Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple swift vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-28789
The unofficial apple/swift-format extension prior to 1.1.2 for Visual Studio Code allows remote malicious users to execute arbitrary code by constructing a malicious workspace with a crafted apple-swift-format.path configuration value that triggers execution upon opening the work...
Apple-swift-format Project Apple-swift-format
7.5
CVSSv3
CVE-2020-9861
A stack overflow issue existed in Swift for Linux. The issue was addressed with improved input validation for dealing with deeply nested malicious JSON input.
Apple Swift
8.8
CVSSv3
CVE-2018-4220
An issue exists in certain Apple products. Swift prior to 4.1.1 Security Update 2018-001 is affected. The issue involves the "Swift for Ubuntu" component. It allows malicious users to execute arbitrary code in a privileged context because write and execute permissions a...
Apple Swift
7.5
CVSSv3
CVE-2022-1642
A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the ...
Apple Swift
5.5
CVSSv3
CVE-2019-8790
This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0. This issue is fixed in Swift 5.1.1 for Ubuntu. Incorrect management of file descriptors in URLSession could lead to inadvertent data disclosure.
Apple Swift
8.8
CVSSv3
CVE-2022-3918
A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF ( ) injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSessi...
Apple Swift Foundation
7.5
CVSSv3
CVE-2022-3252
Improper detection of complete HTTP body decompression SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects (HTTPRequestDecompressor and HTTPResponseDecompressor) both failed to detect when the deco...
Apple Swift-nio-extras
NA
CVE-2015-7030
The Swift implementation in Apple Xcode prior to 7.1 mishandles type conversion, which has unspecified impact and attack vectors.
Apple Xcode
NA
CVE-2015-1149
Integer overflow in the simulator in Swift in Apple Xcode prior to 6.3 allows context-dependent malicious users to cause a denial of service or possibly have unspecified other impact by triggering an incorrect result of a type conversion.
Apple Xcode
7.5
CVSSv3
CVE-2022-24667
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. There are a number of implementation errors in the ...
Apple Swiftnio Http\\/2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »