CVE Daily
← All tags

Tag: Gatekeeper

All CVEs associated with "Gatekeeper". Page 1/1 • 72 CVEs.

About “Gatekeeper”

A curated feed of “Gatekeeper”-related CVEs appears below. We currently track 72 CVEs for this tag (all time). In the last 365 days, 9 were published. Average CVSS is 6.4 (all time; 6.4 over 365d), and 32% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-290 - Authentication Bypass by Spoofing, CWE-358 - Improperly Implemented Security Check for Standard, CWE-863 - Incorrect Authorization.

In our taxonomy this topic maps to a MODERATE impact class. Container and Kubernetes fixes usually require image rebuilds and control plane or node upgrades. Prioritize exposed surfaces, restart workloads on patched bases, and tighten RBAC and NetworkPolicies. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

Support & lifecycle: gatekeeper

This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.

CycleReleaseLatestEOLLTS
3.223.22.2-
3.213.21.1-
3.203.20.1 Expired
3.193.19.3 Expired
3.183.18.3 Expired
3.173.17.2 Expired
3.163.16.3 Expired
3.153.15.1 Expired
3.143.14.2 Expired
3.133.13.4 Expired
3.123.12.0 Expired
3.113.11.1 Expired

Maintained Soon (≤ 180 days) Expired

Subscribe lifecycle: RSS  ·  RSS (expired)  ·  ICS

Subscribe CVEs: RSS for “Gatekeeper”  ·  RSS (High+Critical only)

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2026-05-11
High

CVE-2026-28954

A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted…

CVSS: 7.5 CWE: CWE-290 - Authentication Bypass by Spoofing View on NVD
Medium

CVE-2026-28914

A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks.

CVSS: 5.5 CWE: CWE-358 - Improperly Implemented Security Check for Standard View on NVD
2026-05-09
High

CVE-2026-42296

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14 and 4.0.5, a user with create Workflow permission can bypass…

CVSS: 8.1 CWE: CWE-863 - Incorrect Authorization View on NVD
Medium

CVE-2026-42183

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, a nil pointer dereference in server/auth/g…

CVSS: 6.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
2026-03-25
Low

CVE-2026-20684

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.4. An app may bypass Gatekeeper checks.

CVSS: 3.3 CWE: CWE-284 - Improper Access Control View on NVD
2026-01-16
High

CVE-2021-47782

Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API endpoint that allows remote attackers to inject malicious database queries. Attackers can exploit the vul…

CVSS: 8.2 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2025-12-17
High

CVE-2025-46291

A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may bypass Gatekeeper checks.

CVSS: 7.8 CWE: CWE-693 - Protection Mechanism Failure View on NVD
2025-11-04
Medium

CVE-2025-43348

A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may bypass Gatekeeper checks.

CVSS: 5.5 CWE: CWE-20 - Improper Input Validation View on NVD
2025-10-09
Medium

CVE-2025-43296

A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26. An app may bypass Gatekeeper checks.

CVSS: 5.5 CWE: CWE-352 - Cross-Site Request Forgery (CSRF) View on NVD
2025-04-07
Medium

CVE-2024-45551

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass.

CVSS: 6.2 CWE: CWE-1390 - Weak Authentication View on NVD
2025-03-31
Medium

CVE-2025-24148

This issue was addressed with improved handling of executable types. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious JAR file may bypass Gatekeeper c…

CVSS: 5.5 CWE: CWE-354 - Improper Validation of Integrity Check Value View on NVD
2025-02-26
Medium

CVE-2022-49215

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. Th…

CVSS: 4.7 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2024-09-17
Medium

CVE-2024-44128

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An Automator Quick Action workflow may be abl…

CVSS: 5.5 CWE: CWE-841 - Improper Enforcement of Behavioral Workflow View on NVD
2024-07-29
Medium

CVE-2024-27853

This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4. A maliciously crafted ZIP archive may bypass Gatekeeper checks.

CVSS: 4.4 CWE: CWE-290 - Authentication Bypass by Spoofing View on NVD
2024-04-30
Medium

CVE-2024-22405

XADMaster is an objective-C library for archive and file unarchiving and extraction. When extracting a specially crafted zip archive XADMaster may not apply quarantine attribute correctly. Such behav…

CVSS: 5.5 CWE: CWE-281 - Improper Preservation of Permissions View on NVD
2024-03-15
Medium

CVE-2024-23298

A logic issue was addressed with improved state management. This issue is fixed in Xcode 15.3. An app may bypass Gatekeeper checks.

