AI Score
Confidence
Low
EPSS
Percentile
41.5%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks.
[
{
"cpes": [
"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*"
],
"vendor": "apple",
"product": "macos",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "12.7",
"versionType": "custom"
},
{
"status": "affected",
"version": "0",
"lessThan": "13.6",
"versionType": "custom"
},
{
"status": "affected",
"version": "0",
"lessThan": "14.1",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
seclists.org/fulldisclosure/2023/Oct/21
seclists.org/fulldisclosure/2023/Oct/24
seclists.org/fulldisclosure/2023/Oct/26
support.apple.com/en-us/HT213983
support.apple.com/en-us/HT213984
support.apple.com/en-us/HT213985
support.apple.com/kb/HT213983
support.apple.com/kb/HT213984
support.apple.com/kb/HT213985