

CVSS3: 9.8
nvd
около 3 лет назад

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.

suse-cvrf логотип

openSUSE-SU-2023:0306-1

suse-cvrf
больше 2 лет назад

Security update for rxvt-unicode

github логотип

GHSA-v3h7-vj8g-6x3r

CVSS3: 9.8
github
около 3 лет назад

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.

EPSS

Процентиль: 86%
0.02979
Низкий