exploitDog

CVE-2024-44159

Опубликовано: 28 окт. 2024

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to bypass Privacy preferences.

Ссылки

https://support.apple.com/en-us/121568
Release Notes
Vendor Advisory
https://support.apple.com/en-us/121570
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Oct/11
http://seclists.org/fulldisclosure/2024/Oct/12
http://seclists.org/fulldisclosure/2024/Oct/13

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 13.7.1 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.7.1 (исключая)

EPSS

Процентиль: 3%

0.00016

Низкий

7.1 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-c83g-cgfm-hc33

CVSS3: 7.1

github

больше 1 года назад

A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to bypass Privacy preferences.

EPSS

Процентиль: 3%

0.00016

Низкий

7.1 High

CVSS3

Дефекты

NVD-CWE-noinfo