iTerm2 < 3.4.20 RCE (macOS)

The version of iTerm2 installed on the remote host is prior to 3.4.20. It is, therefore, is affected by multiple vulnerabilities: - iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to tmux integration. CVE-2023-46300 - iTerm2...

EUVD-2023-50523

Malicious code in bioql PyPI...

CVE-2024-38396

An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature enabled by default, allows an attacker to inject arbitrary code into the terminal, a different vulnerability than...

CVE-2023-46300

iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to tmux integration...

CVE-2024-38396

An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature enabled by default, allows an attacker to inject arbitrary code into the terminal, a different vulnerability than...

PT-2024-27980 · Iterm2 · Iterm2

Name of the Vulnerable Software and Affected Versions: iTerm2 versions 3.5.x through 3.5.1 Description: An issue was discovered in iTerm2 that allows an attacker to inject arbitrary code into the terminal by abusing title reporting and tmux integration. This is possible due to the unfiltered use ...

CVE-2023-46300

iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to tmux integration...

CVE-2023-46300

iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to tmux integration...

CVE-2023-46300

iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to tmux integration...

Design/Logic Flaw

iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to tmux integration...

CVE-2023-46300

iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to tmux integration...

CVE-2019-9535

A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5. This vulnerability may allow an attacker to execut...

CVE-2019-9535 iTerm2, up to and including version 3.3.5, with tmux integration is vulnerable to remote command execution

A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5. This vulnerability may allow an attacker to execut...

iTerm2 with tmux integration is vulnerable to remote command execution

A vulnerability exists in the way that iTerm2 integrates with tmux’s control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5. This vulnerability may allow an attacker to execut...