CVE-2024-45301 ZDI-CAN-24744: Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability

Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...