From 6a0c51f7733b0c6e5d98fc30d00953ae1e54fa44 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 27 Jan 2025 22:01:03 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/13xxx/CVE-2024-13748.json | 18 +++ 2024/13xxx/CVE-2024-13749.json | 18 +++ 2024/23xxx/CVE-2024-23148.json | 256 ++++++++++++++++++++++++++++++++- 2024/23xxx/CVE-2024-23149.json | 256 ++++++++++++++++++++++++++++++++- 2024/37xxx/CVE-2024-37526.json | 78 +++++++++- 2024/44xxx/CVE-2024-44172.json | 64 ++++++++- 2024/54xxx/CVE-2024-54468.json | 132 ++++++++++++++++- 2024/54xxx/CVE-2024-54475.json | 64 ++++++++- 2024/54xxx/CVE-2024-54478.json | 144 ++++++++++++++++++- 2024/54xxx/CVE-2024-54488.json | 98 ++++++++++++- 2024/54xxx/CVE-2024-54497.json | 149 ++++++++++++++++++- 2024/54xxx/CVE-2024-54499.json | 122 +++++++++++++++- 2024/54xxx/CVE-2024-54507.json | 71 ++++++++- 2024/54xxx/CVE-2024-54509.json | 64 ++++++++- 2024/54xxx/CVE-2024-54512.json | 71 ++++++++- 2024/54xxx/CVE-2024-54516.json | 59 +++++++- 2024/54xxx/CVE-2024-54517.json | 105 +++++++++++++- 2024/54xxx/CVE-2024-54518.json | 105 +++++++++++++- 2024/54xxx/CVE-2024-54519.json | 59 +++++++- 2024/54xxx/CVE-2024-54520.json | 64 ++++++++- 2024/54xxx/CVE-2024-54522.json | 105 +++++++++++++- 2024/54xxx/CVE-2024-54523.json | 105 +++++++++++++- 2024/54xxx/CVE-2024-54530.json | 105 +++++++++++++- 2024/54xxx/CVE-2024-54536.json | 54 ++++++- 2024/54xxx/CVE-2024-54537.json | 64 ++++++++- 2024/54xxx/CVE-2024-54539.json | 64 ++++++++- 2024/54xxx/CVE-2024-54541.json | 132 ++++++++++++++++- 2024/54xxx/CVE-2024-54542.json | 105 +++++++++++++- 2024/54xxx/CVE-2024-54543.json | 139 +++++++++++++++++- 2024/54xxx/CVE-2024-54547.json | 64 ++++++++- 2024/54xxx/CVE-2024-54549.json | 54 ++++++- 2024/54xxx/CVE-2024-54550.json | 71 ++++++++- 2024/54xxx/CVE-2024-54557.json | 64 ++++++++- 2025/0xxx/CVE-2025-0753.json | 138 +++++++++++++++++- 2025/0xxx/CVE-2025-0763.json | 18 +++ 2025/20xxx/CVE-2025-20049.json | 18 +++ 2025/20xxx/CVE-2025-20060.json | 18 +++ 2025/23xxx/CVE-2025-23405.json | 18 +++ 2025/24xxx/CVE-2025-24085.json | 122 +++++++++++++++- 2025/24xxx/CVE-2025-24086.json | 149 ++++++++++++++++++- 2025/24xxx/CVE-2025-24087.json | 54 ++++++- 2025/24xxx/CVE-2025-24092.json | 59 +++++++- 2025/24xxx/CVE-2025-24093.json | 59 +++++++- 2025/24xxx/CVE-2025-24094.json | 64 ++++++++- 2025/24xxx/CVE-2025-24096.json | 54 ++++++- 2025/24xxx/CVE-2025-24100.json | 64 ++++++++- 2025/24xxx/CVE-2025-24101.json | 54 ++++++- 2025/24xxx/CVE-2025-24102.json | 81 ++++++++++- 2025/24xxx/CVE-2025-24103.json | 64 ++++++++- 2025/24xxx/CVE-2025-24104.json | 71 ++++++++- 2025/24xxx/CVE-2025-24106.json | 64 ++++++++- 2025/24xxx/CVE-2025-24107.json | 105 +++++++++++++- 2025/24xxx/CVE-2025-24108.json | 54 ++++++- 2025/24xxx/CVE-2025-24109.json | 64 ++++++++- 2025/24xxx/CVE-2025-24112.json | 59 +++++++- 2025/24xxx/CVE-2025-24113.json | 105 +++++++++++++- 2025/24xxx/CVE-2025-24114.json | 64 ++++++++- 2025/24xxx/CVE-2025-24115.json | 64 ++++++++- 2025/24xxx/CVE-2025-24116.json | 64 ++++++++- 2025/24xxx/CVE-2025-24117.json | 122 +++++++++++++++- 2025/24xxx/CVE-2025-24118.json | 76 +++++++++- 2025/24xxx/CVE-2025-24120.json | 64 ++++++++- 2025/24xxx/CVE-2025-24121.json | 64 ++++++++- 2025/24xxx/CVE-2025-24122.json | 64 ++++++++- 2025/24xxx/CVE-2025-24123.json | 149 ++++++++++++++++++- 2025/24xxx/CVE-2025-24124.json | 149 ++++++++++++++++++- 2025/24xxx/CVE-2025-24126.json | 122 +++++++++++++++- 2025/24xxx/CVE-2025-24127.json | 132 ++++++++++++++++- 2025/24xxx/CVE-2025-24128.json | 88 +++++++++++- 2025/24xxx/CVE-2025-24129.json | 122 +++++++++++++++- 2025/24xxx/CVE-2025-24130.json | 64 ++++++++- 2025/24xxx/CVE-2025-24131.json | 122 +++++++++++++++- 2025/24xxx/CVE-2025-24134.json | 54 ++++++- 2025/24xxx/CVE-2025-24135.json | 54 ++++++- 2025/24xxx/CVE-2025-24136.json | 64 ++++++++- 2025/24xxx/CVE-2025-24150.json | 88 +++++++++++- 2025/24xxx/CVE-2025-24151.json | 64 ++++++++- 2025/24xxx/CVE-2025-24152.json | 54 ++++++- 2025/24xxx/CVE-2025-24153.json | 54 ++++++- 2025/24xxx/CVE-2025-24154.json | 98 ++++++++++++- 2025/24xxx/CVE-2025-24156.json | 64 ++++++++- 2025/24xxx/CVE-2025-24158.json | 139 +++++++++++++++++- 2025/24xxx/CVE-2025-24159.json | 144 ++++++++++++++++++- 2025/24xxx/CVE-2025-24160.json | 144 ++++++++++++++++++- 2025/24xxx/CVE-2025-24161.json | 144 ++++++++++++++++++- 2025/24xxx/CVE-2025-24162.json | 139 +++++++++++++++++- 2025/24xxx/CVE-2025-24163.json | 144 ++++++++++++++++++- 2025/24xxx/CVE-2025-24166.json | 149 ++++++++++++++++++- 2025/24xxx/CVE-2025-24169.json | 71 ++++++++- 2025/24xxx/CVE-2025-24174.json | 64 ++++++++- 2025/24xxx/CVE-2025-24176.json | 64 ++++++++- 2025/24xxx/CVE-2025-24177.json | 71 ++++++++- 2025/24xxx/CVE-2025-24316.json | 18 +++ 2025/24xxx/CVE-2025-24318.json | 18 +++ 2025/24xxx/CVE-2025-24843.json | 18 +++ 2025/24xxx/CVE-2025-24849.json | 18 +++ 96 files changed, 7806 insertions(+), 342 deletions(-) create mode 100644 2024/13xxx/CVE-2024-13748.json create mode 100644 2024/13xxx/CVE-2024-13749.json create mode 100644 2025/0xxx/CVE-2025-0763.json create mode 100644 2025/20xxx/CVE-2025-20049.json create mode 100644 2025/20xxx/CVE-2025-20060.json create mode 100644 2025/23xxx/CVE-2025-23405.json create mode 100644 2025/24xxx/CVE-2025-24316.json create mode 100644 2025/24xxx/CVE-2025-24318.json create mode 100644 2025/24xxx/CVE-2025-24843.json create mode 100644 2025/24xxx/CVE-2025-24849.json diff --git a/2024/13xxx/CVE-2024-13748.json b/2024/13xxx/CVE-2024-13748.json new file mode 100644 index 00000000000..17e4c7f6ffb --- /dev/null +++ b/2024/13xxx/CVE-2024-13748.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13748", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13749.json b/2024/13xxx/CVE-2024-13749.json new file mode 100644 index 00000000000..389d09d59aa --- /dev/null +++ b/2024/13xxx/CVE-2024-13749.