PT-2019-15763 · Google Code · Iterm2
Published
2019-11-17
·
Updated
2019-11-19
·
CVE-2019-19022
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
iTerm2 versions prior to 3.3.7
Description
The issue is related to potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist. This might allow remote attackers to obtain sensitive information by searching for specific strings in .plist files within public Git repositories.
Recommendations
For versions prior to 3.3.7, update to version 3.3.7 or later to ensure proper documentation and handling of search history in com.googlecode.iterm2.plist.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Iterm2