Uncontrolled resource consumption vulnerability in IDE Xcode Server in Apple Xcode - CVE-2018-16845ID: oval:org.secpod.oval:def:75134 | Date: (C)2021-09-23 (M)2023-12-20 |
Class: VULNERABILITY | Family: macos |
The host is installed with Xcode before 13 on Apple Mac OS 11.3 or later and is prone to an uncontrolled resource consumption vulnerability. A flaw is present in the application, which fails to properly handle issue in nginx. Successful exploitation allows an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file.