Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple swift vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2021-28789
The unofficial apple/swift-format extension prior to 1.1.2 for Visual Studio Code allows remote malicious users to execute arbitrary code by constructing a malicious workspace with a crafted apple-swift-format.path configuration value that triggers execution upon opening the work...
Apple-swift-format Project Apple-swift-format
445
VMScore
CVE-2022-1642
A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the ...
Apple Swift
187
VMScore
CVE-2019-8790
This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0. This issue is fixed in Swift 5.1.1 for Ubuntu. Incorrect management of file descriptors in URLSession could lead to inadvertent data disclosure.
Apple Swift
828
VMScore
CVE-2018-4220
An issue exists in certain Apple products. Swift prior to 4.1.1 Security Update 2018-001 is affected. The issue involves the "Swift for Ubuntu" component. It allows malicious users to execute arbitrary code in a privileged context because write and execute permissions a...
Apple Swift
445
VMScore
CVE-2020-9861
A stack overflow issue existed in Swift for Linux. The issue was addressed with improved input validation for dealing with deeply nested malicious JSON input.
Apple Swift
NA
CVE-2022-3918
A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF ( ) injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSessi...
Apple Swift Foundation
NA
CVE-2022-3252
Improper detection of complete HTTP body decompression SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects (HTTPRequestDecompressor and HTTPResponseDecompressor) both failed to detect when the deco...
Apple Swift-nio-extras
668
VMScore
CVE-2015-7030
The Swift implementation in Apple Xcode prior to 7.1 mishandles type conversion, which has unspecified impact and attack vectors.
Apple Xcode
668
VMScore
CVE-2015-1149
Integer overflow in the simulator in Swift in Apple Xcode prior to 6.3 allows context-dependent malicious users to cause a denial of service or possibly have unspecified other impact by triggering an incorrect result of a type conversion.
Apple Xcode
445
VMScore
CVE-2022-24667
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. There are a number of implementation errors in the ...
Apple Swiftnio Http\\/2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »