CVE-2024-25004

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-25004
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-25004.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-25004
Published
2024-02-09T07:16:00Z
Modified
2025-01-08T09:48:14.774321Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.

References

Affected packages

Git / github.com/cyd01/kitty

Affected ranges

Type
GIT
Repo
https://github.com/cyd01/kitty
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

0.*

0.70.0.9
0.71.0.1
0.71.0.2
0.71.0.3
0.71.0.4
0.71.0.5
0.71.0.6
0.71.0.7
0.72.0.1
0.72.0.2
0.72.0.3
0.72.0.4
0.72.0.5
0.72.0.6
0.73.0.1
0.73.0.2
0.73.1.1
0.73.1.2
0.73.1.3
0.73.1.4
0.73.1.5
0.73.2.1
0.73.2.10
0.73.2.11
0.73.2.12
0.73.2.13
0.73.2.14
0.73.2.15
0.73.2.16
0.73.2.17
0.73.2.18
0.73.2.2
0.73.2.3
0.73.2.4
0.73.2.5
0.73.2.6
0.73.2.7
0.73.2.8
0.73.2.9
0.74.0.1
0.74.0.2
0.74.0.3
0.74.0.4
0.74.0.5
0.74.0.6
0.74.0.7
0.74.1.1
0.74.2.1
0.74.2.2
0.74.2.3
0.74.2.4
0.74.2.5
0.74.2.6
0.74.2.7
0.74.2.8
0.74.3.1
0.74.3.2
0.74.3.3
0.74.3.4
0.74.3.5
0.74.4.1
0.74.4.10
0.74.4.11
0.74.4.12
0.74.4.13
0.74.4.2
0.74.4.3
0.74.4.4
0.74.4.5
0.74.4.6
0.74.4.7
0.74.4.8
0.74.4.9
0.76.0.1
0.76.0.10
0.76.0.11
0.76.0.12
0.76.0.13
0.76.0.14
0.76.0.2
0.76.0.3
0.76.0.4
0.76.0.5
0.76.0.6
0.76.0.7
0.76.0.8
0.76.0.9
0.76.1.10
0.76.1.13
0.76.1.2
0.76.1.3
0.76.1.4
0.76.1.5
0.76.1.6
0.76.1.7
0.76.1.8
0.76.1.9

v0.*

v0.74.0.7
v0.74.2.8
v0.74.3.1
v0.74.3.2
v0.74.3.3
v0.74.3.4
v0.74.3.5
v0.74.4.1
v0.74.4.10
v0.74.4.11
v0.74.4.12
v0.74.4.13
v0.74.4.2
v0.74.4.3
v0.74.4.4
v0.74.4.5
v0.74.4.6
v0.74.4.7
v0.74.4.8
v0.74.4.9
v0.76.0.1
v0.76.0.10
v0.76.0.11
v0.76.0.12
v0.76.0.13
v0.76.0.14
v0.76.0.2
v0.76.0.3
v0.76.0.5
v0.76.0.6
v0.76.0.7
v0.76.0.8
v0.76.0.9
v0.76.1.10
v0.76.1.13
v0.76.1.2
v0.76.1.3
v0.76.1.4
v0.76.1.5
v0.76.1.6
v0.76.1.7
v0.76.1.8
v0.76.1.9