diff --git a/2018/10xxx/CVE-2018-10624.json b/2018/10xxx/CVE-2018-10624.json index 011975cc95c..5ee89291b06 100644 --- a/2018/10xxx/CVE-2018-10624.json +++ b/2018/10xxx/CVE-2018-10624.json @@ -1,51 +1,17 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2018-07-31T00:00:00", "ID": "CVE-2018-10624", + "ASSIGNER": "ics-cert@hq.dhs.gov", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Metasys System", - "version": { - "version_data": [ - { - "version_value": "Versions 8.0 and prior" - } - ] - } - }, - { - "product_name": "BCPro (BCM)", - "version": { - "version_data": [ - { - "version_value": "all versions prior to 3.0.2" - } - ] - } - } - ] - }, - "vendor_name": "Johnson Controls" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information." + "value": "In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information.\n\n" } ] }, @@ -55,24 +21,100 @@ "description": [ { "lang": "eng", - "value": "INFORMATION EXPOSURE THROUGH AN ERROR MESSAGE CWE-209" + "value": "CWE-209 Generation of Error Message Containing Sensitive Information", + "cweId": "CWE-209" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Johnson Controls", + "product": { + "product_data": [ + { + "product_name": "Metasys System", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "8.0" + } + ] + } + }, + { + "product_name": "BCPro (BCM)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "3.0.2" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-02", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-02", "refsource": "MISC", - "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-02" + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-02" }, { - "name": "104937", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/104937" + "url": "http://www.securityfocus.com/bid/104937", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/104937" } ] - } + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\n

Additional information for Johnson Controls:

\n\n
" + } + ], + "value": "\nAdditional information for Johnson Controls:\n\n * Product security contact information, Building Automation System hardening, and security resources are located at our product security website http://www.johnsoncontrols.com/buildings/specialty-pages/product-security http://www.johnsoncontrols.com/buildings/specialty-pages/product-security \n * Contact information: Johnson Controls Global Product Security at productsecurity@jci.com http://mailto:productsecurity@jci.com/ \n\n\n\n\n\n" + } + ], + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\n

Johnson Controls recommends the following mitigations:

\n\n
" + } + ], + "value": "\nJohnson Controls recommends the following mitigations:\n\n * This issue was remediated in Metasys v8.1 (April, 2016). Users should upgrade to the latest product version (9.0). For Metasys information, contact your Metasys field service/sales representative.\n * This issue was remediated in the BCPro Workstation in BCPro v3.0 (October, 2017) and mitigated for the BACnet Router and Gateway in BCPro v3.0.2 (June, 2018). Users should upgrade to the latest product versions. For more BCPro information, contact your BCPro sales and support representative.\n\n\n\n\n\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Dan Regalado of Zingbox reported this vulnerability to CISA." + } + ] } \ No newline at end of file diff --git a/2020/14xxx/CVE-2020-14498.json b/2020/14xxx/CVE-2020-14498.json index 1e74fa1a7c3..3f9d4db6194 100644 --- a/2020/14xxx/CVE-2020-14498.json +++ b/2020/14xxx/CVE-2020-14498.json @@ -1,14 +1,38 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2020-14498", - "STATE": "PUBLIC", - "TITLE": "HMS Industrial Networks AB eCatcher Vulnerability" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HMS Industrial Networks AB eCatcher all versions prior to 6.5.5 is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] }, "affects": { "vendor": { "vendor_data": [ { + "vendor_name": "HMS Industrial Networks AB", "product": { "product_data": [ { @@ -17,83 +41,74 @@ "version_data": [ { "version_affected": "<", + "version_name": "0", "version_value": "6.5.5" } ] } } ] - }, - "vendor_name": "HMS Industrial Networks AB" + } } ] } }, - "credit": [ - { - "lang": "eng", - "value": "Sharon Brizinov of Claroty reported this vulnerability to CISA." - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "references": { + "reference_data": [ { - "lang": "eng", - "value": "HMS Industrial Networks AB eCatcher all versions prior to 6.5.5. The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code." + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-210-03", + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-210-03" + }, + { + "url": "https://www.hms-networks.com/cybersecurity/security-advisories", + "refsource": "MISC", + "name": "https://www.hms-networks.com/cybersecurity/security-advisories" } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.6, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "STACK-BASED BUFFER OVERFLOW CWE-121" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-210-03", - "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-210-03" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "HMS recommends users update eCatcher to Version 6.5.5 or later." - } - ], "source": { "advisory": "ICSA-20-210-03", "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "

\n\n

HMS recommends users update eCatcher to Version 6.5.5 or later.

