CVE-2025-22275 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.tx…
Critical CVSS: 9.3

CVE-2025-22275

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.
Vendor
Iterm2
Product
Iterm2
CWE
CWE-532
Yayın Tarihi
2025-01-03 05:15:08
Güncelleme
2025-06-20 18:10:51
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-532 Iterm2 CRITICAL Iterm2 2025

Referanslar

https://gitlab.com/gnachman/iterm2/-/wikis/SSH-Integration-Information-Leak https://iterm2.com/downloads/stable/iTerm2-3_5_11.changelog https://news.ycombinator.com/item?id=42579472