Invisible-Island XTERM 280

CPE Details

Invisible-Island XTERM 280
invisible-island
xterm
280
2021-02-11
15h52 +00:00
2021-02-11
15h52 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:invisible-island:xterm:280:*:*:*:*:*:*:*

Informations

Vendor

invisible-island

Product

xterm

Version

280

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-40359 2023-08-13 22h00 +00:00 xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. This can only occur for xterm installations that are configured at compile time to use a certain experimental feature.
9.8
Critical
CVE-2022-45063 2022-11-09 23h00 +00:00 xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.
9.8
Critical
CVE-2022-24130 2022-01-31 04h01 +00:00 xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.
5.5
Medium
CVE-2021-27135 2021-02-10 14h51 +00:00 xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence.
9.8
Critical