For more information, see the HMS advisory.

\n\n

" + } + ], + "value": "\n\n\nHMS recommends users update eCatcher to Version 6.5.5 or later https://ewon.biz/technical-support/pages/all-downloads . \n\nFor more information, see the HMS advisory https://www.hms-networks.com/cybersecurity .\n\n\n\n\n\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "Sharon Brizinov of Claroty reported this vulnerability to CISA." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" + } + ] } } \ No newline at end of file diff --git a/2023/40xxx/CVE-2023-40528.json b/2023/40xxx/CVE-2023-40528.json index a9dd47b6993..19757b0745d 100644 --- a/2023/40xxx/CVE-2023-40528.json +++ b/2023/40xxx/CVE-2023-40528.json @@ -1,17 +1,119 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-40528", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17, watchOS 10, macOS Sonoma 14, iOS 17 and iPadOS 17, macOS Ventura 13.6.4. An app may be able to bypass Privacy preferences." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to bypass Privacy preferences" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT213938", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213938" + }, + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" + }, + { + "url": "https://support.apple.com/en-us/HT213936", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213936" + }, + { + "url": "https://support.apple.com/en-us/HT213940", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213940" + }, + { + "url": "https://support.apple.com/en-us/HT213937", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT213937" } ] } diff --git a/2023/41xxx/CVE-2023-41993.json b/2023/41xxx/CVE-2023-41993.json index b8ba8d41c03..a56ba63331d 100644 --- a/2023/41xxx/CVE-2023-41993.json +++ b/2023/41xxx/CVE-2023-41993.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 16.7 and iPadOS 16.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7." } ] }, @@ -34,30 +34,6 @@ "vendor_name": "Apple", "product": { "product_data": [ - { - "product_name": "iOS and iPadOS", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "unspecified", - "version_value": "16.7" - } - ] - } - }, - { - "product_name": "Safari", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "unspecified", - "version_value": "17" - } - ] - } - }, { "product_name": "macOS", "version": { @@ -78,16 +54,6 @@ }, "references": { "reference_data": [ - { - "url": "https://support.apple.com/en-us/HT213927", - "refsource": "MISC", - "name": "https://support.apple.com/en-us/HT213927" - }, - { - "url": "https://support.apple.com/en-us/HT213941", - "refsource": "MISC", - "name": "https://support.apple.com/en-us/HT213941" - }, { "url": "https://support.apple.com/en-us/HT213940", "refsource": "MISC", diff --git a/2023/42xxx/CVE-2023-42881.json b/2023/42xxx/CVE-2023-42881.json index 1a5d343b5d9..9cb920c4619 100644 --- a/2023/42xxx/CVE-2023-42881.json +++ b/2023/42xxx/CVE-2023-42881.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42881", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Processing a file may lead to unexpected app termination or arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a file may lead to unexpected app termination or arbitrary code execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214036", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214036" } ] } diff --git a/2023/42xxx/CVE-2023-42887.json b/2023/42xxx/CVE-2023-42887.json index 4d499893478..0a52362777c 100644 --- a/2023/42xxx/CVE-2023-42887.json +++ b/2023/42xxx/CVE-2023-42887.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42887", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.6.4, macOS Sonoma 14.2. An app may be able to read arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to read arbitrary files" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" + }, + { + "url": "https://support.apple.com/en-us/HT214036", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214036" } ] } diff --git a/2023/42xxx/CVE-2023-42888.json b/2023/42xxx/CVE-2023-42888.json index 73240fb8ef7..996d3ad0de0 100644 --- a/2023/42xxx/CVE-2023-42888.json +++ b/2023/42xxx/CVE-2023-42888.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42888", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. Processing a maliciously crafted image may result in disclosure of process memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted image may result in disclosure of process memory" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214035", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214035" + }, + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" + }, + { + "url": "https://support.apple.com/en-us/HT214063", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214063" + }, + { + "url": "https://support.apple.com/en-us/HT214036", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214036" + }, + { + "url": "https://support.apple.com/en-us/HT214041", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214041" + }, + { + "url": "https://support.apple.com/en-us/HT214057", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214057" } ] } diff --git a/2023/42xxx/CVE-2023-42915.json b/2023/42xxx/CVE-2023-42915.json index fa172e8765e..023c81b8edc 100644 --- a/2023/42xxx/CVE-2023-42915.json +++ b/2023/42xxx/CVE-2023-42915.