CVE-2022-47583

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-47583

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-47583.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-47583

Published

2023-10-19T16:15:08.833Z

Modified

2026-03-14T11:55:56.196603Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to the terminal.

References

Affected packages

Git / github.com/mintty/mintty

Affected ranges

Type

GIT

Repo

https://github.com/mintty/mintty

Events

Introduced

Fixed

da98ffc6b0bb68e090f314ffe0207243dbf50355

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.6.3"
        }
    ]
}

Affected versions

2.*

2.0.1

2.0.2

2.0.3

2.1.1

2.1.3

2.1.4

2.1.5

2.2.1

2.2.2

2.2.3

2.2.4

2.3.1

2.3.2

2.3.3

2.3.4

2.3.5

2.3.6

2.3.7release

2.4.0

2.4.1

2.4.2

2.4.3

2.5.0

2.5.1

2.6.0

2.6.1

2.6.2

2.7.0

2.7.1

2.7.2

2.7.3

2.7.4

2.7.5

2.7.6

2.7.7

2.7.8

2.7.9

2.8.0

2.8.1

2.8.2

2.8.3

2.8.4

2.8.5

2.9.0

2.9.1

2.9.2

2.9.3

2.9.4

2.9.5

2.9.6

2.9.7

2.9.8

2.9.9

3.*

3.0.0

3.0.1

3.0.2

3.0.3

3.0.4

3.0.5

3.0.6

3.1.0

3.1.4

3.1.5

3.1.6

3.1.7

3.1.8

3.2.0

3.3.0

3.4.0

3.4.1

3.4.2

3.4.3

3.4.4

3.4.5

3.4.6

3.4.7

3.5.0

3.5.1

3.5.2

3.5.3

3.6.0

3.6.1

3.6.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-47583.json"