CVE-2023-46301
- Source
- https://cve.org/CVERecord?id=CVE-2023-46301
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46301.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-46301
- Published
- 2023-10-22T00:00:00Z
- Modified
- 2026-05-10T04:25:17.569231Z
- Summary
- [none]
- Details
-
iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain escape sequences related to upload.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/46xxx/CVE-2023-46301.json", "cna_assigner": "mitre" }- References
-
- https://iterm2.com/news.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/46xxx/CVE-2023-46301.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-46301
- https://github.com/gnachman/iTerm2/commit/85cbf5ebda472c9ec295887e99c2b6f1b5867f1b
- https://github.com/gnachman/iTerm2/commit/b2268b03b5f3d4cd8ca275eaef5d16d0fac20009
- https://blog.solidsnail.com/posts/2023-08-28-iterm2-rce