Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-42867

This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app may be able to gain root privileges.

Published

2024-12-20T04:15:05.200

Last Modified

2025-11-04T20:16:51.453

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-281

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apple	garageband	< 10.4.9	Yes

References

https://support.apple.com/en-us/120299 Vendor Advisory ([email protected])
https://support.apple.com/kb/HT214042 (af854a3a-2127-422b-91ae-364da2661108)