) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:apple:xcode:14.1:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-40435 |
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials. Published: September 27, 2023; 11:19:15 AM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-40391 |
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory. Published: September 27, 2023; 11:19:05 AM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-32396 |
This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges. Published: September 27, 2023; 11:18:52 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-27967 |
The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. Published: May 08, 2023; 4:15:18 PM -0400 |
V3.1: 8.6 HIGH V2.0:(not available) |
| CVE-2023-27945 |
This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs. Published: May 08, 2023; 4:15:17 PM -0400 |
V3.1: 6.3 MEDIUM V2.0:(not available) |