Vulnerabilities

CVE-2022-24130

by Fred · 31/01/2022

xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.

Date published : 2022-01-31

https://invisible-island.net/xterm/xterm.log.html

100% reproducible XTerm crash whoops! pic.twitter.com/YPT8GQkyiU

— nick black 🇼🇸 (@nickblack) January 30, 2022

Related

Tags: Cybersecurity Alert