exploitDog

CVE-2024-44132

Опубликовано: 17 сент. 2024

Источник: nvd

CVSS3: 8.8

CVSS3: 8.4

EPSS Низкий

Описание

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.

Ссылки

https://support.apple.com/en-us/121238
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Sep/33

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 15.0 (исключая)

EPSS

Процентиль: 34%

0.00137

Низкий

8.8 High

CVSS3

8.4 High

CVSS3

Дефекты

CWE-59

CWE-61

Связанные уязвимости

GHSA-56gf-j26c-43xh

CVSS3: 8.4

github

больше 1 года назад

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.

EPSS

Процентиль: 34%

0.00137

Низкий

8.8 High

CVSS3

8.4 High

CVSS3

Дефекты

CWE-59

CWE-61