Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xcode
(Apple)| Repositories |
• https://github.com/apache/httpd
• https://github.com/visionmedia/send |
| #Vulnerabilities | 81 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-18 | CVE-2022-22606 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | Xcode | 7.8 | ||
| 2022-03-18 | CVE-2022-22607 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | Xcode | 7.8 | ||
| 2022-03-18 | CVE-2022-22608 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | Xcode | 7.8 | ||
| 2022-04-12 | CVE-2022-24765 | Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable... | Xcode, Debian_linux, Fedora, Git | 7.8 | ||
| 2022-05-26 | CVE-2022-26747 | This issue was addressed with improved checks. This issue is fixed in Xcode 13.4. An app may be able to gain elevated privileges. | Xcode | 7.8 | ||
| 2022-07-12 | CVE-2022-29187 | Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5... | Xcode, Debian_linux, Fedora, Git | 7.8 | ||
| 2022-10-19 | CVE-2022-39253 | Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source's `$GIT_DIR/objects` directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks... | Xcode, Debian_linux, Fedora, Git | 5.5 | ||
| 2022-10-19 | CVE-2022-39260 | Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary... | Xcode, Debian_linux, Fedora, Git | 8.8 | ||
| 2023-02-27 | CVE-2022-42797 | An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges. | Xcode | 7.8 | ||
| 2023-05-08 | CVE-2023-27945 | This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs. | Xcode | 6.3 |