CVE-2024-44142

4 documents4 sources
Severity
7.8HIGH
EPSS
0.1%
top 72.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Garageband
Timeline
PublishedJan 30

Description

The issue was addressed with improved bounds checks. This issue is fixed in GarageBand 10.4.12. Processing a maliciously crafted image may lead to arbitrary code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5apple/garageband< 10.4.12
NVDapple/garageband< 10.4.12

🔴Vulnerability Details

2
GHSA
GHSA-jh3j-ppfx-qrwc: The issue was addressed with improved bounds checks2025-01-30
CVEList
CVE-2024-44142: The issue was addressed with improved bounds checks2025-01-30

📋Vendor Advisories

1
Apple
CVE-2024-44142: GarageBand 10.4.122025-01-30
CVE-2024-44142 (HIGH CVSS 7.8) | The issue was addressed with improv | cvebase.io