Lucene search

PRIOn knowledge basePRION:CVE-2023-46301

HistoryOct 22, 2023 - 4:15 a.m.

Design/Logic Flaw

2023-10-2204:15:00

PRIOn knowledge base

www.prio-n.com

iterm2

logic flaw

code execution

upload sequences

9.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.0%

iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain escape sequences related to upload.

CPENameOperatorVersion
iterm2lt3.4.20

CPE	Name	Operator	Version
	iterm2	lt	3.4.20

References

blog.solidsnail.com/posts/2023-08-28-iterm2-rce

github.com/gnachman/iTerm2/commit/85cbf5ebda472c9ec295887e99c2b6f1b5867f1b

github.com/gnachman/iTerm2/commit/b2268b03b5f3d4cd8ca275eaef5d16d0fac20009

iterm2.com/news.html