CVE-2024-40594

Name of the Vulnerable Software and Affected Versions OpenAI ChatGPT app versions prior to 2024-07-05 for macOS

Description The issue concerns the OpenAI ChatGPT app for macOS, which opts out of the sandbox and stores conversations in cleartext in a location accessible to other apps. This could potentially allow unauthorized access to sensitive information.

Recommendations For versions prior to 2024-07-05, update the OpenAI ChatGPT app to a version that includes the necessary security fixes to address the issue of storing conversations in cleartext and opting out of the sandbox. As a temporary workaround, consider restricting access to the location where conversations are stored to minimize the risk of exploitation.