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13749", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/23xxx/CVE-2024-23148.json b/2024/23xxx/CVE-2024-23148.json index 5855b71bd66..a6f36a369fe 100644 --- a/2024/23xxx/CVE-2024-23148.json +++ b/2024/23xxx/CVE-2024-23148.json @@ -36,12 +36,244 @@ "product": { "product_data": [ { - "product_name": "AutoCAD, Advance Steel and Civil 3D", + "product_name": "AutoCAD", "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2024" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD Architecture", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD Electrical", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD Mechanical", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD MEP", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD Plant 3D", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "Civil 3D", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "Advance Steel", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD MAP 3D", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" } ] } @@ -66,5 +298,23 @@ }, "source": { "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ] } } \ No newline at end of file diff --git a/2024/23xxx/CVE-2024-23149.json b/2024/23xxx/CVE-2024-23149.json index cb335f3e906..dea6ce4791a 100644 --- a/2024/23xxx/CVE-2024-23149.json +++ b/2024/23xxx/CVE-2024-23149.json @@ -36,12 +36,244 @@ "product": { "product_data": [ { - "product_name": "AutoCAD, Advance Steel and Civil 3D", + "product_name": "AutoCAD", "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2024" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD Architecture", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD Electrical", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD Mechanical", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD MEP", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD Plant 3D", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "Civil 3D", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "Advance Steel", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" + } + ] + } + }, + { + "product_name": "AutoCAD MAP 3D", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1" + }, + { + "version_affected": "<", + "version_name": "2024", + "version_value": "2024.1.4" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.6" + }, + { + "version_affected": "<", + "version_name": "2022", + "version_value": "2022.1.5" } ] } @@ -66,5 +298,23 @@ }, "source": { "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ] } } \ No newline at end of file diff --git a/2024/37xxx/CVE-2024-37526.json b/2024/37xxx/CVE-2024-37526.json index b3a691d2388..ff8a8dd5549 100644 --- a/2024/37xxx/CVE-2024-37526.json +++ b/2024/37xxx/CVE-2024-37526.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-37526", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization\u00a01.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere", + "cweId": "CWE-497" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Data Virtualization", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.8, 2.0, 2.1, 2.2, 3.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7173774", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7173774" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/44xxx/CVE-2024-44172.json b/2024/44xxx/CVE-2024-44172.json index 14410494ff5..e545b1e97f8 100644 --- a/2024/44xxx/CVE-2024-44172.json +++ b/2024/44xxx/CVE-2024-44172.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-44172", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, macOS Sequoia 15. An app may be able to access contacts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access contacts" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/121238", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121238" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2024/54xxx/CVE-2024-54468.json b/2024/54xxx/CVE-2024-54468.json index 856dce3364e..2ee9a6b803f 100644 --- a/2024/54xxx/CVE-2024-54468.json +++ b/2024/54xxx/CVE-2024-54468.json @@ -1,17 +1,141 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54468", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to break out of its sandbox." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to break out of its sandbox" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121842", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121842" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121838", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121838" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54475.json b/2024/54xxx/CVE-2024-54475.json index 14bf45f395c..707fa066bf2 100644 --- a/2024/54xxx/CVE-2024-54475.json +++ b/2024/54xxx/CVE-2024-54475.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54475", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to determine a user\u2019s current location." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to determine a user\u2019s current location" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121842", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121842" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54478.json b/2024/54xxx/CVE-2024-54478.json index 5a6441321aa..0e24b445fb8 100644 --- a/2024/54xxx/CVE-2024-54478.json +++ b/2024/54xxx/CVE-2024-54478.json @@ -1,17 +1,153 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54478", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process crash." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to an unexpected process crash" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121845", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121845" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" } ] } diff --git a/2024/54xxx/CVE-2024-54488.json b/2024/54xxx/CVE-2024-54488.json index f39d8ffb617..4f61e2973d4 100644 --- a/2024/54xxx/CVE-2024-54488.json +++ b/2024/54xxx/CVE-2024-54488.json @@ -1,17 +1,107 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54488", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Photos in the Hidden Photos Album may be viewed without authentication" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121842", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121842" + }, + { + "url": "https://support.apple.com/en-us/121838", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121838" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54497.json b/2024/54xxx/CVE-2024-54497.json index bc75ca54cae..e42a0b22d36 100644 --- a/2024/54xxx/CVE-2024-54497.json +++ b/2024/54xxx/CVE-2024-54497.json @@ -1,17 +1,158 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54497", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing web content may lead to a denial-of-service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121845", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121845" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2024/54xxx/CVE-2024-54499.json b/2024/54xxx/CVE-2024-54499.json index a5b1ef0f6a1..740b526dd12 100644 --- a/2024/54xxx/CVE-2024-54499.json +++ b/2024/54xxx/CVE-2024-54499.json @@ -1,17 +1,131 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54499", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing a maliciously crafted image may lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted image may lead to arbitrary code execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121845", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121845" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" } ] } diff --git a/2024/54xxx/CVE-2024-54507.json b/2024/54xxx/CVE-2024-54507.json index 6e8d9e44db0..bb1ce1bb22e 100644 --- a/2024/54xxx/CVE-2024-54507.json +++ b/2024/54xxx/CVE-2024-54507.