Liste des Groupes | Revenir à csm apps |
On Sat, 6 Jul 2024 12:48:23 -0400, Alan Browne wrote:
... been asleep most of the week, huh?
How did you find out about this new hole found in millions of mac/iOs apps?
I was looking up Swift documentation for a project when all the hits by
reverse date shows up to be about this vulnerability for mac/iOS apps.
https://forums.appleinsider.com/discussion/236916/vulnerabilities-found-in-swift-repository-left-millions-of-iphone-apps-exposed
The open-source Swift and Objective-C repository, CocoaPods, had multiple
vulnerabilities that left millions of iOS and macOS apps exposed for a
decade
https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html
security flaws were uncovered in the CocoaPods dependency manager for Swift
https://www.evasec.io/blog/eva-discovered-supply-chain-vulnerabities-in-cocoapods
CocoaPods is an open source dependency manager for Swift
https://www.techrepublic.com/article/apple-applications-cocoapods-supply-chain-attack/
CocoaPods is a dependency manager for Swift and Objective-C projects
The holes are so big they can't be avoided but why did Apple not find it?
Les messages affichés proviennent d'usenet.