CVE-2024-40594 LOW

CVE-2024-40594

Vendor N/A
Product n/a
Published July 6, 2024
Last update November 4, 2024

CVSS base score

2.3/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AC:L/AV:L/A:N/C:L/I:N/PR:H/S:U/UI:N

What the vulnerability does

01Description

The OpenAI ChatGPT app before 2024-07-05 for macOS opts out of the sandbox, and stores conversations in cleartext in a location accessible to other apps.

Key dates

02Disclosure timeline

July 6, 2024 CVE published
November 4, 2024 Record updated