alpine · CVE-2022-4170

Quick triage

Priority: not assigned Published: Updated:

View at Official alpine advisory, NVD, CVE.org · CVE detail

Freshness: no update timestamp found; verify against the upstream OS advisory manually.

Tracker summary

CVE-2022-4170: 1 source package rows (rxvt-unicode); 8 state rows across 6 repos (3.18-community, 3.19-community, 3.20-community, 3.21-community, 3.22-community, edge-community); fixed 6, open 2.

Description:

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.

cvelogic Threat Intelligence