What is the severity of CVE-2024-23236?

CVE-2024-23236 has been rated as a medium severity vulnerability since it allows an app to read arbitrary files.

How do I fix CVE-2024-23236?

To fix CVE-2024-23236, you should update your macOS to version 14.5 or later.

Who is affected by CVE-2024-23236?

Users running macOS versions prior to 14.5 are affected by CVE-2024-23236.

What is the nature of the issue in CVE-2024-23236?

CVE-2024-23236 is a correctness issue that was addressed with improved checks in the system.

When was CVE-2024-23236 disclosed?

CVE-2024-23236 was disclosed along with the fix in macOS Sonoma 14.5.

Vulnerability/
CVE-2024-23236

medium

6.2

13/5/2024

15/1/2025

CVE-2024-23236

First published: Mon May 13 2024(Updated: )

A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to read arbitrary files.

Credit: product-security@apple.com Ron Masas ImpervaMeysam Firouzi @R00tkitSMM Mickey Jin @patch1t ajajfxhj Mickey Jin @patch1t Kirin @Pwnrin Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappMinghao Lin Baidu Security Baidu SecurityYe Zhang @VAR10CK Baidu SecurityMeysam Firouzi @R00tkitSMM Mickey Jin @patch1t ajajfxhj Mickey Jin @patch1t Kirin @Pwnrin Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappKirin @Pwnrin Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappMickey Jin @patch1t ajajfxhj Mickey Jin @patch1t Kirin @Pwnrin Amir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappan anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappan anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappRon Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsPwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day Initiativean anonymous researcher an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary Operationsan anonymous researcher an anonymous researcher CertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher pattern-f @pattern_F_ Ant Security Lightan anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer an anonymous researcher Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t an anonymous researcher an anonymous researcher Mickey Jin @patch1t Mickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappMickey Jin @patch1t Narendra Bhati Suma Soft PvtShaheen Fazim Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiKirin @Pwnrin LFY @secsys 小来来 @Smi1eSEC yulige Snoolie Keffaber @0xilis Robert Reichel an anonymous researcher CVE-2024-27806 Yann GASCUEL Alter SolutionsCsaba Fitzl @theevilbit KandjiMickey Jin @patch1t Mickey Jin @patch1t CertiK SkyFall Team ajajfxhj Maksymilian Motyl Immunity SystemsJunsung Lee Trend Micro Zero Day Initiative ajajfxhj Manfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information Securityan anonymous researcher Nan Wang @eternalsakura13 360 Vulnerability Research InstituteManfred Paul @_manfp Trend Micro's Zero Day InitiativeJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassapp

Affected Software	Affected Version	How to fix
Apple macOS	<14.5
Apple macOS	<14.5	14.5
	<14.5	14.5

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2024-23236?
CVE-2024-23236 has been rated as a medium severity vulnerability since it allows an app to read arbitrary files.
How do I fix CVE-2024-23236?
To fix CVE-2024-23236, you should update your macOS to version 14.5 or later.
Who is affected by CVE-2024-23236?
Users running macOS versions prior to 14.5 are affected by CVE-2024-23236.
What is the nature of the issue in CVE-2024-23236?
CVE-2024-23236 is a correctness issue that was addressed with improved checks in the system.
When was CVE-2024-23236 disclosed?
CVE-2024-23236 was disclosed along with the fix in macOS Sonoma 14.5.

agent/first-publish-date
agent/type
agent/description
agent/author
agent/references
collector/mitre-cve
source/MITRE
agent/event
agent/severity
agent/last-modified-date
agent/trending
agent/softwarecombine
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/apple-support
source/Apple
agent/source
agent/tags
alias/CVE-2024-27837
alias/CVE-2024-27816
alias/CVE-2024-27825
alias/CVE-2024-27829
alias/CVE-2024-40771
alias/CVE-2024-27841
alias/CVE-2024-23236
alias/CVE-2024-27805
alias/CVE-2024-27817
alias/CVE-2024-27831
alias/CVE-2024-27832
alias/CVE-2024-27827
alias/CVE-2024-27801
alias/CVE-2024-27836
alias/CVE-2024-27799
alias/CVE-2024-27818
alias/CVE-2024-27815
alias/CVE-2024-27823
alias/CVE-2024-27811
alias/CVE-2023-42893
alias/CVE-2024-23251
alias/CVE-2024-23282
alias/CVE-2024-27810
alias/CVE-2024-27800
alias/CVE-2024-27802
alias/CVE-2024-27857
alias/CVE-2024-27822
alias/CVE-2024-27824
alias/CVE-2024-27885
alias/CVE-2024-27813
alias/CVE-2024-27844
alias/CVE-2024-27843
alias/CVE-2024-27821
alias/CVE-2024-27855
alias/CVE-2024-27806
alias/CVE-2024-27798
alias/CVE-2024-27848
alias/CVE-2024-27847
alias/CVE-2024-27884
alias/CVE-2024-27842
alias/CVE-2024-27796
alias/CVE-2024-27856
alias/CVE-2024-27834
alias/CVE-2024-27838
alias/CVE-2024-27808
alias/CVE-2024-27850
alias/CVE-2024-27851
alias/CVE-2024-27830
alias/CVE-2024-27820
alias/CVE-2024-27804
vendor/apple
canonical/apple macos