CVE-2024-40862

CWE-200 โ€” Information Exposure4 documents4 sources
Severity
5.3MEDIUM
EPSS
0.2%
top 61.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Xcode
Timeline
PublishedSep 17

Description

A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An attacker may be able to determine the Apple ID of the owner of the computer.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

โ–ถCVEListV5apple/xcode< 16
โ–ถNVDapple/xcode< 16.0

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-68hw-g496-55x6: A privacy issue was addressed by removing sensitive dataโ†—2024-09-17
โ–ถ
CVEList
CVE-2024-40862: A privacy issue was addressed by removing sensitive dataโ†—2024-09-16
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Apple
CVE-2024-40862: Xcode 16โ†—2024-09-16
โ–ถ