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42915", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple issues were addressed by updating to curl version 8.4.0. This issue is fixed in macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 16.7.5 and iPadOS 16.7.5. Multiple issues in curl." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Multiple issues in curl" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "16.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" + }, + { + "url": "https://support.apple.com/en-us/HT214063", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214063" + }, + { + "url": "https://support.apple.com/en-us/HT214036", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214036" + }, + { + "url": "https://support.apple.com/en-us/HT214057", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214057" } ] } diff --git a/2023/42xxx/CVE-2023-42935.json b/2023/42xxx/CVE-2023-42935.json index ccbfb9d9555..e02e4820c2c 100644 --- a/2023/42xxx/CVE-2023-42935.json +++ b/2023/42xxx/CVE-2023-42935.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42935", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.6.4. A local attacker may be able to view the previous logged in user\u2019s desktop from the fast user switching screen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local attacker may be able to view the previous logged in user\u2019s desktop from the fast user switching screen" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" } ] } diff --git a/2023/42xxx/CVE-2023-42937.json b/2023/42xxx/CVE-2023-42937.json index dec23736117..69b57a09815 100644 --- a/2023/42xxx/CVE-2023-42937.json +++ b/2023/42xxx/CVE-2023-42937.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-42937", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214035", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214035" + }, + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" + }, + { + "url": "https://support.apple.com/en-us/HT214063", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214063" + }, + { + "url": "https://support.apple.com/en-us/HT214036", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214036" + }, + { + "url": "https://support.apple.com/en-us/HT214041", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214041" + }, + { + "url": "https://support.apple.com/en-us/HT214057", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214057" } ] } diff --git a/2024/0xxx/CVE-2024-0802.json b/2024/0xxx/CVE-2024-0802.json new file mode 100644 index 00000000000..d04717c89c0 --- /dev/null +++ b/2024/0xxx/CVE-2024-0802.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0802", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0803.json b/2024/0xxx/CVE-2024-0803.json new file mode 100644 index 00000000000..c8fe2906574 --- /dev/null +++ b/2024/0xxx/CVE-2024-0803.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0803", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0804.json b/2024/0xxx/CVE-2024-0804.json new file mode 100644 index 00000000000..36a34d267ac --- /dev/null +++ b/2024/0xxx/CVE-2024-0804.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0804", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0805.json b/2024/0xxx/CVE-2024-0805.json new file mode 100644 index 00000000000..f9cb922f648 --- /dev/null +++ b/2024/0xxx/CVE-2024-0805.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0805", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0806.json b/2024/0xxx/CVE-2024-0806.json new file mode 100644 index 00000000000..b64796f8b01 --- /dev/null +++ b/2024/0xxx/CVE-2024-0806.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0806", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0807.json b/2024/0xxx/CVE-2024-0807.json new file mode 100644 index 00000000000..b360f55c808 --- /dev/null +++ b/2024/0xxx/CVE-2024-0807.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0807", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0808.json b/2024/0xxx/CVE-2024-0808.json new file mode 100644 index 00000000000..46906f5aa5f --- /dev/null +++ b/2024/0xxx/CVE-2024-0808.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0808", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0809.json b/2024/0xxx/CVE-2024-0809.json new file mode 100644 index 00000000000..604f7bbe9ef --- /dev/null +++ b/2024/0xxx/CVE-2024-0809.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0809", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0810.json b/2024/0xxx/CVE-2024-0810.json new file mode 100644 index 00000000000..6cb0fb1f937 --- /dev/null +++ b/2024/0xxx/CVE-2024-0810.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0810", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0811.json b/2024/0xxx/CVE-2024-0811.json new file mode 100644 index 00000000000..2be682592d5 --- /dev/null +++ b/2024/0xxx/CVE-2024-0811.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0811", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0812.json b/2024/0xxx/CVE-2024-0812.json new file mode 100644 index 00000000000..a3baccce808 --- /dev/null +++ b/2024/0xxx/CVE-2024-0812.