Описание
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially exploitable."
Ссылки
- Mailing ListThird Party Advisory
- Patch
- Release Notes
- Product
- Mailing List
- Mailing ListThird Party Advisory
- Patch
- Release Notes
- Product
- Mailing List
Уязвимые конфигурации
Конфигурация 1Версия от 3.5.0 (включая) до 3.5.2 (исключая)
cpe:2.3:a:iterm2:iterm2:*:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.09237
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially exploitable."
EPSS
Процентиль: 93%
0.09237
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94