Vulnerabilities > Invisible Island > Xterm > 369
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-40359 | Unspecified vulnerability in Invisible-Island Xterm xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. | 9.8 |
| 2022-11-10 | CVE-2022-45063 | Command Injection vulnerability in multiple products xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. | 9.8 |
| 2022-01-31 | CVE-2022-24130 | Classic Buffer Overflow vulnerability in multiple products xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. | 5.5 |