7.8

CVE-2024-23258

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1. Processing an image may lead to arbitrary code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApplemacOS Version >= 14.0 < 14.4
ApplevisionOS Version < 1.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.147
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

http://seclists.org/fulldisclosure/2024/Mar/21
Mailing List
https://support.apple.com/kb/HT214084
http://seclists.org/fulldisclosure/2024/Mar/26
Mailing List
https://support.apple.com/kb/HT214087
https://support.apple.com/en-us/HT214084
Vendor Advisory
https://support.apple.com/en-us/HT214087
Vendor Advisory
https://support.apple.com/en-us/120883
https://support.apple.com/en-us/120895