The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information.
5.5CVSS
4.7AI Score
0.001EPSS
An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges.
7.8CVSS
7AI Score
0.001EPSS
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs.
6.3CVSS
6.4AI Score
0.001EPSS
The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
8.6CVSS
8.2AI Score
0.001EPSS
This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.
7.8CVSS
7AI Score
0.001EPSS
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory.
5.5CVSS
4.9AI Score
0.001EPSS
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.
5.5CVSS
5AI Score
0.001EPSS