CVE-2023-40435
https://notcve.org/view.php?id=CVE-2023-40435
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials. Este problema se solucionó habilitando el tiempo de ejecución reforzado. Este problema se solucionó en Xcode 15. • http://seclists.org/fulldisclosure/2023/Oct/7 https://support.apple.com/en-us/HT213939 •
CVE-2023-40391
https://notcve.org/view.php?id=CVE-2023-40391
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, macOS Sonoma 14, Xcode 15. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/7 http://seclists.org/fulldisclosure/2023/Oct/8 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213939 https://support.apple.com/en-us/HT213940 •
CVE-2023-32396
https://notcve.org/view.php?id=CVE-2023-32396
This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges. Este problema se solucionó con controles mejorados. Este problema se solucionó en Xcode 15, tvOS 17, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/7 http://seclists.org/fulldisclosure/2023/Oct/8 http://seclists.org/fulldisclosure/2023/Oct/9 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213939 https://support.apple.com/en-us/HT213940 •
CVE-2022-32920
https://notcve.org/view.php?id=CVE-2022-32920
The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information. El problema se solucionó con comprobaciones mejoradas. Este problema se ha solucionado en Xcode 14.0. • https://support.apple.com/en-us/HT213883 •
CVE-2023-27945
https://notcve.org/view.php?id=CVE-2023-27945
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs. • https://support.apple.com/en-us/HT213679 https://support.apple.com/en-us/HT213759 https://support.apple.com/en-us/HT213760 •