An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2024/Mar/21 | Mailing List |
http://seclists.org/fulldisclosure/2024/Mar/22 | Mailing List |
http://seclists.org/fulldisclosure/2024/Mar/23 | Mailing List |
https://support.apple.com/en-us/HT214083 | Vendor Advisory |
https://support.apple.com/en-us/HT214084 | Vendor Advisory |
https://support.apple.com/en-us/HT214085 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
01 Aug 2024, 13:47
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-75 |
14 Mar 2024, 19:54
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-74 | |
References | () http://seclists.org/fulldisclosure/2024/Mar/21 - Mailing List | |
References | () http://seclists.org/fulldisclosure/2024/Mar/22 - Mailing List | |
References | () http://seclists.org/fulldisclosure/2024/Mar/23 - Mailing List | |
References | () https://support.apple.com/en-us/HT214083 - Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214084 - Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214085 - Vendor Advisory | |
CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | |
First Time |
Apple macos
Apple |
13 Mar 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Mar 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Mar 2024, 14:02
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
08 Mar 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-08 02:15
Updated : 2024-08-01 13:47
NVD link : CVE-2024-23274
Mitre link : CVE-2024-23274
CVE.ORG link : CVE-2024-23274
JSON object : View
Products Affected
apple
- macos