Headline
CVE-2021-33477
rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.
Related news
CVE-2023-39726: "[31m"?! ANSI Terminal security in 2023 and finding 10 CVEs
An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal.
CVE-2022-47583: "[31m"?! ANSI Terminal security in 2023 and finding 10 CVEs
Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to the terminal.