We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.
Reserved 2025-01-03 | Published 2025-01-03 | Updated 2025-01-03 | Assigner mitreCWE-532 Insertion of Sensitive Information into Log File
iterm2.com/downloads/stable/iTerm2-3_5_11.changelog
news.ycombinator.com/item?id=42579472
gitlab.com/...term2/-/wikis/SSH-Integration-Information-Leak
Support options