exploitDog

GHSA-5fx2-6ffx-qmvv

Опубликовано: 28 окт. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent.

A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent.

Ссылки

EPSS

Процентиль: 9%

0.00033

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2024-44255

CVSS3: 7.8

nvd

больше 1 года назад

A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able to run arbitrary shortcuts without user consent.

EPSS

Процентиль: 9%

0.00033

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-22