Lucene search

Xcode Security Vulnerabilities - 2023

cve

CVE-2022-32920

The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information.

5.5CVSS

4.7AI Score

0.001EPSS

2023-09-06 02:15 AM

cve

CVE-2022-42797

An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges.

7.8CVSS

7AI Score

0.001EPSS

2023-02-27 08:15 PM

cve

CVE-2023-27945

This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs.

6.3CVSS

6.4AI Score

0.001EPSS

2023-05-08 08:15 PM

cve

CVE-2023-27967

The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.

8.6CVSS

8.2AI Score

0.001EPSS

2023-05-08 08:15 PM

cve

CVE-2023-32396

This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.

7.8CVSS

7AI Score

0.001EPSS

2023-09-27 03:18 PM

cve

CVE-2023-40391

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory.

5.5CVSS

4.9AI Score

0.001EPSS

2023-09-27 03:19 PM

cve

CVE-2023-40435

This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.

5.5CVSS

5AI Score

0.001EPSS

2023-09-27 03:19 PM