GCVE - cpe:2.3:a:gnome:gnome-terminal:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:gnome:gnome-terminal:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Gnome (`0ee6d85f-ce9a-5064-936c-231d12a60ad5`)
Product	Gnome Terminal (`c8b00793-b6de-572f-ab72-4fce3bc87360`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/gnome-terminal`	purl2cpe	2026-06-01 10:17:21.952901
`pkg:deb/ubuntu/gnome-terminal`	purl2cpe	2026-06-01 10:17:21.952905
`pkg:github/gnome/gnome-terminal`	purl2cpe	2026-06-01 10:17:21.952908
`pkg:gitlab/kalilinux/gnome-terminal`	purl2cpe	2026-06-01 10:17:21.952912
`pkg:rpm/centos/gnome-terminal`	purl2cpe	2026-06-01 10:17:21.952915
`pkg:rpm/fedora/gnome-terminal`	purl2cpe	2026-06-01 10:17:21.952919
`pkg:rpm/opensuse/gnome-terminal`	purl2cpe	2026-06-01 10:17:21.952923

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-2198`	vulnerable	2026-06-03 14:31:06.232689	Details available The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\033[100000000000000000@". Published: 2014-05-21T14:00:00.000Z Updated: 2024-08-06T22:53:17.190Z Open on db.gcve.eu Reference links http://www.openwall.com/lists/oss-security/2011/06/09/3 https://bugzilla.redhat.com/show_bug.cgi?id=712148 https://bugzilla.gnome.org/show_bug.cgi?id=652124 https://git.gnome.org/browse/vte/commit/?h=vte-0-28&id=ac71d26f067be3a21bff315c3cabf24c94360dd6 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629688	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-2713`	not_vulnerable	2026-06-03 14:30:26.913030	Details available The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows remote attackers to execute arbitrary commands or obtain potentially sensitive information via a (1) window title or (2) icon title sequence. NOTE: this issue exists because of a CVE-2003-0070 regression. Published: 2010-08-05T18:00:00.000Z Updated: 2024-08-07T02:39:38.067Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/usn-962-1 http://www.vupen.com/english/advisories/2010/1839 http://www.securityfocus.com/bid/41716 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://git.gnome.org/browse/vte/commit/?id=8b971a7b2c59902914ecbbc3915c45dd21530a91	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.