Apple Xcode < 11.3 Code Execution (macOS)
High Nessus Plugin ID 132047
SynopsisAn IDE application installed on the remote macOS or Mac OS X host is affected by a vulnerability.
DescriptionThe version of Apple Xcode installed on the remote macOS or Mac OS X host is prior to 11.3. It is, therefore, affected by a vulnerability in the ld64 component due to insufficient bounds checking. An attacker can exploit this vulnerability by persuading a victim to open a specially crafted file in order to execute arbitrary code on the system or cause a denial-of-service condition.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Apple Xcode version 11.3 or later.