CVE-2023-40394

The issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to access sensitive user data...

CVE-2024-27805

An issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to access sensitive user data...

CVE-2025-24191

The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system...

CVE-2025-24191

CVE-2025-24191 affects macOS Sequoia prior to 15.4. Root cause: improved validation of environment variables; an app could modify protected parts of the file system. Remediation: upgrade to macOS Sequoia 15.4 (addresses the issue). Public exploitation status is not detailed in the provided docume...

PT-2025-13884 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 Description: The issue allows an app to potentially modify protected parts of the file system due to insufficient validation of environment variables. Recommendations: For versions prior to 15.4, update to macOS...

CVE-2024-54536

The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.2. An app may be able to edit NVRAM variables...

CVE-2024-54536

The CVE-2024-54536 issue affects macOS Sequoia (15.2). It arises from insufficient validation of environment variables, allowing an app to edit NVRAM variables. Apple fixed this by improving environment variable validation in Sequoia 15.2. The available public descriptions confirm the vulnerabili...

CVE-2024-40842

An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data...

CVE-2024-40842

An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data...

PT-2024-22046 · Apple · Macos Monterey +7

Name of the Vulnerable Software and Affected Versions: macOS Ventura versions prior to 13.6.7 macOS Monterey versions prior to 12.7.5 iOS versions prior to 16.7.8 iPadOS versions prior to 16.7.8 tvOS versions prior to 17.5 iOS versions prior to 17.5 iPadOS versions prior to 17.5 watchOS versions...

Code injection

The issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to access sensitive user data...

CVE-2022-32786

An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system...

Design/Logic Flaw

An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system...

DSA-3355-1 libvdpau - security update

Bulletin has no description...