CVE-2022-42797

2023-02-2700:00:00

apple

www.cve.org

injection issue

xcode 14.1

input validation

root privileges

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.0%

JSON

An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "Xcode",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "14.1",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

support.apple.com/en-us/HT213496