What the vulnerability does

01Description

The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.

Key dates

02Disclosure timeline

December 9, 2022 CVE published
April 14, 2025 Record updated