Описание
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 379-1ubuntu1 |
| esm-apps/bionic | ignored | code-not-compiled |
| esm-apps/focal | ignored | code-not-compiled |
| esm-apps/jammy | ignored | code-not-compiled |
| esm-infra/xenial | ignored | code-not-compiled |
| focal | ignored | end of standard support, was ignored [code-not-compiled] |
| jammy | ignored | code-not-compiled |
| kinetic | ignored | end of life, was ignored [code-not-compiled] |
| lunar | not-affected | 379-1ubuntu1 |
Показывать по
Ссылки на источники
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.
xterm before 375 allows code execution via font ops, e.g., because an ...
EPSS
9.8 Critical
CVSS3