Описание
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A shortcut may output sensitive user data without consent.
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A shortcut may output sensitive user data without consent.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-27821
- https://support.apple.com/en-us/HT214101
- https://support.apple.com/en-us/HT214104
- https://support.apple.com/en-us/HT214106
- https://support.apple.com/kb/HT214101
- https://support.apple.com/kb/HT214104
- https://support.apple.com/kb/HT214106
- http://seclists.org/fulldisclosure/2024/May/10
- http://seclists.org/fulldisclosure/2024/May/12
- http://seclists.org/fulldisclosure/2024/May/16
Связанные уязвимости
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A shortcut may output sensitive user data without consent.
Уязвимость компонента Shortcuts операционных систем iOS, iPadOS, watchOS, macOS, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным