Apple Music
Recent Apple Music Security Advisories
| Advisory | Title | Published |
|---|---|---|
| HT213833 | Apple Music 4.2.0 for Android Security Content | May 23, 2023 |
| HT213473 | Apple Music 3.9.10 for Android Security Content | June 14, 2022 |
| HT213472 | Apple Music 3.5.0 for Android Security Content | April 26, 2021 |
| HT211898 | Apple Music 3.4.0 for Android Security Content | October 26, 2020 |
| HT207605 | Apple Music 2.0 for Android Security Content | April 4, 2017 |
By the Year
In 2024 there have been 0 vulnerabilities in Apple Music . Last year Music had 6 security vulnerabilities published. Right now, Music is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 6 | 6.27 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 5.50 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Music vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apple Music Security Vulnerabilities
The issue was addressed with improved checks
CVE-2023-28203
5.5 - Medium
- July 28, 2023
The issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. An app may be able to access contacts.
This issue was addressed by using HTTPS when sending information over the network
CVE-2023-32427
5.9 - Medium
- July 28, 2023
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 4.2.0 for Android. An attacker in a privileged network position may be able to intercept network traffic.
This issue was addressed with improved state management
CVE-2022-32836
7.5 - High
- February 27, 2023
This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.
A logic issue was addressed with improved state management
CVE-2022-32846
7.5 - High
- February 27, 2023
A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.
This issue was addressed with using HTTPS when sending information over the network
CVE-2022-32906
5.3 - Medium
- February 27, 2023
This issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. A user in a privileged network position may intercept SSL/TLS connections.
This issue was addressed by using HTTPS when sending information over the network
CVE-2021-46841
5.9 - Medium
- February 27, 2023
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.
This issue was addressed with improved checks to prevent unauthorized actions
CVE-2020-9982
5.5 - Medium
- October 27, 2020
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Apple Music 3.4.0 for Android. A malicious application may be able to leak a user's credentials.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apple Music or by Apple? Click the Watch button to subscribe.
