A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to break out of its sandbox.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/121839 | Vendor Advisory |
| https://support.apple.com/en-us/121840 | Vendor Advisory |
| https://support.apple.com/en-us/121842 | Vendor Advisory |
| http://seclists.org/fulldisclosure/2024/Dec/7 | |
| http://seclists.org/fulldisclosure/2024/Dec/9 |
Configurations
Configuration 1 (hide)
|
History
03 Nov 2025, 23:17
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
13 Dec 2024, 18:32
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
|
| References | () https://support.apple.com/en-us/121839 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/121840 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/121842 - Vendor Advisory | |
| First Time |
Apple
Apple macos |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
12 Dec 2024, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-12-12 02:15
Updated : 2025-11-03 23:17
NVD link : CVE-2024-54498
Mitre link : CVE-2024-54498
CVE.ORG link : CVE-2024-54498
JSON object : View
Products Affected
apple
- macos
CWE