Known Vulnerabilities
CVE-2023-42867
This issue was addressed with improved validation of the process entitlement and Team ID. This issue is fixed in GarageBand 10.4.9. An app may be able to gain root privileges.
HIGH
CVSS 7.8
Published Dec 20, 2024
CVE-2024-23300
A use-after-free issue was addressed with improved memory management. This issue is fixed in GarageBand 10.4.11. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.
UNKNOWN
CVSS 7.8
Published Mar 12, 2024
CVE-2021-30654
This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information.
UNKNOWN
Published Sep 08, 2021