CVE-2023-42844

Q: What is CVE-2023-42844?

CVE-2023-42844 is a vulnerability that allows a website to access sensitive user data when resolving symlinks.

Q: Which versions of macOS are affected by CVE-2023-42844?

macOS Sonoma 14.1, macOS Monterey 12.7.1, and macOS Ventura 13.6.1 are affected by CVE-2023-42844.

Q: How was CVE-2023-42844 fixed?

CVE-2023-42844 was fixed with improved handling of symlinks in macOS Sonoma 14.1, macOS Monterey 12.7.1, and macOS Ventura 13.6.1.

Q: How can I protect myself from CVE-2023-42844?

To protect yourself from CVE-2023-42844, ensure that you have installed the latest updates for macOS Sonoma, Monterey, or Ventura.

Q: Where can I find more information about CVE-2023-42844?

You can find more information about CVE-2023-42844 on the Apple support page: [link1], [link2], [link3].

Published Oct 25, 2023

Updated

Foundation. This issue was addressed with improved handling of symlinks.

Credit

Ron Masas(BreakPoint), Ron Masas(BreakPoint), Ron Masas(BreakPoint)

Affected Software

6 affected componentsFixes available

Apple macOS<14.1

14.1

macOS<12.7.1

12.7.1

macOS Ventura<13.6.1

13.6.1

macOS>=12.0.0<12.7.1

macOS>=13.0<13.6.1

macOS>=14.0<14.1

Event History

Oct 25, 2023

Data Sourced

via Apple·12:00 AM

DescriptionWeaknessAffected Software

CVE Published

06:32 PM

Data Sourced

06:32 PM

DescriptionWeakness

Frequently Asked Questions

What is CVE-2023-42844?

CVE-2023-42844 is a vulnerability that allows a website to access sensitive user data when resolving symlinks.

Which versions of macOS are affected by CVE-2023-42844?

macOS Sonoma 14.1, macOS Monterey 12.7.1, and macOS Ventura 13.6.1 are affected by CVE-2023-42844.

How was CVE-2023-42844 fixed?

CVE-2023-42844 was fixed with improved handling of symlinks in macOS Sonoma 14.1, macOS Monterey 12.7.1, and macOS Ventura 13.6.1.

How can I protect myself from CVE-2023-42844?

To protect yourself from CVE-2023-42844, ensure that you have installed the latest updates for macOS Sonoma, Monterey, or Ventura.

Where can I find more information about CVE-2023-42844?

You can find more information about CVE-2023-42844 on the Apple support page: [link1], [link2], [link3].

CVSS Score

7.5High

High Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Security Metrics

Risk Score45

Severityhigh(7.5)

CWE

Timeline

PublishedOct 25, 2023

Updated

References

Parent Advisories

Peer Vulnerabilities

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2023-42844 - SecAlerts