xterm: Multiple Vulnerabilities Regarding to Version 375 #4307
Labels
security
Topic/issue involves a security issue/fixed
Comments
CamberLoid
added a commit
that referenced
this issue
Nov 23, 2022
* Fixed CVE-2021-27135 and CVE-2022-24130 * Increase output verbosity of beyond file Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid
added a commit
that referenced
this issue
Nov 27, 2022
* Fixed CVE-2021-27135 and CVE-2022-24130 * Increase output verbosity of beyond file Signed-off-by: Camber Huang <camber@poi.science>
CamberLoid
added a commit
that referenced
this issue
Nov 27, 2022
* Fixed CVE-2021-27135 and CVE-2022-24130 * Increase output verbosity of beyond file Signed-off-by: Camber Huang <camber@poi.science>
|
Fixed via #4290 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE IDs
CVE-2021-27135, CVE-2022-24130
Other security advisory IDs
Description
CVE-2021-27135: A crafted UTF-8 combining character sequence may allow remote attackers to execute arbitrary code or cause a denial of service.
CVE-2022-24130: Sixel support may allow attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.
Patches
In general, an upgrade to version 375 or after will fix the problem.
PoC(s)
N/A
The text was updated successfully, but these errors were encountered: