This is patched in iTerm version 3.3.6. if you are on our Managed Service platform datajar.mobi, this update has been tested and released to all customers with immediate effect, leveraging our Auto-Update framework. In order to expedite the rollout of this patch, we have reset the usual weekly patch cycle and all macOS devices that are powered on with an active network connection should receive this patch within the next one to two hours. If you have iTerm2 open whilst the patch is downloaded, you’ll be prompted to log out to install this as normal.
If you have any problems, concerns or questions, please let us know.
More information on the vulnerability can be found here: