4 matches found
CVE-2022-41138
In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution...
GLSA-202209-25 : Zutty: Arbitrary Code Execution
The remote host is affected by the vulnerability described in GLSA-202209-25 Zutty: Arbitrary Code Execution - In Zutty before 0.13, DECRQSS in text written to the terminal can achieve arbitrary code execution. CVE-2022-41138 Note that Nessus has not tested for this issue but has instead relied...
CVE-2022-41138
creationtimestamp| type| source ---|---|--- 2022-09-20 22:39:45+00:00| seen| https://t.me/cibsecurity/50163...
CVE-2022-41138
CVE-2022-41138 (Zutty) affects Zutty prior to 0.13, where DECRQSS sequences written to the terminal can lead to arbitrary code execution. The CVE entry notes a CRITICAL base score (9.8) with network-based, no-auth, no-user-interaction exploitation and high impact across confidentiality, integrity...