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54507", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An attacker with user privileges may be able to read kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker with user privileges may be able to read kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" } ] } diff --git a/2024/54xxx/CVE-2024-54509.json b/2024/54xxx/CVE-2024-54509.json index 8fce165861b..d0fb717298c 100644 --- a/2024/54xxx/CVE-2024-54509.json +++ b/2024/54xxx/CVE-2024-54509.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54509", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54512.json b/2024/54xxx/CVE-2024-54512.json index b2f3f7c7aed..1adf4aa71ba 100644 --- a/2024/54xxx/CVE-2024-54512.json +++ b/2024/54xxx/CVE-2024-54512.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54512", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS 18.2 and iPadOS 18.2. A system binary could be used to fingerprint a user's Apple Account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A system binary could be used to fingerprint a user's Apple Account" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" } ] } diff --git a/2024/54xxx/CVE-2024-54516.json b/2024/54xxx/CVE-2024-54516.json index 5f97d061598..a6751729828 100644 --- a/2024/54xxx/CVE-2024-54516.json +++ b/2024/54xxx/CVE-2024-54516.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54516", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to approve a launch daemon without user consent." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to approve a launch daemon without user consent" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54517.json b/2024/54xxx/CVE-2024-54517.json index db9b93a5d7c..185a953841a 100644 --- a/2024/54xxx/CVE-2024-54517.json +++ b/2024/54xxx/CVE-2024-54517.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54517", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to corrupt coprocessor memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" } ] } diff --git a/2024/54xxx/CVE-2024-54518.json b/2024/54xxx/CVE-2024-54518.json index 9ae0d3caf88..298f1ab08f6 100644 --- a/2024/54xxx/CVE-2024-54518.json +++ b/2024/54xxx/CVE-2024-54518.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54518", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to corrupt coprocessor memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" } ] } diff --git a/2024/54xxx/CVE-2024-54519.json b/2024/54xxx/CVE-2024-54519.json index 1f920ce7238..52e2221f3cc 100644 --- a/2024/54xxx/CVE-2024-54519.json +++ b/2024/54xxx/CVE-2024-54519.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54519", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was resolved by sanitizing logging. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to read sensitive location information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to read sensitive location information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54520.json b/2024/54xxx/CVE-2024-54520.json index 447f299406f..b8064e3c931 100644 --- a/2024/54xxx/CVE-2024-54520.json +++ b/2024/54xxx/CVE-2024-54520.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54520", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to overwrite arbitrary files" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121842", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121842" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54522.json b/2024/54xxx/CVE-2024-54522.json index f4f221c2d35..35018d8aad5 100644 --- a/2024/54xxx/CVE-2024-54522.json +++ b/2024/54xxx/CVE-2024-54522.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54522", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to corrupt coprocessor memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" } ] } diff --git a/2024/54xxx/CVE-2024-54523.json b/2024/54xxx/CVE-2024-54523.json index 5f7cc60db8f..c8d8d7dba6b 100644 --- a/2024/54xxx/CVE-2024-54523.json +++ b/2024/54xxx/CVE-2024-54523.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54523", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to corrupt coprocessor memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" } ] } diff --git a/2024/54xxx/CVE-2024-54530.json b/2024/54xxx/CVE-2024-54530.json index ce070214dff..af99dd3b29b 100644 --- a/2024/54xxx/CVE-2024-54530.json +++ b/2024/54xxx/CVE-2024-54530.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54530", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2 and iPadOS 18.2. Password autofill may fill in passwords after failing authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Password autofill may fill in passwords after failing authentication" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121845", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121845" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" } ] } diff --git a/2024/54xxx/CVE-2024-54536.json b/2024/54xxx/CVE-2024-54536.json index a674444f6b9..33f8d6fcdbf 100644 --- a/2024/54xxx/CVE-2024-54536.json +++ b/2024/54xxx/CVE-2024-54536.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54536", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15.2. An app may be able to edit NVRAM variables." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to edit NVRAM variables" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" } ] } diff --git a/2024/54xxx/CVE-2024-54537.json b/2024/54xxx/CVE-2024-54537.json index a35fff1da6e..09c624c68ce 100644 --- a/2024/54xxx/CVE-2024-54537.json +++ b/2024/54xxx/CVE-2024-54537.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54537", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to read and write files outside of its sandbox." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to read and write files outside of its sandbox" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121842", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121842" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54539.json b/2024/54xxx/CVE-2024-54539.json index 47d8d552834..9612829cbb7 100644 --- a/2024/54xxx/CVE-2024-54539.json +++ b/2024/54xxx/CVE-2024-54539.