Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iterm2
(Iterm2)| Repositories | https://github.com/gnachman/iTerm2 |
| #Vulnerabilities | 11 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-09-20 | CVE-2015-9231 | iTerm2 3.x before 3.1.1 allows remote attackers to discover passwords by reading DNS queries. A new (default) feature was added to iTerm2 version 3.0.0 (and unreleased 2.9.x versions such as 2.9.20150717) that resulted in a potential information disclosure. In an attempt to see whether the text under the cursor (or selected text) was a URL, the text would be sent as an unencrypted DNS query. This has the potential to result in passwords and other sensitive information being sent in cleartext... | Iterm2 | 7.5 |