Ron Masas

**Name of the Vulnerable Software and Affected Versions** Apple macOS versions prior to Tahoe 26.3 Apple macOS versions prior to Sonoma 14.8.4 Apple iOS versions prior to 18.7.5 Apple iPadOS versions prior to 18.7.5 Apple visionOS versions prior to 26.3 Apple iOS versions prior to 26.3 Apple iPadOS versions prior to 26.3 **Description** A race condition existed in the handling of symbolic links. This allowed a shortcut to potentially bypass sandbox restrictions. **Recommendations** Update Apple macOS to version 26.3 or later. Update Apple macOS to version 14.8.4 or later. Update Apple iOS to version 18.7.5 or later. Update Apple iPadOS to version 18.7.5 or later. Update Apple visionOS to version 26.3 or later. Update Apple iOS to version 26.3 or later. Update Apple iPadOS to version 26.3 or later.

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 26.1 iOS versions prior to 26.1 iPadOS versions prior to 26.1 visionOS versions prior to 26.1 **Description** A privacy issue existed where a malicious application could potentially capture screenshots of sensitive information displayed in embedded views. This was addressed with improved checks. **Recommendations** Update watchOS to version 26.1. Update iOS to version 26.1. Update iPadOS to version 26.1. Update visionOS to version 26.1.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18 iPadOS versions prior to 18 macOS Sequoia versions prior to 15 **Description** A clickjacking issue was addressed with improved out-of-process view handling. This issue may allow an app to trick a user into granting access to photos from the user's photo library. **Recommendations** For iOS versions prior to 18, update to iOS 18 or later. For iPadOS versions prior to 18, update to iPadOS 18 or later. For macOS Sequoia versions prior to 15, update to macOS Sequoia 15 or later.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 18 visionOS versions prior to 2 watchOS versions prior to 11 macOS Sequoia versions prior to 15 iOS versions prior to 18 iPadOS versions prior to 18 tvOS versions prior to 18 **Description** Processing maliciously crafted web content may lead to universal cross site scripting. This issue was addressed through improved state management. **Recommendations** For Safari versions prior to 18, update to Safari 18 to resolve the issue. For visionOS versions prior to 2, update to visionOS 2 to resolve the issue. For watchOS versions prior to 11, update to watchOS 11 to resolve the issue. For macOS Sequoia versions prior to 15, update to macOS Sequoia 15 to resolve the issue. For iOS versions prior to 18, update to iOS 18 to resolve the issue. For iPadOS versions prior to 18, update to iPadOS 18 to resolve the issue. For tvOS versions prior to 18, update to tvOS 18 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 11 macOS Sequoia versions prior to 15 Safari versions prior to 18 visionOS versions prior to 2 iOS versions prior to 18 iPadOS versions prior to 18 tvOS versions prior to 18 **Description** Processing maliciously crafted web content may lead to an unexpected process crash. The issue was addressed with improved checks. **Recommendations** For watchOS versions prior to 11, update to watchOS 11 to resolve the issue. For macOS Sequoia versions prior to 15, update to macOS Sequoia 15 to resolve the issue. For Safari versions prior to 18, update to Safari 18 to resolve the issue. For visionOS versions prior to 2, update to visionOS 2 to resolve the issue. For iOS versions prior to 18, update to iOS 18 to resolve the issue. For iPadOS versions prior to 18, update to iPadOS 18 to resolve the issue. For tvOS versions prior to 18, update to tvOS 18 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS Sonoma versions prior to 14.5 **Description** A correctness issue was addressed with improved checks, allowing an app to potentially read arbitrary files. **Recommendations** For versions prior to 14.5, update to macOS Sonoma 14.5 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.6.4 macOS versions prior to 14.2 **Description** An access issue was addressed with additional sandbox restrictions. This issue may allow an app to read arbitrary files. The vulnerability is related to the lack of protection for service data in the NSOpenPanel component of the macOS operating system, which could allow an attacker to disclose protected information. **Recommendations** For macOS versions prior to 13.6.4, update to macOS Ventura 13.6.4 to resolve the issue. For macOS versions prior to 14.2, update to macOS Sonoma 14.2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.7.1 macOS versions prior to 13.6.1 macOS versions prior to 14.1 **Description** The issue is related to incorrect handling of symlinks, which may allow a remote attacker to disclose sensitive user data. A website may be able to access sensitive user data when resolving symlinks. **Recommendations** For macOS versions prior to 12.7.1, update to macOS Monterey 12.7.1 to resolve the issue. For macOS versions prior to 13.6.1, update to macOS Ventura 13.6.1 to resolve the issue. For macOS versions prior to 14.1, update to macOS Sonoma 14.