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54539", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to capture keyboard events from the lock screen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to capture keyboard events from the lock screen" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121842", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121842" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54541.json b/2024/54xxx/CVE-2024-54541.json index 9078f38514f..963625cfed8 100644 --- a/2024/54xxx/CVE-2024-54541.json +++ b/2024/54xxx/CVE-2024-54541.json @@ -1,17 +1,141 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54541", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.2, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to access user-sensitive data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access user-sensitive data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121845", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121845" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121842", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121842" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54542.json b/2024/54xxx/CVE-2024-54542.json index 6cefc18ced9..3af41f9b57a 100644 --- a/2024/54xxx/CVE-2024-54542.json +++ b/2024/54xxx/CVE-2024-54542.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54542", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, macOS Sequoia 15.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2. Private Browsing tabs may be accessed without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Private Browsing tabs may be accessed without authentication" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" + }, + { + "url": "https://support.apple.com/en-us/121846", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121846" } ] } diff --git a/2024/54xxx/CVE-2024-54543.json b/2024/54xxx/CVE-2024-54543.json index a3a41409c50..c59f26032b4 100644 --- a/2024/54xxx/CVE-2024-54543.json +++ b/2024/54xxx/CVE-2024-54543.json @@ -1,17 +1,148 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54543", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to memory corruption" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121844", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121844" + }, + { + "url": "https://support.apple.com/en-us/121845", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121845" + }, + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121843", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121843" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" + }, + { + "url": "https://support.apple.com/en-us/121846", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121846" } ] } diff --git a/2024/54xxx/CVE-2024-54547.json b/2024/54xxx/CVE-2024-54547.json index 004f2678b97..0d9f51f957a 100644 --- a/2024/54xxx/CVE-2024-54547.json +++ b/2024/54xxx/CVE-2024-54547.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54547", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to access protected user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access protected user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121842", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121842" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2024/54xxx/CVE-2024-54549.json b/2024/54xxx/CVE-2024-54549.json index fcfd77780b5..1984860a5ec 100644 --- a/2024/54xxx/CVE-2024-54549.json +++ b/2024/54xxx/CVE-2024-54549.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54549", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access user-sensitive data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" } ] } diff --git a/2024/54xxx/CVE-2024-54550.json b/2024/54xxx/CVE-2024-54550.json index a3f34721c63..b123060c325 100644 --- a/2024/54xxx/CVE-2024-54550.json +++ b/2024/54xxx/CVE-2024-54550.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54550", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to view autocompleted contact information from Messages and Mail in system logs" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121837", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121837" } ] } diff --git a/2024/54xxx/CVE-2024-54557.json b/2024/54xxx/CVE-2024-54557.json index fd7e2167904..110d4c43fd0 100644 --- a/2024/54xxx/CVE-2024-54557.json +++ b/2024/54xxx/CVE-2024-54557.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54557", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An attacker may gain access to protected parts of the file system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker may gain access to protected parts of the file system" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/121839", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121839" + }, + { + "url": "https://support.apple.com/en-us/121842", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121842" + }, + { + "url": "https://support.apple.com/en-us/121840", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/121840" } ] } diff --git a/2025/0xxx/CVE-2025-0753.json b/2025/0xxx/CVE-2025-0753.json index 7c1a1e588a9..af4312472b6 100644 --- a/2025/0xxx/CVE-2025-0753.json +++ b/2025/0xxx/CVE-2025-0753.json @@ -1,17 +1,147 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-0753", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "In Axiomatic Bento4 bis 1.6.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Dabei geht es um die Funktion AP4_StdcFileByteStream::ReadPartial der Komponente mp42aac. Mittels dem Manipulieren mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption", + "cweId": "CWE-119" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Axiomatic", + "product": { + "product_data": [ + { + "product_name": "Bento4", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + }, + { + "version_affected": "=", + "version_value": "1.1" + }, + { + "version_affected": "=", + "version_value": "1.2" + }, + { + "version_affected": "=", + "version_value": "1.3" + }, + { + "version_affected": "=", + "version_value": "1.4" + }, + { + "version_affected": "=", + "version_value": "1.5" + }, + { + "version_affected": "=", + "version_value": "1.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.293518", + "refsource": "MISC", + "name": "https://vuldb.com/?id.293518" + }, + { + "url": "https://vuldb.com/?ctiid.293518", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.293518" + }, + { + "url": "https://vuldb.com/?submit.483326", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.483326" + }, + { + "url": "https://github.com/axiomatic-systems/Bento4/issues/991", + "refsource": "MISC", + "name": "https://github.com/axiomatic-systems/Bento4/issues/991" + }, + { + "url": "https://github.com/user-attachments/files/18434657/seeds.zip", + "refsource": "MISC", + "name": "https://github.com/user-attachments/files/18434657/seeds.zip" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Zhang Yaoliang (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/0xxx/CVE-2025-0763.json b/2025/0xxx/CVE-2025-0763.json new file mode 100644 index 00000000000..851749c17bf --- /dev/null +++ b/2025/0xxx/CVE-2025-0763.