CVE-2023-27967

The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.6 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
appleCNA
---
---
CVEADP
---
---
CISA-ADPADP
8.6 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
VendorProductVersion
applexcode
𝑥
< 14.3
𝑥
= Vulnerable software versions
References
https://support.apple.com/en-us/HT213679
https://support.apple.com/en-us/HT213679