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0812", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0813.json b/2024/0xxx/CVE-2024-0813.json new file mode 100644 index 00000000000..2bb32b700eb --- /dev/null +++ b/2024/0xxx/CVE-2024-0813.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0813", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0814.json b/2024/0xxx/CVE-2024-0814.json new file mode 100644 index 00000000000..c0a83213f4b --- /dev/null +++ b/2024/0xxx/CVE-2024-0814.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0814", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/23xxx/CVE-2024-23203.json b/2024/23xxx/CVE-2024-23203.json index 74bf9e90a85..c79ee27d7b1 100644 --- a/2024/23xxx/CVE-2024-23203.json +++ b/2024/23xxx/CVE-2024-23203.json @@ -1,17 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23203", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A shortcut may be able to use sensitive data with certain actions without prompting the user" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23204.json b/2024/23xxx/CVE-2024-23204.json index 8669fec156c..a0bcb8fff59 100644 --- a/2024/23xxx/CVE-2024-23204.json +++ b/2024/23xxx/CVE-2024-23204.json @@ -1,17 +1,97 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23204", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A shortcut may be able to use sensitive data with certain actions without prompting the user" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23206.json b/2024/23xxx/CVE-2024-23206.json index a25b68896bd..e8e8464b026 100644 --- a/2024/23xxx/CVE-2024-23206.json +++ b/2024/23xxx/CVE-2024-23206.json @@ -1,17 +1,136 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23206", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A maliciously crafted webpage may be able to fingerprint the user" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214063", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214063" + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214055" + }, + { + "url": "https://support.apple.com/en-us/HT214056", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214056" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23207.json b/2024/23xxx/CVE-2024-23207.json index a8b09ab5da8..2be184250d6 100644 --- a/2024/23xxx/CVE-2024-23207.json +++ b/2024/23xxx/CVE-2024-23207.json @@ -1,17 +1,107 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23207", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" + }, + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "https://support.apple.com/en-us/HT214057", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214057" } ] } diff --git a/2024/23xxx/CVE-2024-23208.json b/2024/23xxx/CVE-2024-23208.json index f559fe31b27..5e817e8e204 100644 --- a/2024/23xxx/CVE-2024-23208.json +++ b/2024/23xxx/CVE-2024-23208.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23208", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214055" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23209.json b/2024/23xxx/CVE-2024-23209.json index 1f837f46bb2..b978bb529ab 100644 --- a/2024/23xxx/CVE-2024-23209.json +++ b/2024/23xxx/CVE-2024-23209.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23209", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3. Processing web content may lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23210.json b/2024/23xxx/CVE-2024-23210.json index fc4db4737e1..5fe7e6ded90 100644 --- a/2024/23xxx/CVE-2024-23210.json +++ b/2024/23xxx/CVE-2024-23210.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23210", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to view a user's phone number in system logs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to view a user's phone number in system logs" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214055" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23211.json b/2024/23xxx/CVE-2024-23211.json index 0a2e40ee098..28c944f48cb 100644 --- a/2024/23xxx/CVE-2024-23211.json +++ b/2024/23xxx/CVE-2024-23211.json @@ -1,17 +1,119 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23211", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A user's private browsing activity may be visible in Settings" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214063", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214063" + }, + { + "url": "https://support.apple.com/en-us/HT214056", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214056" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23212.json b/2024/23xxx/CVE-2024-23212.json index 8201ade89d4..475b7feb47a 100644 --- a/2024/23xxx/CVE-2024-23212.json +++ b/2024/23xxx/CVE-2024-23212.json @@ -1,17 +1,129 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23212", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to execute arbitrary code with kernel privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" + }, + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214063", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214063" + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214055" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "https://support.apple.com/en-us/HT214057", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214057" } ] } diff --git a/2024/23xxx/CVE-2024-23213.json b/2024/23xxx/CVE-2024-23213.json index 40002f4af09..ef085d0670c 100644 --- a/2024/23xxx/CVE-2024-23213.json +++ b/2024/23xxx/CVE-2024-23213.json @@ -1,17 +1,136 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23213", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214063", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214063" + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214055" + }, + { + "url": "https://support.apple.com/en-us/HT214056", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214056" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23214.json b/2024/23xxx/CVE-2024-23214.json index 2b5d2ae31a2..15419785ab2 100644 --- a/2024/23xxx/CVE-2024-23214.json +++ b/2024/23xxx/CVE-2024-23214.