MiracleLinux 9 : xterm-366-12.el9_6 (AXSA:2025-10760:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10760:02 advisory. xterm: Buffer overflow in setsixel in graphicssixel.c CVE-2022-24130 Tenable has extracted the preceding description block directly from the MiracleLinux...

RLSA-2025:14075 Moderate: xterm security update

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: Buffer overflow in setsixel in graphicssixel.c CVE-2022-24130 For more details about the...

xterm security update

An update is available for xterm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The xterm program is a terminal emulator for the X Window System. It provides D...

xterm: Buffer overflow in set_sixel in graphics_sixel.c

A buffer-overflow vulnerability was found in xterm's setsixel function in the 'graphicssixel.c' file. This flaw allows an attacker to trigger a buffer overflow via crafted text when the sixel-graphics functionality is enabled. This issue causes xterm to crash, affecting the availability of an...

The vulnerability of the set_sixel function in the graphics_sixel.c component of the XTerm terminal emulator allows a hacker to cause a system failure.

The vulnerability of the setsixel function in the graphicssixel.c component of the XTerm terminal emulator involves copying buffers without checking the input data. Exploiting this vulnerability allows a remote attacker to cause a service failure...

Denial Of Service (DoS)

xterm is vulnerable to denial of service. The vulnerability exists due to a buffer overflow in setsixel in graphicssixel.c via crafted text...

CVE-2022-24130

xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in setsixel in graphicssixel.c via crafted text...

AZL-8456 CVE-2022-24130 affecting package xterm for versions less than 372-1

xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in setsixel in graphicssixel.c via crafted text...

CVE-2022-24130

The CVE-2022-24130 issue affects xterm with Sixel support enabled, where a crafted text input can trigger a buffer overflow in graphics_sixel.c:set_sixel. The vulnerability is active in xterm builds up to patches around 370, and multiple downstream advisories (e.g., CBL-Mariner stating affected v...