Code Execution Vulnerability in Kong Insomnia for macOS
CVE-2023-40299
7.8HIGH
What is CVE-2023-40299?
Kong Insomnia version 2023.4.0 on macOS is susceptible to a security flaw that allows attackers to execute arbitrary code by manipulating the DYLD_INSERT_LIBRARIES environment variable. This vulnerability could enable unauthorized access to restricted files or facilitate requests for TCC (Transparency, Consent, and Control) permissions, potentially compromising sensitive user data and system integrity.
