CVE-2023-40299 Information

Description

Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files or make requests for TCC permissions by using the DYLD_INSERT_LIBRARIES environment variable.

Reference

https://github.com/Kong/insomnia/releases https://www.angelystor.com/posts/cve-2023-40299/ https://github.com/Kong/insomnia/pull/6217/commits https://insomnia.rest/changelog