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0763", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/20xxx/CVE-2025-20049.json b/2025/20xxx/CVE-2025-20049.json new file mode 100644 index 00000000000..4952737905f --- /dev/null +++ b/2025/20xxx/CVE-2025-20049.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-20049", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/20xxx/CVE-2025-20060.json b/2025/20xxx/CVE-2025-20060.json new file mode 100644 index 00000000000..b07b2f58d55 --- /dev/null +++ b/2025/20xxx/CVE-2025-20060.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-20060", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/23xxx/CVE-2025-23405.json b/2025/23xxx/CVE-2025-23405.json new file mode 100644 index 00000000000..a9b20590f2e --- /dev/null +++ b/2025/23xxx/CVE-2025-23405.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-23405", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24085.json b/2025/24xxx/CVE-2025-24085.json index 8a85823c183..d964aeac3c6 100644 --- a/2025/24xxx/CVE-2025-24085.json +++ b/2025/24xxx/CVE-2025-24085.json @@ -1,17 +1,131 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24085", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2." + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24086.json b/2025/24xxx/CVE-2025-24086.json index aef4c2a2e99..05a33dcd7ef 100644 --- a/2025/24xxx/CVE-2025-24086.json +++ b/2025/24xxx/CVE-2025-24086.json @@ -1,17 +1,158 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24086", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing an image may lead to a denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing an image may lead to a denial-of-service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24087.json b/2025/24xxx/CVE-2025-24087.json index 672bc457c0c..35909fa6988 100644 --- a/2025/24xxx/CVE-2025-24087.json +++ b/2025/24xxx/CVE-2025-24087.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24087", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access protected user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24092.json b/2025/24xxx/CVE-2025-24092.json index 62177bbbf07..4c2cbb7d84c 100644 --- a/2025/24xxx/CVE-2025-24092.json +++ b/2025/24xxx/CVE-2025-24092.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24092", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to read sensitive location information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24093.json b/2025/24xxx/CVE-2025-24093.json index 53bff82de9f..0f4b0d8c233 100644 --- a/2025/24xxx/CVE-2025-24093.json +++ b/2025/24xxx/CVE-2025-24093.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24093", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3. An app may be able to access removable volumes without user consent." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access removable volumes without user consent" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24094.json b/2025/24xxx/CVE-2025-24094.json index ea2c164978a..b14695a6c49 100644 --- a/2025/24xxx/CVE-2025-24094.json +++ b/2025/24xxx/CVE-2025-24094.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24094", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access user-sensitive data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access user-sensitive data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24096.json b/2025/24xxx/CVE-2025-24096.json index 417812f0fad..092193cf3de 100644 --- a/2025/24xxx/CVE-2025-24096.json +++ b/2025/24xxx/CVE-2025-24096.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24096", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3. A malicious app may be able to access arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious app may be able to access arbitrary files" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24100.json b/2025/24xxx/CVE-2025-24100.json index 6710fc65abb..ca2e803c3ae 100644 --- a/2025/24xxx/CVE-2025-24100.json +++ b/2025/24xxx/CVE-2025-24100.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24100", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access information about a user's contacts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access information about a user's contacts" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24101.json b/2025/24xxx/CVE-2025-24101.json index dcb133d6589..223a85c9b5e 100644 --- a/2025/24xxx/CVE-2025-24101.json +++ b/2025/24xxx/CVE-2025-24101.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24101", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access user-sensitive data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24102.json b/2025/24xxx/CVE-2025-24102.json index 33c6fa17b83..073f073bc67 100644 --- a/2025/24xxx/CVE-2025-24102.json +++ b/2025/24xxx/CVE-2025-24102.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24102", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to determine a user\u2019s current location." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to determine a user\u2019s current location" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24103.json b/2025/24xxx/CVE-2025-24103.json index 4d4442e7ede..72194cca68b 100644 --- a/2025/24xxx/CVE-2025-24103.json +++ b/2025/24xxx/CVE-2025-24103.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24103", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access protected user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access protected user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24104.json b/2025/24xxx/CVE-2025-24104.json index 713a431d59a..cd295cc36b5 100644 --- a/2025/24xxx/CVE-2025-24104.json +++ b/2025/24xxx/CVE-2025-24104.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24104", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4, iOS 18.3 and iPadOS 18.3. Restoring a maliciously crafted backup file may lead to modification of protected system files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Restoring a maliciously crafted backup file may lead to modification of protected system files" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24106.json b/2025/24xxx/CVE-2025-24106.json index abd2dfa1662..6868733f39f 100644 --- a/2025/24xxx/CVE-2025-24106.json +++ b/2025/24xxx/CVE-2025-24106.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24106", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a file may lead to an unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24107.json b/2025/24xxx/CVE-2025-24107.json index 997bb803b1c..a7da2dda6fd 100644 --- a/2025/24xxx/CVE-2025-24107.json +++ b/2025/24xxx/CVE-2025-24107.