Vulnerability CVE-2023-46321


Published: 2023-10-23

Description:
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line.

 References:
https://iterm2.com/downloads.html
https://gitlab.com/gnachman/iterm2/-/commit/de3d351e1bd3bc1c1a4f85fe976c592e497dd071

Copyright 2026, cxsecurity.com

 

Back to Top