xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. CREATE(Triage):(User=admin) CVE-2022-24130 (https://nvd.nist.gov/vuln/detail/CVE-2022-24130)