CVE-2023-40435

This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
applexcode
𝑥
< 15.0
𝑥
= Vulnerable software versions
References
http://seclists.org/fulldisclosure/2023/Oct/7
https://support.apple.com/en-us/HT213939
http://seclists.org/fulldisclosure/2023/Oct/7
https://support.apple.com/en-us/HT213939
https://support.apple.com/kb/HT213939