A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-01-27
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-01-27
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-01-27
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2 and iPadOS 18.2. Password autofill may fill in passwords after failing authentication.
CVSS Score
9.1
EPSS Score
0.002
Published
2025-01-27
The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.2. An app may be able to edit NVRAM variables.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-01-27
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to read and write files outside of its sandbox.
CVSS Score
8.2
EPSS Score
0.0
Published
2025-01-27
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to break out of its sandbox.
CVSS Score
8.2
EPSS Score
0.0
Published
2025-01-27
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to determine a user’s current location.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-01-27
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-27
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-27