CVE-2023-42977

{"id": "CVE-2023-42977", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-04-11T15:15:45.227", "references": [{"url": "https://support.apple.com/en-us/120949", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://support.apple.com/en-us/120950", "tags": ["Release Notes", "Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to break out of its sandbox."}, {"lang": "es", "value": "Se abord\u00f3 un problema de gesti\u00f3n de ruta con una validaci\u00f3n mejorada. Este problema se soluciona en iOS 17 y iPados 17, Macos Sonoma 14. Una aplicaci\u00f3n puede salir de la sandbox."}], "lastModified": "2025-04-29T20:08:34.037", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3FD8E81-B171-4F4A-9F66-B1D629A304A8", "versionEndExcluding": "17.0"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199", "versionEndExcluding": "17.0"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605", "versionEndExcluding": "14.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}