CVE-2015-7056

high

Description

IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.

References

https://support.apple.com/HT205642

http://www.securitytracker.com/id/1034340

http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html

Details

Source: Mitre, NVD

Published: 2015-12-11

Updated: 2016-12-07

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

Detections

Analytics