CVE-2024-44190

2024-09-1623:23:18

apple

www.cve.org

path handling issue

validation improvement

macos ventura

macos sonoma

macos sequoia

arbitrary files read

EPSS

Percentile

16.3%

JSON

A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to read arbitrary files.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "13.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "15",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "14.7",
        "versionType": "custom"
      }
    ]
  }
]

References

support.apple.com/en-us/121234

support.apple.com/en-us/121238

support.apple.com/en-us/121247

EPSS

Percentile

16.3%

JSON

Related for CVELIST:CVE-2024-44190