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24107", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3, iOS 18.3 and iPadOS 18.3. A malicious app may be able to gain root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious app may be able to gain root privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24108.json b/2025/24xxx/CVE-2025-24108.json index 65ca93d4ddc..906b3ebbb01 100644 --- a/2025/24xxx/CVE-2025-24108.json +++ b/2025/24xxx/CVE-2025-24108.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24108", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access protected user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24109.json b/2025/24xxx/CVE-2025-24109.json index 36851a50073..c5b3c2c1818 100644 --- a/2025/24xxx/CVE-2025-24109.json +++ b/2025/24xxx/CVE-2025-24109.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24109", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24112.json b/2025/24xxx/CVE-2025-24112.json index 8b8d74b4320..4b86f9dac15 100644 --- a/2025/24xxx/CVE-2025-24112.json +++ b/2025/24xxx/CVE-2025-24112.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24112", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a file may lead to an unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24113.json b/2025/24xxx/CVE-2025-24113.json index 0f132f591e7..902ab11846d 100644 --- a/2025/24xxx/CVE-2025-24113.json +++ b/2025/24xxx/CVE-2025-24113.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24113", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved UI. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. Visiting a malicious website may lead to user interface spoofing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Visiting a malicious website may lead to user interface spoofing" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122074", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122074" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24114.json b/2025/24xxx/CVE-2025-24114.json index 83b0ba2a129..70ba00f83af 100644 --- a/2025/24xxx/CVE-2025-24114.json +++ b/2025/24xxx/CVE-2025-24114.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24114", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to modify protected parts of the file system" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24115.json b/2025/24xxx/CVE-2025-24115.json index 4b915a54c3f..d0ccccdc89c 100644 --- a/2025/24xxx/CVE-2025-24115.json +++ b/2025/24xxx/CVE-2025-24115.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24115", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read files outside of its sandbox." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to read files outside of its sandbox" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24116.json b/2025/24xxx/CVE-2025-24116.json index 901cc66932a..18e07fb4457 100644 --- a/2025/24xxx/CVE-2025-24116.json +++ b/2025/24xxx/CVE-2025-24116.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24116", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to bypass Privacy preferences." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to bypass Privacy preferences" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24117.json b/2025/24xxx/CVE-2025-24117.json index ba5ad413744..ba110a3ef5d 100644 --- a/2025/24xxx/CVE-2025-24117.json +++ b/2025/24xxx/CVE-2025-24117.json @@ -1,17 +1,131 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24117", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iPadOS 17.7.4, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3. An app may be able to fingerprint the user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to fingerprint the user" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24118.json b/2025/24xxx/CVE-2025-24118.json index 688d66023c1..22744e63e2e 100644 --- a/2025/24xxx/CVE-2025-24118.json +++ b/2025/24xxx/CVE-2025-24118.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24118", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or write kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" } ] } diff --git a/2025/24xxx/CVE-2025-24120.json b/2025/24xxx/CVE-2025-24120.json index f9f818bc2fc..b89bd24045a 100644 --- a/2025/24xxx/CVE-2025-24120.json +++ b/2025/24xxx/CVE-2025-24120.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24120", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed by improved management of object lifetimes. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An attacker may be able to cause unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker may be able to cause unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24121.json b/2025/24xxx/CVE-2025-24121.json index dc7d9f21793..2f74cfd1ca4 100644 --- a/2025/24xxx/CVE-2025-24121.json +++ b/2025/24xxx/CVE-2025-24121.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24121", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to modify protected parts of the file system" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24122.json b/2025/24xxx/CVE-2025-24122.json index 70a8ba3030f..77033eced25 100644 --- a/2025/24xxx/CVE-2025-24122.json +++ b/2025/24xxx/CVE-2025-24122.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24122", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to modify protected parts of the file system" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24123.json b/2025/24xxx/CVE-2025-24123.json index 39067cd8083..21e271ab149 100644 --- a/2025/24xxx/CVE-2025-24123.json +++ b/2025/24xxx/CVE-2025-24123.json @@ -1,17 +1,158 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24123", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a file may lead to an unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24124.json b/2025/24xxx/CVE-2025-24124.json index 097fd53be3b..5208f6bf62d 100644 --- a/2025/24xxx/CVE-2025-24124.json +++ b/2025/24xxx/CVE-2025-24124.json @@ -1,17 +1,158 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24124", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a file may lead to an unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24126.json b/2025/24xxx/CVE-2025-24126.json index 3e9f6ba4c63..1b0e8034e1d 100644 --- a/2025/24xxx/CVE-2025-24126.json +++ b/2025/24xxx/CVE-2025-24126.json @@ -1,17 +1,131 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24126", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An input validation issue was addressed. