{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-45063", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-03T14:01:31.513Z", "dateReserved": "2022-11-09T00:00:00", "datePublished": "2022-11-10T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-17T15:05:58.315934"}, "descriptions": [{"lang": "en", "value": "xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://invisible-island.net/xterm/xterm.log.html"}, {"url": "https://www.openwall.com/lists/oss-security/2022/11/10/1"}, {"url": "https://news.ycombinator.com/item?id=33546415"}, {"name": "[oss-security] 20221110 CVE-2022-45063: xterm <375 code execution via font ops", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/1"}, {"name": "[oss-security] 20221110 Re: CVE-2022-45063: xterm <375 code execution via font ops", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/5"}, {"name": "FEDORA-2022-681bbe67b6", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC/"}, {"name": "GLSA-202211-09", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202211-09"}, {"name": "FEDORA-2022-8cf76a9ceb", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA/"}, {"name": "FEDORA-2022-af5f1eee2c", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y/"}, {"name": "[oss-security] 20240615 iTerm2 3.5.x title reporting bug", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2024/06/15/1"}, {"name": "[oss-security] 20240617 Re: iTerm2 3.5.x title reporting bug", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2024/06/17/1"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-17T14:34:56.736041Z", "id": "CVE-2022-45063", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T14:35:05.675Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T14:01:31.513Z"}, "title": "CVE Program Container", "references": [{"url": "https://invisible-island.net/xterm/xterm.log.html", "tags": ["x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2022/11/10/1", "tags": ["x_transferred"]}, {"url": "https://news.ycombinator.com/item?id=33546415", "tags": ["x_transferred"]}, {"name": "[oss-security] 20221110 CVE-2022-45063: xterm <375 code execution via font ops", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/1"}, {"name": "[oss-security] 20221110 Re: CVE-2022-45063: xterm <375 code execution via font ops", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/5"}, {"name": "FEDORA-2022-681bbe67b6", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC/"}, {"name": "GLSA-202211-09", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202211-09"}, {"name": "FEDORA-2022-8cf76a9ceb", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA/"}, {"name": "FEDORA-2022-af5f1eee2c", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y/"}, {"name": "[oss-security] 20240615 iTerm2 3.5.x title reporting bug", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2024/06/15/1"}, {"name": "[oss-security] 20240617 Re: iTerm2 3.5.x title reporting bug", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2024/06/17/1"}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://invisible-island.net/xterm/xterm.log.html", "tags": ["x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2022/11/10/1", "tags": ["x_transferred"]}, {"url": "https://news.ycombinator.com/item?id=33546415", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2022/11/10/1", "name": "[oss-security] 20221110 CVE-2022-45063: xterm <375 code execution via font ops", "tags": ["mailing-list", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2022/11/10/5", "name": "[oss-security] 20221110 Re: CVE-2022-45063: xterm <375 code execution via font ops", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC/", "name": "FEDORA-2022-681bbe67b6", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202211-09", "name": "GLSA-202211-09", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA/", "name": "FEDORA-2022-8cf76a9ceb", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y/", "name": "FEDORA-2022-af5f1eee2c", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/06/15/1", "name": "[oss-security] 20240615 iTerm2 3.5.x title reporting bug", "tags": ["mailing-list", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/06/17/1", "name": "[oss-security] 20240617 Re: iTerm2 3.5.x title reporting bug", "tags": ["mailing-list", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T14:01:31.513Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-45063", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-17T14:34:56.736041Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T14:35:00.595Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://invisible-island.net/xterm/xterm.log.html"}, {"url": "https://www.openwall.com/lists/oss-security/2022/11/10/1"}, {"url": "https://news.ycombinator.com/item?id=33546415"}, {"url": "http://www.openwall.com/lists/oss-security/2022/11/10/1", "name": "[oss-security] 20221110 CVE-2022-45063: xterm <375 code execution via font ops", "tags": ["mailing-list"]}, {"url": "http://www.openwall.com/lists/oss-security/2022/11/10/5", "name": "[oss-security] 20221110 Re: CVE-2022-45063: xterm <375 code execution via font ops", "tags": ["mailing-list"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC/", "name": "FEDORA-2022-681bbe67b6", "tags": ["vendor-advisory"]}, {"url": "https://security.gentoo.org/glsa/202211-09", "name": "GLSA-202211-09", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA/", "name": "FEDORA-2022-8cf76a9ceb", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y/", "name": "FEDORA-2022-af5f1eee2c", "tags": ["vendor-advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/06/15/1", "name": "[oss-security] 20240615 iTerm2 3.5.x title reporting bug", "tags": ["mailing-list"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/06/17/1", "name": "[oss-security] 20240617 Re: iTerm2 3.5.x title reporting bug", "tags": ["mailing-list"]}], "descriptions": [{"lang": "en", "value": "xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-17T15:05:58.315934"}}}, "cveMetadata": {"cveId": "CVE-2022-45063", "state": "PUBLISHED", "dateUpdated": "2024-08-03T14:01:31.513Z", "dateReserved": "2022-11-09T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2022-11-10T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:invisible-island:xterm:*:*:*:*:*:*:*:*", "matchCriteriaId": "52D6B701-A4C7-4148-804D-88E8666AA4D6", "versionEndExcluding": "375", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions."}, {"lang": "es", "value": "xterm anterior a 375 permite la ejecuci\u00f3n de c\u00f3digo mediante operaciones de fuentes, por ejemplo, porque una respuesta OSC 50 puede tener Ctrl-g y, por lo tanto, conducir a la ejecuci\u00f3n de comandos dentro del modo de edici\u00f3n de l\u00ednea vi de Zsh. NOTA: las operaciones de fuentes no est\u00e1n permitidas en las configuraciones predeterminadas de xterm de algunas distribuciones de Linux."}], "id": "CVE-2022-45063", "lastModified": "2024-06-17T15:15:50.030", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-10T16:15:12.307", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/1"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/11/10/5"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2024/06/15/1"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2024/06/17/1"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://invisible-island.net/xterm/xterm.log.html"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://news.ycombinator.com/item?id=33546415"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202211-09"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2022/11/10/1"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "xterm: code execution via OSC 50 input sequences", "id": "2142474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142474"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-94", "details": ["xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.", "A flaw was found in xterm. This issue may allow code execution via font ops."], "name": "CVE-2022-45063", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "impact": "moderate", "package_name": "xterm", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "impact": "moderate", "package_name": "xterm", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "cockpit-appstream", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "cockpit-session-recording", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "container-tools:3.0/cockpit-podman", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "container-tools:4.0/cockpit-podman", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "container-tools:rhel8/cockpit-podman", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "impact": "moderate", "package_name": "xterm", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "cockpit-machines", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "cockpit-podman", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "cockpit-session-recording", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "impact": "moderate", "package_name": "xterm", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "openshift3/ose-console", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-console", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Affected", "package_name": "container-native-virtualization/kubevirt-console-plugin", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Not affected", "package_name": "ovirt-web-ui", "product_name": "Red Hat Virtualization 4"}], "public_date": "2022-11-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-45063\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-45063"], "statement": "This issue is marked as moderate because the Red Hat Enterprise Linux 6, 7, 8, and 9, as the xterm package is currently provided with allowWindowOps and allowFontOps resources to false by default that can protect from remote code execution and downgrade the attack surface.", "threat_severity": "Moderate"}