Vulnerability Description
IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Xcode | <= 7.1.1 |
Related Weaknesses (CWE)
References
- http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.htmlVendor Advisory
- http://www.securitytracker.com/id/1034340
- https://support.apple.com/HT205642Vendor Advisory
- http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.htmlVendor Advisory
- http://www.securitytracker.com/id/1034340
- https://support.apple.com/HT205642Vendor Advisory
FAQ
What is CVE-2015-7056?
CVE-2015-7056 is a vulnerability with a CVSS score of 5.0 (MEDIUM). IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file...
How severe is CVE-2015-7056?
CVE-2015-7056 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-7056?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Xcode.