MGASA-2022-0364

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0364.html

Import Source

https://advisories.mageia.org/MGASA-2022-0364.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0364

Related

CVE-2022-41322

Published

2022-10-08T20:22:22Z

Modified

2022-10-08T19:29:45Z

Summary

Updated kitty packages fix security vulnerability

Details

In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup. (CVE-2022-41322)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / kitty

Package

Name: kitty
Purl: pkg:rpm/mageia/kitty?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.26.3-1.mga8

Ecosystem specific

{
    "section": "core"
}