CVE-2025-43370

CVE-2025-43370 affects Apple Xcode 26, where a path handling issue can crash a process when processing an oversized path. The root cause is improved validation of path input in Xcode 26 development tooling, with confirmed fix in the Xcode 26 release. Public sources across Red Hat, CNVD, NVD, and ...

CVE-2025-43370

A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process...

Apple Xcode 安全漏洞

Apple Xcode is an integrated development tool that runs on the operating system Mac OS X. It is used for the development of the Mac OS X software. Apple Xcode suffers from a denial of service vulnerability that originates from a process crash when handling too large a path value. An attacker can...

Apple Xcode 安全漏洞

Apple Xcode is an integrated development tool that runs on the operating system Mac OS X. It is used for the development of the Mac OS X software. Apple Xcode suffers from an insufficient sandbox checking vulnerability that can be exploited by an attacker to read and write files outside the sandb...

PT-2025-37794

Name of the Vulnerable Software and Affected Versions: Xcode versions prior to 26 Description: An application may be able to read and write files outside of its designated sandbox. This is due to insufficient checks. Recommendations: Update to Xcode version 26...

Apple Xcode 安全漏洞

Apple Xcode is an integrated development tool that runs on the operating system Mac OS X. It is used for the development of the Mac OS X software. Apple Xcode suffers from an Improper Access Control vulnerability that stems from insufficient sandbox checking, which can be exploited by an attacker...

Apple Xcode 安全漏洞

Apple Xcode is an integrated development tool that runs on the operating system Mac OS X. It is used for the development of the Mac OS X software. Apple Xcode suffers from a path mishandling vulnerability that can be exploited by an attacker to cause a process crash...

About the security content of Xcode 26

About the security content of Xcode 26 This document describes the security content of Xcode 26. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recen...

PT-2025-37856

Name of the Vulnerable Software and Affected Versions: Xcode versions prior to 26 Description: A path handling issue was addressed with improved validation. Processing an overly large path value may crash a process. Recommendations: Update to Xcode version 26...

PT-2025-37857

Name of the Vulnerable Software and Affected Versions: Xcode versions prior to 26 Description: An application may be able to break out of its sandbox due to insufficient security checks. Recommendations: Update to Xcode version 26...

PT-2025-37859

Name of the Vulnerable Software and Affected Versions: Xcode version 26 Description: Processing an overly large path value may crash a process. This issue is fixed with improved checks. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

Linux Distros Unpatched Vulnerability : CVE-2015-3027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Clang in LLVM, as used in Apple Xcode before 6.3, performs incorrect register allocation in a way that triggers stack storage for stack cookie pointers, which...

CVE-2024-40862

A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An attacker may be able to determine the Apple ID of the owner of the computer...

CVE-2024-44162

This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A malicious application may gain access to a user's Keychain items...

CVE-2024-44228

This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app may be able to inherit Xcode permissions and access user data...

CVE-2023-40435

This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials...

CVE-2023-32396

This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges...

CVE-2023-32383

This issue was addressed by forcing hardened runtime on the affected binaries at the system level. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. An app may be able to inject code into sensitive binaries bundled with Xcode...

CVE-2023-27945

This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs...

CVE-2023-27967

The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges...