CVE-2023-42894 | Vulnerability Database | Aqua Security

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access information about a users contacts.

Affected Software

Name	Vendor	Start Version	End Version
Macos	Apple	12.0.0 (including)	12.7.2 (excluding)
Macos	Apple	13.0 (including)	13.6.3 (excluding)
Macos	Apple	14.0 (including)	14.2 (excluding)

References

http://seclists.org/fulldisclosure/2023/Dec/10
http://seclists.org/fulldisclosure/2023/Dec/11
http://seclists.org/fulldisclosure/2023/Dec/9
https://support.apple.com/en-us/HT214036
https://support.apple.com/en-us/HT214037
https://support.apple.com/en-us/HT214038
http://seclists.org/fulldisclosure/2023/Dec/10
http://seclists.org/fulldisclosure/2023/Dec/11
http://seclists.org/fulldisclosure/2023/Dec/9
https://support.apple.com/en-us/HT214036
https://support.apple.com/en-us/HT214037
https://support.apple.com/en-us/HT214038
https://support.apple.com/kb/HT214036
https://support.apple.com/kb/HT214037
https://support.apple.com/kb/HT214038

NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-42894
CWE	https://cwe.mitre.org/data/definitions/.html