Refine your search
75 vulnerabilities found for iCloud for Windows (Legacy) by Apple
CVE-2020-9984 (GCVE-0-2020-9984)
Vulnerability from cvelistv5
Published
2020-10-22 18:06
Modified
2024-08-04 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:50:57.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T18:06:56.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9984",
"datePublished": "2020-10-22T18:06:56.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:50:57.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9937 (GCVE-0-2020-9937)
Vulnerability from cvelistv5
Published
2020-10-22 18:06
Modified
2024-08-04 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:50:56.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T18:06:30.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9937",
"datePublished": "2020-10-22T18:06:30.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:50:56.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9938 (GCVE-0-2020-9938)
Vulnerability from cvelistv5
Published
2020-10-22 18:05
Modified
2024-08-04 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:50:56.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T18:05:51.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9938",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9938",
"datePublished": "2020-10-22T18:05:51.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:50:56.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9919 (GCVE-0-2020-9919)
Vulnerability from cvelistv5
Published
2020-10-22 18:05
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T18:05:06.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9919",
"datePublished": "2020-10-22T18:05:06.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9879 (GCVE-0-2020-9879)
Vulnerability from cvelistv5
Published
2020-10-22 18:00
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T18:00:12.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9879",
"datePublished": "2020-10-22T18:00:12.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9883 (GCVE-0-2020-9883)
Vulnerability from cvelistv5
Published
2020-10-22 17:59
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211931"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1389/"
},
{
"name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Dec/32"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-15T19:06:59.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211931"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1389/"
},
{
"name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Dec/32"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
},
{
"name": "https://support.apple.com/kb/HT211931",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT211931"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1389/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1389/"
},
{
"name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Dec/32"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9883",
"datePublished": "2020-10-22T17:59:36.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9873 (GCVE-0-2020-9873)
Vulnerability from cvelistv5
Published
2020-10-22 17:59
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T17:59:05.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9873",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9873",
"datePublished": "2020-10-22T17:59:05.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9877 (GCVE-0-2020-9877)
Vulnerability from cvelistv5
Published
2020-10-22 17:58
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T17:58:56.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9877",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9877",
"datePublished": "2020-10-22T17:58:56.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9872 (GCVE-0-2020-9872)
Vulnerability from cvelistv5
Published
2020-10-22 17:58
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T17:58:47.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9872",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9872",
"datePublished": "2020-10-22T17:58:47.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9875 (GCVE-0-2020-9875)
Vulnerability from cvelistv5
Published
2020-10-22 17:58
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T17:58:38.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9875",
"datePublished": "2020-10-22T17:58:38.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9876 (GCVE-0-2020-9876)
Vulnerability from cvelistv5
Published
2020-10-22 17:58
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211843"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211850"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211844"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211931"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211952"
},
{
"name": "20201115 APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/19"
},
{
"name": "20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/20"
},
{
"name": "20201115 APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/22"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211935"
},
{
"name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Dec/32"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-15T19:06:58.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211843"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211850"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211844"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211931"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211952"
},
{
"name": "20201115 APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/19"
},
{
"name": "20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/20"
},
{
"name": "20201115 APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/22"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211935"
},
{
"name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Dec/32"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9876",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211843",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT211843"
},
{
"name": "https://support.apple.com/kb/HT211850",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT211850"
},
{
"name": "https://support.apple.com/kb/HT211844",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT211844"
},
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
},
{
"name": "https://support.apple.com/kb/HT211931",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT211931"
},
{
"name": "https://support.apple.com/kb/HT211952",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT211952"
},
{
"name": "20201115 APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Nov/19"
},
{
"name": "20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Nov/20"
},
{
"name": "20201115 APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Nov/22"
},
{
"name": "https://support.apple.com/kb/HT211935",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT211935"
},
{
"name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Dec/32"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9876",
"datePublished": "2020-10-22T17:58:31.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9874 (GCVE-0-2020-9874)
Vulnerability from cvelistv5
Published
2020-10-22 17:58
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T17:58:24.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9874",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9874",
"datePublished": "2020-10-22T17:58:24.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9871 (GCVE-0-2020-9871)
Vulnerability from cvelistv5
Published
2020-10-22 17:54
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T17:54:49.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/kb/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211289"
},
{
"name": "https://support.apple.com/kb/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211288"
},
{
"name": "https://support.apple.com/kb/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211290"
},
{
"name": "https://support.apple.com/kb/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211291"
