A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOS Ventura 13.6, macOS Monterey 12.7. A sandboxed process may be able to circumvent sandbox restrictions.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/120328 | Vendor Advisory |
| https://support.apple.com/en-us/120329 | Vendor Advisory |
| https://support.apple.com/en-us/120337 | Vendor Advisory |
| https://support.apple.com/en-us/120949 | Vendor Advisory |
| https://support.apple.com/en-us/120950 | Vendor Advisory |
Configurations
History
21 Apr 2025, 22:04
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* |
|
| References | () https://support.apple.com/en-us/120328 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/120329 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/120337 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/120949 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/120950 - Vendor Advisory | |
| Summary |
|
|
| First Time |
Apple iphone Os
Apple Apple macos Apple ipados |
14 Apr 2025, 19:15
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.3 |
| CWE | CWE-22 |
11 Apr 2025, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-04-11 15:15
Updated : 2025-04-21 22:04
NVD link : CVE-2023-42961
Mitre link : CVE-2023-42961
CVE.ORG link : CVE-2023-42961
JSON object : View
Products Affected
apple
- ipados
- iphone_os
- macos
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')