Sdushantha

Name of the Vulnerable Software and Affected Versions: Ghostty version 1.0.0 Description: Ghostty is a cross-platform terminal emulator that allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal. This could allow the attacker to execute arbitrary commands when the user views a file containing the malicious sequence and physically presses the "enter" key. Recommendations: For Ghostty version 1.0.0, update to Ghostty v1.0.1 to resolve the issue. As a temporary workaround, consider avoiding the use of files that may contain malicious escape sequences until the update is applied. Restrict user interaction with potentially malicious input to minimize the risk of exploitation.