Msrc Cbl2 Xterm 380-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2023-40359 [CRITICAL] xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e. neither alphanumeric nor underscore) aka a pointer/overflow issue. This can only occur f xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e. neither alphanumeric nor underscore) aka a pointer/overflow issue. This can only occur for xterm installations that are configured at compile time to use a certa

CVE-2022-45063 [CRITICAL] CWE-77 xterm before 375 allows code execution via font ops e.g. because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are n xterm before 375 allows code execution via font ops e.g. because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distr