CVSS: 5.5 CWE: N/A View on NVD
2024-01-31
Critical

CVE-2024-23745

In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an…

CVSS: 9.8 CWE: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection') View on NVD
2024-01-10
Medium

CVE-2023-40433

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks.

CVSS: 5.5 CWE: N/A View on NVD
2023-12-06
Critical

CVE-2023-22524

Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion’s blocklist and Ma…

CVSS: 9.8 CWE: N/A View on NVD
2023-09-27
Medium

CVE-2023-41067

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may bypass Gatekeeper checks.

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2023-40450

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may bypass Gatekeeper checks.

CVSS: 5.5 CWE: N/A View on NVD
2023-06-23
Medium

CVE-2023-32352

A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may bypass Gate…

CVSS: 5.5 CWE: CWE-639 - Authorization Bypass Through User-Controlled Key View on NVD
2023-05-08
Medium

CVE-2023-27952

A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks.

CVSS: 4.7 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
Medium

CVE-2023-27951

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An archive may be able to bypass Gatekeeper.

CVSS: 5.5 CWE: CWE-863 - Incorrect Authorization View on NVD
Critical

CVE-2023-23526

This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A file from an iCl…

CVSS: 9.8 CWE: N/A View on NVD
2023-03-15
High

CVE-2023-26484

KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler (the KubeVirt node-daemon) is run…

CVSS: 8.2 CWE: CWE-863 - Incorrect Authorization View on NVD
2022-12-15
Medium

CVE-2022-42821

A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Big Sur 11.7.2, macOS Ventura 13. An app may bypass Gatekeeper checks.

CVSS: 5.5 CWE: CWE-693 - Protection Mechanism Failure View on NVD
2022-11-01
High

CVE-2022-32910

A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.

CVSS: 7.5 CWE: CWE-693 - Protection Mechanism Failure View on NVD
2022-08-11
Medium

CVE-2022-20377

In TBD of keymaster_ipc.cpp, there is a possible to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This could lead to local escalation of privilege with no additional execution…

CVSS: 6.7 CWE: N/A View on NVD
2022-05-26
Medium

CVE-2022-22663

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-004 Catalina, macOS Monterey 12.3, macOS Big Sur 1…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2022-22616

This issue was addressed with improved checks. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A maliciously crafted ZIP archive may bypass Gateke…

CVSS: 5.5 CWE: N/A View on NVD
2021-11-17
Medium

CVE-2021-43979

Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0 mishandles concurrency, sometimes resulting in incorrect access control. The data replication mechanism allows policies to access the Kubernetes…

CVSS: 5.3 CWE: CWE-670 - Always-Incorrect Control Flow Implementation View on NVD
2021-11-12
High

CVE-2021-41254

kustomize-controller is a Kubernetes operator, specialized in running continuous delivery pipelines for infrastructure and workloads defined with Kubernetes manifests and assembled with Kustomize. Us…

CVSS: 8.8 CWE: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') View on NVD
2021-09-28
High

CVE-2021-33601

A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbit…

CVSS: 7.6 CWE: N/A View on NVD
Medium

CVE-2021-33600

A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed H…

CVSS: 5.4 CWE: CWE-617 - Reachable Assertion View on NVD
2021-09-08
Medium

CVE-2021-30669

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A malicious application may…

CVSS: 5.5 CWE: CWE-494 - Download of Code Without Integrity Check View on NVD
Medium

CVE-2021-30658

This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Big Sur 11.3. A malicious application may bypass Gatekeeper checks.

CVSS: 5.5 CWE: CWE-494 - Download of Code Without Integrity Check View on NVD
Medium

CVE-2021-30657

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple i…

CVSS: 5.5 CWE: CWE-862 - Missing Authorization View on NVD
Medium

CVE-2021-1810

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks.

CVSS: 5.5 CWE: N/A View on NVD
2021-08-24
Medium

CVE-2021-30990

A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may bypass Gatekeepe…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2021-30976

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may bypass Gat…

CVSS: 5.5 CWE: N/A View on NVD
High

CVE-2021-30975

This issue was addressed by disabling execution of JavaScript when viewing a scripting dictionary. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2.…

CVSS: 8.6 CWE: CWE-863 - Incorrect Authorization View on NVD
Medium

CVE-2021-30950

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may bypass Gat…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2021-30861

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may bypass Gatekeeper checks.