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23214", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214063", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214063" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23215.json b/2024/23xxx/CVE-2024-23215.json index d765e1e50bd..7a6daa44b1e 100644 --- a/2024/23xxx/CVE-2024-23215.json +++ b/2024/23xxx/CVE-2024-23215.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23215", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access user-sensitive data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access user-sensitive data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214055" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23217.json b/2024/23xxx/CVE-2024-23217.json index 8d2aa39c747..b1f12d6f05e 100644 --- a/2024/23xxx/CVE-2024-23217.json +++ b/2024/23xxx/CVE-2024-23217.json @@ -1,17 +1,97 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23217", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy preferences." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to bypass certain Privacy preferences" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23218.json b/2024/23xxx/CVE-2024-23218.json index 76289f53591..d08d472637e 100644 --- a/2024/23xxx/CVE-2024-23218.json +++ b/2024/23xxx/CVE-2024-23218.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23218", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214055" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23219.json b/2024/23xxx/CVE-2024-23219.json index 706e02ec545..e48b97a1ab2 100644 --- a/2024/23xxx/CVE-2024-23219.json +++ b/2024/23xxx/CVE-2024-23219.json @@ -1,17 +1,63 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23219", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS 17.3. Stolen Device Protection may be unexpectedly disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Stolen Device Protection may be unexpectedly disabled" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" } ] } diff --git a/2024/23xxx/CVE-2024-23222.json b/2024/23xxx/CVE-2024-23222.json index 924f493cf6d..212eced8042 100644 --- a/2024/23xxx/CVE-2024-23222.json +++ b/2024/23xxx/CVE-2024-23222.json @@ -1,17 +1,129 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23222", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited." + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + }, + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" + }, + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214063", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214063" + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214055" + }, + { + "url": "https://support.apple.com/en-us/HT214056", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214056" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" + }, + { + "url": "https://support.apple.com/en-us/HT214057", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214057" } ] } diff --git a/2024/23xxx/CVE-2024-23223.json b/2024/23xxx/CVE-2024-23223.json index aea8042b5a7..38e4848d611 100644 --- a/2024/23xxx/CVE-2024-23223.json +++ b/2024/23xxx/CVE-2024-23223.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23223", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "17.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "10.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "14.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214059", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214059" + }, + { + "url": "https://support.apple.com/en-us/HT214055", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214055" + }, + { + "url": "https://support.apple.com/en-us/HT214060", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214060" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] } diff --git a/2024/23xxx/CVE-2024-23224.json b/2024/23xxx/CVE-2024-23224.json index 32b95d63f99..0bc822e880d 100644 --- a/2024/23xxx/CVE-2024-23224.json +++ b/2024/23xxx/CVE-2024-23224.json @@ -1,17 +1,68 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-23224", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.3, macOS Ventura 13.6.4. An app may be able to access sensitive user data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to access sensitive user data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "13.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/en-us/HT214058", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214058" + }, + { + "url": "https://support.apple.com/en-us/HT214061", + "refsource": "MISC", + "name": "https://support.apple.com/en-us/HT214061" } ] }