Out-of-Bounds Read Vulnerability in Xcode by Apple
CVE-2022-22601

7.8HIGH

Key Information:

Vendor: Apple
Status: Xcode
Vendor: CVE Published:; 18 March 2022

Summary

An out-of-bounds read vulnerability in Xcode may allow attackers to craft malicious files that, when opened, could lead to unexpected application termination or arbitrary code execution. This issue highlights the importance of proper bounds checking and is resolved in the latest release of Xcode (13.3). For more details about this issue, visit the Apple support page.

Affected Version(s)

Xcode < 13.3

References

https://support.apple.com/en-us/HT213189

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 18, 2022
Vulnerability Reserved
Jan 5, 2022