High severity8.8NVD Advisory· Published Nov 6, 2020· Updated Jun 17, 2026
CVE-2020-27347
CVE-2020-27347
Description
In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- osv-coords6 versionspkg:rpm/opensuse/tmux&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/tmux&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/tmux&distro=openSUSE%20Tumbleweedpkg:rpm/suse/tmux&distro=SUSE%20Package%20Hub%2012pkg:rpm/suse/tmux&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/tmux&distro=SUSE%20Package%20Hub%2015%20SP2
< 3.1c-bp152.2.3.1+ 5 more
- (no CPE)range: < 3.1c-bp152.2.3.1
- (no CPE)range: < 3.1c-bp152.2.3.1
- (no CPE)range: < 3.2a-1.2
- (no CPE)range: < 3.1c-bp152.2.3.1
- (no CPE)range: < 3.1c-bp152.2.3.1
- (no CPE)range: < 3.1c-bp152.2.3.1
- tmux/tmuxv5Range: unspecified
- Ubuntu/tmuxv5Range: 3.1b
Patches
Vulnerability mechanics
References
4- github.com/tmux/tmux/commit/a868bacb46e3c900530bed47a1c6f85b0fbe701cnvdPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2020/11/05/3nvdExploitMailing ListThird Party Advisory
- raw.githubusercontent.com/tmux/tmux/3.1c/CHANGESnvdRelease NotesThird Party Advisory
- security.gentoo.org/glsa/202011-10nvdThird Party Advisory
News mentions
0No linked articles in our index yet.