An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.
Metrics
Affected Vendors & Products
References
History
Tue, 04 Nov 2025 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Sun, 13 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Tue, 18 Mar 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 |
Tue, 24 Sep 2024 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple macos |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Apple
Apple macos |
|
| Metrics |
cvssV3_1
|
Tue, 17 Sep 2024 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 16 Sep 2024 23:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2024-09-16T23:23:09.223Z
Updated: 2025-11-04T16:13:03.178Z
Reserved: 2024-07-10T17:11:04.707Z
Link: CVE-2024-40842
Vulnrichment
Updated: 2024-09-17T13:57:33.151Z
NVD
Status : Modified
Published: 2024-09-17T00:15:49.013
Modified: 2025-11-04T17:15:59.883
Link: CVE-2024-40842
Redhat
No data.