rpm package
opensuse/kitty&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/kitty&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-54057 | Hig | 7.8 | < 0.47.3-1.1 | 0.47.3-1.1 | Jun 12, 2026 | Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 (color-control) query reply reflects attacker-controlled bytes, including newlines, into the shell's input without sanitization. Version 0.47.3 fixes the issue. | |
| CVE-2020-35605 | — | < 0.21.2-1.2 | 0.21.2-1.2 | Dec 21, 2020 | The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message. |
- affected < 0.47.3-1.1fixed 0.47.3-1.1
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 (color-control) query reply reflects attacker-controlled bytes, including newlines, into the shell's input without sanitization. Version 0.47.3 fixes the issue.
- CVE-2020-35605Dec 21, 2020affected < 0.21.2-1.2fixed 0.21.2-1.2
The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message.