CVE-2024-23274
https://notcve.org/view.php?id=CVE-2024-23274
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. Se solucionó un problema de inyección con una validación de entrada mejorada. Este problema se solucionó en macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/22 http://seclists.org/fulldisclosure/2024/Mar/23 https://support.apple.com/en-us/HT214083 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214085 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) •
CVE-2024-23273
https://notcve.org/view.php?id=CVE-2024-23273
This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication. Esta cuestión se abordó mediante una mejor gestión de estado. Este problema se solucionó en Safari 17.4, iOS 17.4 y iPadOS 17.4, macOS Sonoma 14.4. • http://seclists.org/fulldisclosure/2024/Mar/20 http://seclists.org/fulldisclosure/2024/Mar/21 https://support.apple.com/en-us/HT214081 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214089 • CWE-295: Improper Certificate Validation •
CVE-2024-23272
https://notcve.org/view.php?id=CVE-2024-23272
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system. Se solucionó un problema de lógica con controles mejorados. Este problema se solucionó en macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/22 http://seclists.org/fulldisclosure/2024/Mar/23 https://support.apple.com/en-us/HT214083 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214085 •
CVE-2024-23268
https://notcve.org/view.php?id=CVE-2024-23268
An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. Se solucionó un problema de inyección con una validación de entrada mejorada. Este problema se solucionó en macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/22 http://seclists.org/fulldisclosure/2024/Mar/23 https://support.apple.com/en-us/HT214083 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214085 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) •
CVE-2024-23267
https://notcve.org/view.php?id=CVE-2024-23267
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to bypass certain Privacy preferences. El problema se solucionó con controles mejorados. Este problema se solucionó en macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/22 http://seclists.org/fulldisclosure/2024/Mar/23 https://support.apple.com/en-us/HT214083 https://support.apple.com/en-us/HT214084 https://support.apple.com/en-us/HT214085 •