Apple Shortcuts
By the Year
In 2021 there have been 0 vulnerabilities in Apple Shortcuts . Shortcuts did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 2 | 7.75 |
2018 | 0 | 0.00 |
It may take a day or so for new Shortcuts vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.
Latest Apple Shortcuts Security Vulnerabilities
An access issue was addressed with additional sandbox restrictions
CVE-2019-7290
10 - Critical
- December 18, 2019
An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions.
CVE-2019-7290 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.
Externally Controlled Reference to a Resource in Another Sphere
A parsing issue in the handling of directory paths was addressed with improved path validation
CVE-2019-7289
5.5 - Medium
- December 18, 2019
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information.
CVE-2019-7289 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Directory traversal