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 17 iPadOS versions prior to 17 macOS versions prior to Sonoma 14 watchOS versions prior to 10 **Description** A permissions issue was addressed with additional restrictions. This issue allows an app to potentially read sensitive location information. **Recommendations** For iOS versions prior to 17, update to iOS 17 or later. For iPadOS versions prior to 17, update to iPadOS 17 or later. For macOS versions prior to Sonoma 14, update to macOS Sonoma 14 or later. For watchOS versions prior to 10, update to watchOS 10 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 14 **Description** The issue allows an app to bypass Privacy preferences. It was addressed with improved permissions logic. The problem is related to the Shortcuts app, which allowed programmatic access to TCC protected files from within the app sandbox. **Recommendations** For versions prior to 14, update to macOS Sonoma 14 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and preferences to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 17 iPadOS versions prior to 17 macOS versions prior to Sonoma 14 **Description** A resource exhaustion issue was addressed with improved input validation. Processing web content may lead to a denial-of-service. The issue is related to how GPUs handle shaders and can cause devices to freeze or crash, forcing reboots. **Recommendations** For iOS versions prior to 17, update to iOS 17 to resolve the issue. For iPadOS versions prior to 17, update to iPadOS 17 to resolve the issue. For macOS versions prior to Sonoma 14, update to macOS Sonoma 14 to resolve the issue. As a temporary workaround, consider restricting the processing of web content to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 14 **Description** A privacy issue was addressed with improved handling of temporary files. This issue allows an app to potentially observe unprotected user data. **Recommendations** For versions prior to 14, update to macOS Sonoma 14 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.6 macOS versions prior to 12.7 tvOS versions prior to 17 watchOS versions prior to 10 iOS versions prior to 17 iPadOS versions prior to 17 macOS versions prior to 14 **Description** The issue is related to insufficient protection of internal data in the Maps component of various Apple operating systems. This may allow an attacker to gain unauthorized access to protected information. An app may be able to read sensitive location information due to the issue. The problem was addressed with improved handling of caches. **Recommendations** For macOS versions prior to 13.6, update to macOS Ventura 13.6 to resolve the issue. For macOS versions prior to 12.7, update to macOS Monterey 12.7 to resolve the issue. For tvOS versions prior to 17, update to tvOS 17 to resolve the issue. For watchOS versions prior to 10, update to watchOS 10 to resolve the issue. For iOS versions prior to 17, update to iOS 17 to resolve the issue. For iPadOS versions prior to 17, update to iPadOS 17 to resolve the issue. For macOS versions prior to 14, update to macOS Sonoma 14 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** tvOS versions prior to 17 iOS versions prior to 17 iPadOS versions prior to 17 macOS Sonoma versions prior to 14 Xcode versions prior to 15 **Description** The issue was addressed with improved memory handling. An app may be able to disclose kernel memory. **Recommendations** For tvOS versions prior to 17, update to tvOS 17 to resolve the issue. For iOS versions prior to 17, update to iOS 17 to resolve the issue. For iPadOS versions prior to 17, update to iPadOS 17 to resolve the issue. For macOS Sonoma versions prior to 14, update to macOS Sonoma 14 to resolve the issue. For Xcode versions prior to 15, update to Xcode 15 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** snyk versions prior to 1.1064.0 snyk-mvn-plugin versions prior to 2.31.3 snyk-gradle-plugin versions prior to 3.24.5 @snyk/snyk-cocoapods-plugin versions prior to 2.5.3 snyk-sbt-plugin versions prior to 2.16.2 snyk-python-plugin versions prior to 1.24.2 snyk-docker-plugin versions prior to 5.6.5 @snyk/snyk-hex-plugin