← volver
CVE-2024-38395

CVE-2024-38395

CVSS 9.8 CRITICALEPSS 1.5%CWE-94
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially exploitable."
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://gitlab.com/gnachman/iterm2/-/commit/f1e89f78dd72dcac3ba66d3d6f93db3f7f649219https://gitlab.com/gnachman/iterm2/-/tags/v3.5.2https://iterm2.com/downloads.htmlhttps://www.openwall.com/lists/oss-security/2024/06/15/1http://www.openwall.com/lists/oss-security/2024/06/17/1