VYPR

Security Update 2021-008 Catalina

by Apple Inc.

CVEs (75)

  • CVE-2022-22616MedMay 26, 2022
    risk 0.39cvss 5.5epss 0.08

    This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks.

  • CVE-2022-26746MedMay 26, 2022
    risk 0.36cvss 5.5epss 0.01

    This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.

  • CVE-2022-26728MedMay 26, 2022
    risk 0.36cvss 5.5epss 0.01

    This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files.

  • CVE-2022-26727MedMay 26, 2022
    risk 0.36cvss 5.5epss 0.01

    This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system.

  • CVE-2021-30697MedSep 8, 2021
    risk 0.36cvss 5.5epss 0.00

    A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local user may be able to leak sensitive user…

  • CVE-2021-30673MedSep 8, 2021
    risk 0.36cvss 5.5epss 0.01

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A malicious application may be able to access a user's call history.

  • CVE-2021-30782MedSep 8, 2021
    risk 0.36cvss 5.5epss 0.01

    This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to access restricted files.

  • CVE-2021-30776MedSep 8, 2021
    risk 0.36cvss 5.5epss 0.01

    A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination.

  • CVE-2021-30768MedSep 8, 2021
    risk 0.36cvss 5.5epss 0.01

    A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. A sandboxed process may be able to circumvent sandbox restrictions.

  • CVE-2021-30963MedAug 24, 2021
    risk 0.36cvss 5.5epss 0.01

    A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.

  • CVE-2021-30959MedAug 24, 2021
    risk 0.36cvss 5.5epss 0.01

    A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.

  • CVE-2021-30910MedAug 24, 2021
    risk 0.36cvss 5.5epss 0.01

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted file may disclose user information.

  • CVE-2021-1797MedApr 2, 2021
    risk 0.36cvss 5.5epss 0.00

    The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files.

  • CVE-2022-26688MedMay 26, 2022
    risk 0.29cvss 4.4epss 0.00

    An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious app with root privileges may be able to modify the contents of system files.

  • CVE-2021-1824MedSep 8, 2021
    risk 0.29cvss 4.4epss 0.00

    This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application with root privileges may be able to access private information.

Page 4 of 4