Kong Insomnia 2023.4.0 on macOS DYLD_INSERT_LIBRARIES Code Execution and File Access Vulnerability

Kong Insomnia 2023.4.0 on macOS DYLD_INSERT_LIBRARIES Code Execution and File Access Vulnerability

CVE-2023-40299 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLD_INSERT_LIBRARIES environment variable.

Learn more about our Cis Benchmark Audit For Apple Macos.