VYPR

rpm package

opensuse/rxvt-unicode&distro=openSUSE Leap 15.4

pkg:rpm/opensuse/rxvt-unicode&distro=openSUSE%20Leap%2015.4

Vulnerabilities (3)

  • CVE-2022-4170Dec 9, 2022
    affected < 9.31-bp155.3.3.1fixed 9.31-bp155.3.3.1

    The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.

  • CVE-2021-33477May 20, 2021
    affected < 9.26-bp154.2.3.1fixed 9.26-bp154.2.3.1

    rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.

  • CVE-2008-1142Apr 7, 2008
    affected < 9.26-bp154.2.3.1fixed 9.26-bp154.2.3.1

    rxvt 2.6.4 opens a terminal window on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: it was later reported that rxvt-unicode, mrxvt, aterm, multi-aterm, and wterm are also affected. NOTE: realistic attack scenar