versions prior to 1.1.6 **Description** The issue allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. A successful exploit requires a user to execute the snyk test command on untrusted files. This could be abused in specific scenarios, such as continuous integration pipelines, where developers can control the arguments passed to the Snyk CLI to leverage this component as part of a wider attack against an integration/build pipeline. **Recommendations** For snyk versions prior to 1.1064.0, update to version 1.1064.0 or later. For snyk-mvn-plugin versions prior to 2.31.3, update to version 2.31.3 or later. For snyk-gradle-plugin versions prior to 3.24.5, update to version 3.24.5 or later. For @snyk/snyk-cocoapods-plugin versions prior to 2.5.3, update to version 2.5.3 or later. For snyk-sbt-plugin versions prior to 2.16.2, update to version 2.16.2 or later. For snyk-python-plugin versions prior to 1.24.2, update to version 1.24.2 or later. For snyk-docker-plugin versions prior to 5.6.5, update to version 5.6.5 or later. For @snyk/snyk-hex-plugin versions prior to 1.1.6, update to version 1.1.6 or later. As a temporary workaround, consider avoiding the execution of the snyk test command on untrusted files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** snyk versions prior to 1.1064.0 VS Code versions prior to 1.9.0 IntelliJ versions prior to 2.4.48 Visual Studio versions prior to 1.1.31 Eclipse versions prior to v20221115.132308 Language Server versions prior to v20221109.114426 **Description** The issue allows for Code Injection when analyzing a project. An attacker can include commands in a build file, such as `build.gradle` or `gradle-wrapper.jar`, which will be executed with the privileges of the application. This can be triggered when running the CLI tool directly or when running a scan with one of the IDE plugins that invoke the Snyk CLI. Successful exploitation would likely require some level of social engineering to coerce an untrusted project to be downloaded and analyzed. If the IDE has a Trust feature, the target folder must be marked as ‘trusted’ to be vulnerable. **Recommendations** For snyk versions prior to 1.1064.0, update to version 1.1064.0 or later. For VS Code versions prior to 1.9.0, update to version 1.9.0 or later. For IntelliJ versions prior to 2.4.48, update to version 2.4.48 or later. For Visual Studio versions prior to 1.1.31, update to version 1.1.31 or later. For Eclipse versions prior to v20221115.132308, update to a subsequent version. For Language Server versions prior to v20221109.114426, update to a subsequent version. As a temporary workaround, consider restricting the use of the Snyk CLI or IDE plugins to minimize the risk of exploitation. Avoid analyzing untrusted projects and ensure that only trusted folders are marked as such in the IDE.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13 **Description** The issue concerns the processing of maliciously crafted DMG files, which may lead to arbitrary code execution with system privileges. This was addressed with improved validation of symlinks. **Recommendations** For versions prior to macOS 13, update to macOS Ventura 13 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.6 iOS versions prior to 15.7 iPadOS versions prior to 15.7 macOS Big Sur versions prior to 11.7 **Description** A logic issue was addressed with improved restrictions, which may have allowed an app to read sensitive location information. **Recommendations** For macOS versions prior to 12.6, update to macOS Monterey 12.6. For iOS versions prior to 15.7, update to iOS 15.7 or iOS 16. For iPadOS versions prior to 15.7, update to iPadOS 15.7. For macOS Big Sur versions prior to 11.7, update to macOS Big Sur 11.7.

**Name of the Vulnerable Software and Affected Versions** Visual Studio Code (affected versions not specified) **Description** The issue is related to errors in the representation of information by the user interface, which can allow an attacker to conduct spoofing attacks. There is also a mention of a remote code execution (RCE) issue in the Jupyter Notebook component of Visual Studio Code. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.1 macOS Big Sur versions prior to 11.6.2 Security Update versions prior to 2021-008 Catalina **Description** A logic issue was addressed with improved validation, allowing a malicious application to bypass Gatekeeper checks. **Recommendations** For macOS versions prior to 12.1, update to macOS Monterey 12.1. For macOS Big Sur versions prior to 11.6.2, update to macOS Big Sur 11.6.2. For Security Update versions prior to 2021-008 Catalina, apply Security Update 2021-008 Catalina.