CVE-2021-30654

3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 83.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Garageband

Timeline

PublishedSep 8

Latest updateMay 24

Description

This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5apple/garagebandunspecified — 10.4

▶NVDapple/garageband< 10.4.3

🔴Vulnerability Details

GHSA

GHSA-3489-8qg3-xgj4: This issue was addressed by removing additional entitlements↗2022-05-24

▶

CVEList

CVE-2021-30654: This issue was addressed by removing additional entitlements↗2021-09-08

▶