← Voltar para CVEs
CVE-2023-40394
LOW3.3
Descricao
The issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to access sensitive user data.
Detalhes CVE
Pontuacao CVSS v3.13.3
SeveridadeLOW
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado1/10/2024
Ultima modificacao6/20/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
apple:ipadosapple:iphone_os
Fraquezas (CWE)
CWE-20
Referencias
https://support.apple.com/en-us/HT213841(product-security@apple.com)
https://support.apple.com/en-us/HT213841(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.