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2021-30853

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6. A malicious application may bypass Gatekeeper checks.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2021-02-23
High

CVE-2020-14359

A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP headers (via cURL) an attacker can bypass our Gatekeeper. Lower case headers are also accepted by some…

CVSS: 7.3 CWE: CWE-305 - Authentication Bypass by Primary Weakness View on NVD
2021-01-28
Medium

CVE-2020-1723

A flaw was found in Keycloak Gatekeeper (Louketo). The logout endpoint can be abused to redirect logged-in users to arbitrary web pages. Affected versions of Keycloak Gatekeeper (Louketo): 6.0.1, 7.0…

CVSS: 6.1 CWE: CWE-601 - URL Redirection to Untrusted Site ('Open Redirect') View on NVD
2020-11-12
Medium

CVE-2020-11123

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the st…

CVSS: 5.5 CWE: N/A View on NVD
2020-10-27
Medium

CVE-2019-8656

This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 20…

CVSS: 5.5 CWE: N/A View on NVD
2020-06-04
Critical

CVE-2020-13835

An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. The Gatekeeper Trustlet allows a brute-force attack on user credentials. The Samsung ID is SVE-2020-16908 (June…

CVSS: 9.8 CWE: CWE-20 - Improper Input Validation View on NVD
2020-05-11
High

CVE-2020-12752

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. Attackers can determine user credentials via a brute-force attack against the Gatekeeper trustlet. T…

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
2020-03-24
Critical

CVE-2019-20596

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is information disclosure in the GateKeeper Trustlet. The Samsung ID is SVE-2019-13958 (June…

CVSS: 9.1 CWE: N/A View on NVD
Critical

CVE-2020-10849

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos7885, Exynos8895, and Exynos9810 chipsets) software. The Gatekeeper trustlet allows a brute-force attack on t…

CVSS: 9.8 CWE: CWE-307 - Improper Restriction of Excessive Authentication Attempts View on NVD
2020-02-27
Medium

CVE-2020-3866

This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Catalina 10.15.3. Searching for and opening a file from an attacker cont…

CVSS: 5.5 CWE: N/A View on NVD
2020-02-22
Medium

CVE-2020-9342

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Pro…

CVSS: 5.5 CWE: CWE-436 - Interpretation Conflict View on NVD
2019-12-18
Medium

CVE-2019-8589

This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.5. A malicious application may bypass Gatekeeper checks.

CVSS: 5.5 CWE: N/A View on NVD
High

CVE-2019-6239

This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks.

CVSS: 7.8 CWE: N/A View on NVD
2019-09-05
High

CVE-2019-2115

In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with…

CVSS: 7.8 CWE: CWE-415 - Double Free View on NVD
2016-01-11
Medium

CVE-2015-7024

Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an un…

CVSS: 6.7 CWE: N/A View on NVD
2015-01-30
Medium

CVE-2014-8838

The Security component in Apple OS X before 10.10.2 does not properly process cached information about app certificates, which allows attackers to bypass the Gatekeeper protection mechanism by levera…

CVSS: 4.3 CWE: CWE-264 View on NVD
Medium

CVE-2014-8826

LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive.

CVSS: 5.0 CWE: CWE-19 View on NVD
2012-08-31
Medium

CVE-2012-3534

GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large numbe…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2011-02-18
Medium

CVE-2011-0453

F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP ses…

CVSS: 5.0 CWE: CWE-287 - Improper Authentication View on NVD
2010-04-15
Medium

CVE-2010-1425

F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.0…

CVSS: 5.0 CWE: N/A View on NVD
2009-05-22
Medium

CVE-2009-1782

Multiple F-Secure anti-virus products, including Anti-Virus for Microsoft Exchange 7.10 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, Windows 6.61 and earlier, and Linux 2.16 and ear…

CVSS: 6.8 CWE: N/A View on NVD
2006-06-06
High

CVE-2006-2838

Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash)…

CVSS: 7.6 CWE: N/A View on NVD
2005-11-16
High

CVE-2005-3546

suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local us…

CVSS: 7.2 CWE: N/A View on NVD
2005-11-02
Medium

CVE-2005-3468

Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read…

CVSS: 5.0 CWE: N/A View on NVD
2004-11-23
Critical

CVE-2004-0326

Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote attackers to execute arbitrary code via a long GET request.

CVSS: 10.0 CWE: N/A View on NVD
2004-09-09
Medium

CVE-2004-0830

The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earli…

CVSS: 5.0 CWE: N/A View on NVD
2001-09-20
Medium

CVE-2001-0546

Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (resource exhaustion) via a large amount…

CVSS: 5.0 CWE: N/A View on NVD
2000-07-13
High

CVE-2000-0675

Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote attackers to execute arbitrary commands via a long string.

CVSS: 7.5 CWE: N/A View on NVD
CVE Daily Lookup — auto-links CVE IDs on any page you visit. GitHub, Jira, Confluence & more. Free.
Chrome Firefox