Apple Garageband
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Apple Garageband.
Recent Apple Garageband Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 121866 | GarageBand 10.4.12 - Apple Security Content | January 30, 2025 |
| HT214090 | GarageBand 10.4.11 Security Content | March 12, 2024 |
| HT214042 | GarageBand 10.4.9 Security Content | November 6, 2023 |
| HT213650 | GarageBand for macOS 10.4.8 Security Content | March 7, 2023 |
| HT213191 | GarageBand 10.4.6 Security Content | March 14, 2022 |
| HT212299 | GarageBand 10.4.3 Security Content | April 6, 2021 |
| HT207518 | GarageBand 10.1.6 Security Content | February 13, 2017 |
| HT207477 | GarageBand 10.1.5 Security Content | January 18, 2017 |
By the Year
In 2025 there have been 1 vulnerability in Apple Garageband with an average score of 7.8 out of ten. Last year, in 2024 Garageband had 2 security vulnerabilities published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Interestingly, the average vulnerability score and the number of vulnerabilities for 2025 and last year was the same.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 1 | 7.80 |
| 2024 | 2 | 7.80 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 7.80 |
| 2021 | 1 | 5.50 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Garageband vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apple Garageband Security Vulnerabilities
The issue was addressed with improved bounds checks
CVE-2024-44142
7.8 - High
- January 30, 2025
The issue was addressed with improved bounds checks. This issue is fixed in GarageBand 10.4.12. Processing a maliciously crafted image may lead to arbitrary code execution.
GarageBand Entitlement Validation Bypass Root Privilege Escalation Vulnerability
CVE-2023-42867
7.8 - High
- December 20, 2024
This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app may be able to gain root privileges.
A use-after-free issue was addressed with improved memory management
CVE-2024-23300
7.8 - High
- March 12, 2024
A use-after-free issue was addressed with improved memory management. This issue is fixed in GarageBand 10.4.11. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.
Dangling pointer
An out-of-bounds read was addressed with improved bounds checking
CVE-2022-22664
7.8 - High
- March 18, 2022
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
Out-of-bounds Read
A memory initialization issue was addressed with improved memory handling
CVE-2022-22657
7.8 - High
- March 18, 2022
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
Improper Initialization
This issue was addressed by removing additional entitlements
CVE-2021-30654
5.5 - Medium
- September 08, 2021
This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apple Garageband or by Apple? Click the Watch button to subscribe.
