Every CVE whose affected-product data names Apple Garageband, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2017-2372 — CVSS 8.8 (high): An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue…
CVE-2017-2374 — CVSS 7.8 (high): An issue was discovered in certain Apple products. GarageBand before 10.1.6 is affected. The issue involves the "Projects" component. It…
CVE-2024-44142 — CVSS 7.8 (high): The issue was addressed with improved bounds checks. This issue is fixed in GarageBand 10.4.12. Processing a maliciously crafted image may…
CVE-2023-42867 — CVSS 7.8 (high): This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app…
CVE-2024-23300 — CVSS 7.8 (high): A use-after-free issue was addressed with improved memory management. This issue is fixed in GarageBand 10.4.11. Processing a maliciously…
CVE-2022-22657 — CVSS 7.8 (high): A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6…
CVE-2022-22664 — CVSS 7.8 (high): An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS…
CVE-2021-30654 — CVSS 5.5 (medium): This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to…
CVE-2009-2198 — CVSS 4.3 (medium): Apple GarageBand before 5.1 reconfigures Safari to accept all cookies regardless of domain name, which makes it easier for remote web…