CVE-2025-22275

CRITICAL Year: 2025
CVSS v3 Score
9.3
Critical
Weakness Type
CWE-532
View all →

Vulnerability Description

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.

Related Vulnerabilities

CVE-2024-48852

MEDIUM
CVSS:9.4(Critical)

Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access. This issue affects FLXEON through <= 9.3.4.

CWE-5322024

CVE-2021-22533

CRITICAL
CVSS:9.1(Critical)

Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenTextâ„¢ eDirectory 9.2.4.0000.

CWE-5322021

CVE-2023-36649

CRITICAL
CVSS:9.1(Critical)

Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by ...

CWE-5322023

CVE-2023-46668

CRITICAL
CVSS:9.1(Critical)

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect a...

CWE-5322023

CVE-2019-4008

CRITICAL
CVSS:9.0(Critical)

API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in some URLs can result in the tokens being written to log files. IBM X-Force ID: 155626.

CWE-5322019

CVE-2020-5389

CRITICAL
CVSS:9.0(Critical)

Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an information disclosure vulnerability. Authenticated low privileged OMIMSCC u...

CWE-5322020