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker on the local network may be able to cause unexpected system termination or corrupt process memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker on the local network may be able to cause unexpected system termination or corrupt process memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24127.json b/2025/24xxx/CVE-2025-24127.json index 4a441b9731e..790102149db 100644 --- a/2025/24xxx/CVE-2025-24127.json +++ b/2025/24xxx/CVE-2025-24127.json @@ -1,17 +1,141 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24127", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a file may lead to an unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24128.json b/2025/24xxx/CVE-2025-24128.json index 5e7a10f5103..d1d97a560ad 100644 --- a/2025/24xxx/CVE-2025-24128.json +++ b/2025/24xxx/CVE-2025-24128.json @@ -1,17 +1,97 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24128", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Visiting a malicious website may lead to address bar spoofing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Visiting a malicious website may lead to address bar spoofing" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122074", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122074" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24129.json b/2025/24xxx/CVE-2025-24129.json index ecfdbbf14d2..e7abb9c9617 100644 --- a/2025/24xxx/CVE-2025-24129.json +++ b/2025/24xxx/CVE-2025-24129.json @@ -1,17 +1,131 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24129", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A type confusion issue was addressed with improved checks. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may cause an unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24130.json b/2025/24xxx/CVE-2025-24130.json index 765ddb9c6c0..e44e172fc02 100644 --- a/2025/24xxx/CVE-2025-24130.json +++ b/2025/24xxx/CVE-2025-24130.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24130", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of the file system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to modify protected parts of the file system" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24131.json b/2025/24xxx/CVE-2025-24131.json index 5bf953d4777..60407093386 100644 --- a/2025/24xxx/CVE-2025-24131.json +++ b/2025/24xxx/CVE-2025-24131.json @@ -1,17 +1,131 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24131", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker in a privileged position may be able to perform a denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged position may be able to perform a denial-of-service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24134.json b/2025/24xxx/CVE-2025-24134.json index e41c627c366..74fe09c3355 100644 --- a/2025/24xxx/CVE-2025-24134.json +++ b/2025/24xxx/CVE-2025-24134.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24134", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access user-sensitive data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24135.json b/2025/24xxx/CVE-2025-24135.json index f521b1a3be5..f59160355b5 100644 --- a/2025/24xxx/CVE-2025-24135.json +++ b/2025/24xxx/CVE-2025-24135.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24135", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved message validation. This issue is fixed in macOS Sequoia 15.3. An app may be able to gain elevated privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to gain elevated privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24136.json b/2025/24xxx/CVE-2025-24136.json index 345f30c377c..87e239c2df8 100644 --- a/2025/24xxx/CVE-2025-24136.json +++ b/2025/24xxx/CVE-2025-24136.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24136", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A malicious app may be able to create symlinks to protected regions of the disk." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious app may be able to create symlinks to protected regions of the disk" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24150.json b/2025/24xxx/CVE-2025-24150.json index fd3865d93f8..d80759f87d9 100644 --- a/2025/24xxx/CVE-2025-24150.json +++ b/2025/24xxx/CVE-2025-24150.json @@ -1,17 +1,97 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24150", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Copying a URL from Web Inspector may lead to command injection" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122074", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122074" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24151.json b/2025/24xxx/CVE-2025-24151.json index 820d4912682..5e70e4017d0 100644 --- a/2025/24xxx/CVE-2025-24151.json +++ b/2025/24xxx/CVE-2025-24151.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24151", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or corrupt kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or corrupt kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24152.json b/2025/24xxx/CVE-2025-24152.json index 8ce33caeaa9..60c6111997d 100644 --- a/2025/24xxx/CVE-2025-24152.json +++ b/2025/24xxx/CVE-2025-24152.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24152", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app may be able to cause unexpected system termination or corrupt kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to cause unexpected system termination or corrupt kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24153.json b/2025/24xxx/CVE-2025-24153.json index f581b3a66b3..a507c022a16 100644 --- a/2025/24xxx/CVE-2025-24153.json +++ b/2025/24xxx/CVE-2025-24153.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24153", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app with root privileges may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app with root privileges may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" } ] } diff --git a/2025/24xxx/CVE-2025-24154.json b/2025/24xxx/CVE-2025-24154.json index b6ed7d3ecb3..736ebc8b133 100644 --- a/2025/24xxx/CVE-2025-24154.json +++ b/2025/24xxx/CVE-2025-24154.json @@ -1,17 +1,107 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24154", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker may be able to cause unexpected system termination or corrupt kernel memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24156.json b/2025/24xxx/CVE-2025-24156.json index a23d7848dbd..ef84ee0d5c9 100644 --- a/2025/24xxx/CVE-2025-24156.json +++ b/2025/24xxx/CVE-2025-24156.