},
{
"name": "https://support.apple.com/kb/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211293"
},
{
"name": "https://support.apple.com/kb/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211294"
},
{
"name": "https://support.apple.com/kb/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/kb/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9871",
"datePublished": "2020-10-22T17:54:49.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9952 (GCVE-0-2020-9952)
Vulnerability from cvelistv5
Published
2020-10-16 16:53
Modified
2024-08-04 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing maliciously crafted web content may lead to a cross site scripting attack
Summary
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 14.0 and iPadOS 14.0 |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:50:56.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211850"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211844"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211843"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211846"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211847"
},
{
"name": "20201115 APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/18"
},
{
"name": "20201115 APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/19"
},
{
"name": "20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/20"
},
{
"name": "20201115 APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/22"
},
{
"name": "[oss-security] 20201123 WebKitGTK and WPE WebKit Security Advisory WSA-2020-0008",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/23/3"
},
{
"name": "GLSA-202012-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202012-10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 14.0 and iPadOS 14.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 14.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 7.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 14.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.21",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to a cross site scripting attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-23T21:06:30.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211850"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211844"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211843"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211846"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211847"
},
{
"name": "20201115 APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/18"
},
{
"name": "20201115 APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/19"
},
{
"name": "20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/20"
},
{
"name": "20201115 APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/22"
},
{
"name": "[oss-security] 20201123 WebKitGTK and WPE WebKit Security Advisory WSA-2020-0008",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/23/3"
},
{
"name": "GLSA-202012-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202012-10"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 14.0 and iPadOS 14.0"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 14.0"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 7.0"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 14.0"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.4"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.21"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to a cross site scripting attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211850",
"refsource": "MISC",
"url": "https://support.apple.com/HT211850"
},
{
"name": "https://support.apple.com/HT211844",
"refsource": "MISC",
"url": "https://support.apple.com/HT211844"
},
{
"name": "https://support.apple.com/HT211845",
"refsource": "MISC",
"url": "https://support.apple.com/HT211845"
},
{
"name": "https://support.apple.com/HT211843",
"refsource": "MISC",
"url": "https://support.apple.com/HT211843"
},
{
"name": "https://support.apple.com/HT211846",
"refsource": "MISC",
"url": "https://support.apple.com/HT211846"
},
{
"name": "https://support.apple.com/HT211847",
"refsource": "MISC",
"url": "https://support.apple.com/HT211847"
},
{
"name": "20201115 APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Nov/18"
},
{
"name": "20201115 APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Nov/19"
},
{
"name": "20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Nov/20"
},
{
"name": "20201115 APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Nov/22"
},
{
"name": "[oss-security] 20201123 WebKitGTK and WPE WebKit Security Advisory WSA-2020-0008",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/11/23/3"
},
{
"name": "GLSA-202012-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202012-10"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9952",
"datePublished": "2020-10-16T16:53:49.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:50:56.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9936 (GCVE-0-2020-9936)
Vulnerability from cvelistv5
Published
2020-10-16 16:51
Modified
2024-08-04 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:50:56.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:51:26.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9936",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211289",
"refsource": "MISC",
"url": "https://support.apple.com/HT211289"
},
{
"name": "https://support.apple.com/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/HT211288"
},
{
"name": "https://support.apple.com/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/HT211290"
},
{
"name": "https://support.apple.com/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/HT211291"
},
{
"name": "https://support.apple.com/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/HT211293"
},
{
"name": "https://support.apple.com/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/HT211294"
},
{
"name": "https://support.apple.com/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9936",
"datePublished": "2020-10-16T16:51:26.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:50:56.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9925 (GCVE-0-2020-9925)
Vulnerability from cvelistv5
Published
2020-10-16 16:49
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing maliciously crafted web content may lead to universal cross site scripting
Summary
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to universal cross site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:49:46.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.2"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to universal cross site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/HT211288"
},
{
"name": "https://support.apple.com/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/HT211290"
},
{
"name": "https://support.apple.com/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/HT211291"
},
{
"name": "https://support.apple.com/HT211292",
"refsource": "MISC",
"url": "https://support.apple.com/HT211292"
},
{
"name": "https://support.apple.com/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/HT211293"
},
{
"name": "https://support.apple.com/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/HT211294"
},
{
"name": "https://support.apple.com/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9925",
"datePublished": "2020-10-16T16:49:46.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9916 (GCVE-0-2020-9916)
Vulnerability from cvelistv5
Published
2020-10-16 16:47
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A malicious attacker may be able to conceal the destination of a URL
Summary
A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the destination of a URL.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the destination of a URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A malicious attacker may be able to conceal the destination of a URL",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:47:48.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9916",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.2"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the destination of a URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A malicious attacker may be able to conceal the destination of a URL"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/HT211288"
