Description
An issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to access sensitive user data.
Published: 2024-06-10
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to access sensitive user data. An issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to access sensitive user data.
References

Tue, 25 Mar 2025 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20

Subscriptions

Apple Ios Ipados Iphone Os Macos Tvos Watchos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:08:35.675Z

Reserved: 2024-02-26T15:32:28.518Z

Link: CVE-2024-27805

cve-icon Vulnrichment

Updated: 2024-08-02T00:41:55.799Z

cve-icon NVD

Status : Modified

Published: 2024-06-10T21:15:49.943

Modified: 2026-04-02T19:17:20.960

Link: CVE-2024-27805

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses