Описание
A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminders.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 18.1 (исключая)Версия до 18.1 (исключая)Версия до 2.1 (исключая)Версия до 11.1 (исключая)
Одно из
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00302
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 4.3
github
около 1 года назад
A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminders.
EPSS
Процентиль: 53%
0.00302
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS3
Дефекты
CWE-22
CWE-22