CVE-2022-41138

Description

In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution.

Related CPE's

a zutty_project zutty ********

References

https://bugs.gentoo.org/868495

ExploitIssue TrackingPatchThird Party Advisory

https://github.com/tomszilagyi/zutty/commit/bde7458c60a7bafe08bbeaafbf861eb865edfa38

PatchThird Party Advisory

https://github.com/tomszilagyi/zutty/compare/0.12...0.13

PatchRelease NotesThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io