Описание
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 0.26.5-3ubuntu2 |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | released | 0.21.2-1ubuntu0.22.04.1 |
| focal | not-affected | code not present |
| jammy | released | 0.21.2-1ubuntu0.22.04.1 |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
| mantic | not-affected | 0.26.5-3ubuntu2 |
| trusty | DNE |
Показывать по
EPSS
7.8 High
CVSS3
Связанные уязвимости
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup.
In Kitty before 0.26.2, insufficient validation in the desktop notific ...
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup.
EPSS
7.8 High
CVSS3