CVE-2024-44175

Опубликовано: 28 окт. 2024

Источник: nvd

CVSS3: 5.5

CVSS3: 7.5

EPSS Низкий

Описание

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.

Ссылки

https://support.apple.com/en-us/121238
Release Notes
Vendor Advisory
https://support.apple.com/en-us/121570
Release Notes
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Oct/12

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия до 14.7.1 (исключая)

EPSS

Процентиль: 36%

0.00153

Низкий

5.5 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-59

CWE-922

Связанные уязвимости

GHSA-p7rr-c68v-256j

CVSS3: 5.5

github

больше 1 года назад

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.

EPSS

Процентиль: 36%

0.00153

Низкий

5.5 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-59

CWE-922