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24156", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An integer overflow was addressed through improved input validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to elevate privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to elevate privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24158.json b/2025/24xxx/CVE-2025-24158.json index 2bbc6de9036..d5484ada3d1 100644 --- a/2025/24xxx/CVE-2025-24158.json +++ b/2025/24xxx/CVE-2025-24158.json @@ -1,17 +1,148 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24158", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing web content may lead to a denial-of-service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122074", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122074" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24159.json b/2025/24xxx/CVE-2025-24159.json index 4b6c9c8cefd..20c35235e01 100644 --- a/2025/24xxx/CVE-2025-24159.json +++ b/2025/24xxx/CVE-2025-24159.json @@ -1,17 +1,153 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24159", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24160.json b/2025/24xxx/CVE-2025-24160.json index 22758ba7fc6..7c534eb70eb 100644 --- a/2025/24xxx/CVE-2025-24160.json +++ b/2025/24xxx/CVE-2025-24160.json @@ -1,17 +1,153 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24160", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a file may lead to an unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24161.json b/2025/24xxx/CVE-2025-24161.json index b2886f665a2..555aee3077b 100644 --- a/2025/24xxx/CVE-2025-24161.json +++ b/2025/24xxx/CVE-2025-24161.json @@ -1,17 +1,153 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24161", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a file may lead to an unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24162.json b/2025/24xxx/CVE-2025-24162.json index 1823acb8318..e607ed28088 100644 --- a/2025/24xxx/CVE-2025-24162.json +++ b/2025/24xxx/CVE-2025-24162.json @@ -1,17 +1,148 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24162", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to an unexpected process crash" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122074", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122074" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24163.json b/2025/24xxx/CVE-2025-24163.json index ee8677fd8c4..a81c9fa9a9c 100644 --- a/2025/24xxx/CVE-2025-24163.json +++ b/2025/24xxx/CVE-2025-24163.json @@ -1,17 +1,153 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24163", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a file may lead to an unexpected app termination" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24166.json b/2025/24xxx/CVE-2025-24166.json index dce7af85cfc..60eca0dad77 100644 --- a/2025/24xxx/CVE-2025-24166.json +++ b/2025/24xxx/CVE-2025-24166.json @@ -1,17 +1,158 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24166", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed through improved state management. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to an unexpected process crash" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + }, + { + "product_name": "visionOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + }, + { + "product_name": "iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "11.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122073", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122073" + }, + { + "url": "https://support.apple.com/en-us/122072", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122072" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122067", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122067" + }, + { + "url": "https://support.apple.com/en-us/122071", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122071" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24169.json b/2025/24xxx/CVE-2025-24169.json index ec16b37c088..ec0f56cedaf 100644 --- a/2025/24xxx/CVE-2025-24169.json +++ b/2025/24xxx/CVE-2025-24169.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24169", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.3, Safari 18.3. A malicious app may be able to bypass browser extension authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious app may be able to bypass browser extension authentication" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122074", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122074" } ] } diff --git a/2025/24xxx/CVE-2025-24174.json b/2025/24xxx/CVE-2025-24174.json index e921078b1c6..e1f19ce3947 100644 --- a/2025/24xxx/CVE-2025-24174.json +++ b/2025/24xxx/CVE-2025-24174.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24174", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to bypass Privacy preferences." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to bypass Privacy preferences" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24176.json b/2025/24xxx/CVE-2025-24176.json index 33f0c76b01b..858e7c42ee4 100644 --- a/2025/24xxx/CVE-2025-24176.json +++ b/2025/24xxx/CVE-2025-24176.json @@ -1,17 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24176", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. A local attacker may be able to elevate their privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local attacker may be able to elevate their privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122069", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122069" + }, + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122070", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122070" } ] } diff --git a/2025/24xxx/CVE-2025-24177.json b/2025/24xxx/CVE-2025-24177.json index 23cd2caec4b..95c5714f323 100644 --- a/2025/24xxx/CVE-2025-24177.json +++ b/2025/24xxx/CVE-2025-24177.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24177", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to cause a denial-of-service" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "15.3" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "18.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/122068", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122068" + }, + { + "url": "https://support.apple.com/en-us/122066", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/122066" } ] } diff --git a/2025/24xxx/CVE-2025-24316.json b/2025/24xxx/CVE-2025-24316.json new file mode 100644 index 00000000000..fd2434734e0 --- /dev/null +++ b/2025/24xxx/CVE-2025-24316.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24316", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24318.json b/2025/24xxx/CVE-2025-24318.json new file mode 100644 index 00000000000..de4ebafc8e7 --- /dev/null +++ b/2025/24xxx/CVE-2025-24318.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24318", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24843.json b/2025/24xxx/CVE-2025-24843.json new file mode 100644 index 00000000000..e4f1f7bc97f --- /dev/null +++ b/2025/24xxx/CVE-2025-24843.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24843", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24849.json b/2025/24xxx/CVE-2025-24849.json new file mode 100644 index 00000000000..5cdef79b295 --- /dev/null +++ b/2025/24xxx/CVE-2025-24849.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24849", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file