CyberRota
← Ana sayfaya dön

CVE-2026-49147

HIGH · CVSS 7.5

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-08T15:16:27.787 · Çekilme zamanı: 2026-07-08T18:32:24.449697+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-49147
Severity
HIGH
CVSS
7.5
EPSS
Yok

Orijinal NVD Açıklaması

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a _safe_filename helper that sanitises the filenames printed by -f, -g, the colored match heading, and per-match lines, but the --show-types, -l/-L, and -c paths still emit the raw filename. A file whose name embeds cursor-movement or color escapes can overwrite or recolor earlier terminal output, or be passed unchanged to a downstream consumer.