rpm package
suse/xterm&distro=SUSE Manager Server 4.2
pkg:rpm/suse/xterm&distro=SUSE%20Manager%20Server%204.2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-40359 | — | < 330-150200.11.12.1 | 330-150200.11.12.1 | Aug 14, 2023 | xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. This can only occur for xterm installations that are configured at compile time to use a certain ex | ||
| CVE-2022-45063 | Cri | 9.8 | < 330-150200.11.9.1 | 330-150200.11.9.1 | Nov 10, 2022 | xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions. |
- CVE-2023-40359Aug 14, 2023affected < 330-150200.11.12.1fixed 330-150200.11.12.1
xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. This can only occur for xterm installations that are configured at compile time to use a certain ex
- affected < 330-150200.11.9.1fixed 330-150200.11.9.1
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.