This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-10-28-2024-4 macOS Sonoma 1471
macOS Sonoma 1471 addresses the following issues
Information about the security content is also available at
supportapplecom/121570
Apple maintains a Security Releases page at
supportapplecom/100100 which lists recent
software update ...