CVE-2015-7056Sensitive Information Exposure in Apple Xcode

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 46.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Xcode
Timeline
PublishedDec 11
Latest updateMay 17

Description

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapple/xcode7.1.1

🔴Vulnerability Details

2
GHSA
GHSA-2qqq-394q-qgqc: IDE SCM in Apple Xcode before 72022-05-17
CVEList
CVE-2015-7056: IDE SCM in Apple Xcode before 72015-12-11

📋Vendor Advisories

1
Apple
CVE-2015-7056: Xcode 7.2
CVE-2015-7056 — Sensitive Information Exposure in Apple | cvebase