{"url":"http://public2.vulnerablecode.io/api/packages/49642?format=json","purl":"pkg:deb/debian/kitty@0.19.3-1%2Bdeb11u1?distro=trixie","type":"deb","namespace":"debian","name":"kitty","version":"0.19.3-1+deb11u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0","latest_non_vulnerable_version":"0.47.0-3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/172316?format=json","vulnerability_id":"VCID-cvwx-ftsr-hqe6","summary":"In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup.","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41322"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020582","reference_id":"1020582","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020582"},{"reference_url":"https://security.gentoo.org/glsa/202209-22","reference_id":"202209-22","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-27T14:49:24Z/"}],"url":"https://security.gentoo.org/glsa/202209-22"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/47RK7MBSVY5BWDUTYMJUFPBAYFSWMTOI/","reference_id":"47RK7MBSVY5BWDUTYMJUFPBAYFSWMTOI","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-27T14:49:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/47RK7MBSVY5BWDUTYMJUFPBAYFSWMTOI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RRNAPU33PHEH64P77YL3AJO6CTZGHTX/","reference_id":"6RRNAPU33PHEH64P77YL3AJO6CTZGHTX","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-27T14:49:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RRNAPU33PHEH64P77YL3AJO6CTZGHTX/"},{"reference_url":"https://bugs.gentoo.org/868543","reference_id":"868543","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-27T14:49:24Z/"}],"url":"https://bugs.gentoo.org/868543"},{"reference_url":"https://sw.kovidgoyal.net/kitty/changelog/#detailed-list-of-changes","reference_id":"#detailed-list-of-changes","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-27T14:49:24Z/"}],"url":"https://sw.kovidgoyal.net/kitty/changelog/#detailed-list-of-changes"},{"reference_url":"https://github.com/kovidgoyal/kitty/commit/f05783e64d5fa62e1aed603e8d69aced5e49824f","reference_id":"f05783e64d5fa62e1aed603e8d69aced5e49824f","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-27T14:49:24Z/"}],"url":"https://github.com/kovidgoyal/kitty/commit/f05783e64d5fa62e1aed603e8d69aced5e49824f"},{"reference_url":"https://github.com/kovidgoyal/kitty/compare/v0.26.1...v0.26.2","reference_id":"v0.26.1...v0.26.2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-27T14:49:24Z/"}],"url":"https://github.com/kovidgoyal/kitty/compare/v0.26.1...v0.26.2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/49638?format=json","purl":"pkg:deb/debian/kitty@0.19.3-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4pfp-8v6r-jfb5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kitty@0.19.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49642?format=json","purl":"pkg:deb/debian/kitty@0.19.3-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kitty@0.19.3-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49641?format=json","purl":"pkg:deb/debian/kitty@0.21.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kitty@0.21.2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49637?format=json","purl":"pkg:deb/debian/kitty@0.26.5-5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2um2-tmff-8bgs"},{"vulnerability":"VCID-4pfp-8v6r-jfb5"},{"vulnerability":"VCID-hppq-jruz-a3a5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kitty@0.26.5-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49640?format=json","purl":"pkg:deb/debian/kitty@0.41.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kitty@0.41.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/49639?format=json","purl":"pkg:deb/debian/kitty@0.47.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kitty@0.47.0-3%3Fdistro=trixie"}],"aliases":["CVE-2022-41322"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cvwx-ftsr-hqe6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/kitty@0.19.3-1%252Bdeb11u1%3Fdistro=trixie"}