CVE-2020-27347

Опубликовано: 30 окт. 2020

Источник: redhat

CVSS3: 8.5

EPSS Низкий

Описание

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

Отчет

tmux as shipped with Red Hat Enterprise Linux of any version is not affected because the vulnerable code exists in newer versions of tmux than those shipped.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 7	tmux	Not affected
Red Hat Enterprise Linux 8	tmux	Not affected
Red Hat Enterprise Linux 9	tmux	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-121

https://bugzilla.redhat.com/show_bug.cgi?id=1893339tmux: stack buffer overflow in input_csi_dispatch_sgr_colon

EPSS

Процентиль: 49%

0.00262

Низкий

8.5 High

CVSS3

Связанные уязвимости

CVE-2020-27347

CVSS3: 8.8

ubuntu

больше 5 лет назад

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

CVE-2020-27347

CVSS3: 8.8

nvd

больше 5 лет назад

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

CVE-2020-27347

CVSS3: 8.8

debian

больше 5 лет назад

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon( ...

GHSA-xp5q-c655-9565

CVSS3: 7.8

github

почти 4 года назад

The function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

openSUSE-SU-2020:1834-1

suse-cvrf

больше 5 лет назад

Security update for tmux

EPSS

Процентиль: 49%

0.00262

Низкий

8.5 High

CVSS3