exploitDog

CVE-2015-7056

Опубликовано: 11 дек. 2015

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.

Ссылки

http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html
Vendor Advisory
http://www.securitytracker.com/id/1034340
https://support.apple.com/HT205642
Vendor Advisory
http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html
Vendor Advisory
http://www.securitytracker.com/id/1034340
https://support.apple.com/HT205642
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*

Версия до 7.1.1 (включая)

EPSS

Процентиль: 53%

0.00307

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-2qqq-394q-qgqc

github

больше 3 лет назад

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.

EPSS

Процентиль: 53%

0.00307

Низкий

5 Medium

CVSS2

Дефекты

CWE-200