CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26747
https://notcve.org/view.php?id=CVE-2022-26747
This issue was addressed with improved checks. This issue is fixed in Xcode 13.4. An app may be able to gain elevated privileges. Este problema es corregido con comprobaciones mejoradas. Este problema es corregido en Xcode versión 13.4. • https://support.apple.com/en-us/HT213261 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-24765 – Uncontrolled search for the Git directory in Git for Windows
https://notcve.org/view.php?id=CVE-2022-24765
Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. • http://seclists.org/fulldisclosure/2022/May/31 http://www.openwall.com/lists/oss-security/2022/04/12/7 https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2 https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedor • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22604
https://notcve.org/view.php?id=CVE-2022-22604
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Xcode versión 13.3. • https://support.apple.com/en-us/HT213189 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22601
https://notcve.org/view.php?id=CVE-2022-22601
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Xcode versión 13.3. • https://support.apple.com/en-us/HT213189 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22602
https://notcve.org/view.php?id=CVE-2022-22602
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Xcode versión 13.3. • https://support.apple.com/en-us/HT213189 • CWE-125: Out-of-bounds Read •