VDB

GCVE-110-NCSC-2024-381

GCVE-110-NCSC-2024-381
Advisory PublishedCVSS 5.5/10
Vulnetix · Advisory published September 26, 2024
Apple heeft kwetsbaarheden verholpen in MacOS

Weaknesses (CWE)

CWE-122Heap-based Buffer OverflowCWE-377Insecure Temporary FileCWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-404Improper Resource Shutdown or ReleaseCWE-275-CWE-284Improper Access ControlCWE-942Permissive Cross-domain Policy with Untrusted DomainsCWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-285Improper AuthorizationCWE-190Integer Overflow or WraparoundCWE-208Observable Timing DiscrepancyCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-415Double FreeCWE-61UNIX Symbolic Link (Symlink) FollowingCWE-265-

Risk Scores

CVSS 3.1
5.5/10
Medium · CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersionsPlatforms
applemacos_sonoma__14.7
applemacos_sequoia__15
applemacos_ventura__13.7

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›