},
{
"name": "https://support.apple.com/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/HT211290"
},
{
"name": "https://support.apple.com/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/HT211291"
},
{
"name": "https://support.apple.com/HT211292",
"refsource": "MISC",
"url": "https://support.apple.com/HT211292"
},
{
"name": "https://support.apple.com/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/HT211293"
},
{
"name": "https://support.apple.com/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/HT211294"
},
{
"name": "https://support.apple.com/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9916",
"datePublished": "2020-10-16T16:47:48.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9915 (GCVE-0-2020-9915)
Vulnerability from cvelistv5
Published
2020-10-16 16:47
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing maliciously crafted web content may prevent Content Security Policy from being enforced
Summary
An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:47:00.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.2"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may prevent Content Security Policy from being enforced"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/HT211288"
},
{
"name": "https://support.apple.com/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/HT211290"
},
{
"name": "https://support.apple.com/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/HT211291"
},
{
"name": "https://support.apple.com/HT211292",
"refsource": "MISC",
"url": "https://support.apple.com/HT211292"
},
{
"name": "https://support.apple.com/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/HT211293"
},
{
"name": "https://support.apple.com/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/HT211294"
},
{
"name": "https://support.apple.com/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9915",
"datePublished": "2020-10-16T16:47:00.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9910 (GCVE-0-2020-9910)
Vulnerability from cvelistv5
Published
2020-10-16 16:44
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication
Summary
Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:44:17.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.2"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/HT211288"
},
{
"name": "https://support.apple.com/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/HT211290"
},
{
"name": "https://support.apple.com/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/HT211291"
},
{
"name": "https://support.apple.com/HT211292",
"refsource": "MISC",
"url": "https://support.apple.com/HT211292"
},
{
"name": "https://support.apple.com/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/HT211293"
},
{
"name": "https://support.apple.com/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/HT211294"
},
{
"name": "https://support.apple.com/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9910",
"datePublished": "2020-10-16T16:44:17.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9895 (GCVE-0-2020-9895)
Vulnerability from cvelistv5
Published
2020-10-16 16:40
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:40:54.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.2"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/HT211288"
},
{
"name": "https://support.apple.com/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/HT211290"
},
{
"name": "https://support.apple.com/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/HT211291"
},
{
"name": "https://support.apple.com/HT211292",
"refsource": "MISC",
"url": "https://support.apple.com/HT211292"
},
{
"name": "https://support.apple.com/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/HT211293"
},
{
"name": "https://support.apple.com/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/HT211294"
},
{
"name": "https://support.apple.com/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9895",
"datePublished": "2020-10-16T16:40:54.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9894 (GCVE-0-2020-9894)
Vulnerability from cvelistv5
Published
2020-10-16 16:40
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Summary
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:40:22.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9894",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.2"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/HT211288"
},
{
"name": "https://support.apple.com/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/HT211290"
},
{
"name": "https://support.apple.com/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/HT211291"
},
{
"name": "https://support.apple.com/HT211292",
"refsource": "MISC",
"url": "https://support.apple.com/HT211292"
},
{
"name": "https://support.apple.com/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/HT211293"
},
{
"name": "https://support.apple.com/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/HT211294"
},
{
"name": "https://support.apple.com/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9894",
"datePublished": "2020-10-16T16:40:22.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9893 (GCVE-0-2020-9893)
Vulnerability from cvelistv5
Published
2020-10-16 16:39
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:39:56.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9893",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.2"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/HT211288"
},
{
"name": "https://support.apple.com/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/HT211290"
},
{
"name": "https://support.apple.com/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/HT211291"
},
{
"name": "https://support.apple.com/HT211292",
"refsource": "MISC",
"url": "https://support.apple.com/HT211292"
},
{
"name": "https://support.apple.com/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/HT211293"
},
{
"name": "https://support.apple.com/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/HT211294"
},
{
"name": "https://support.apple.com/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9893",
"datePublished": "2020-10-16T16:39:56.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9862 (GCVE-0-2020-9862)
Vulnerability from cvelistv5
Published
2020-10-16 16:32
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Copying a URL from Web Inspector may lead to command injection
Summary
A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.6 and iPadOS 13.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.8 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Copying a URL from Web Inspector may lead to command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:32:39.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211288"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211292"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211293"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.6 and iPadOS 13.6"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.8"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.8"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.2"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.8 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.3"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.20"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Copying a URL from Web Inspector may lead to command injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211288",
"refsource": "MISC",
"url": "https://support.apple.com/HT211288"
},
{
"name": "https://support.apple.com/HT211290",
"refsource": "MISC",
"url": "https://support.apple.com/HT211290"
},
{
"name": "https://support.apple.com/HT211291",
"refsource": "MISC",
"url": "https://support.apple.com/HT211291"
},
{
"name": "https://support.apple.com/HT211292",
"refsource": "MISC",
"url": "https://support.apple.com/HT211292"
},
{
"name": "https://support.apple.com/HT211293",
"refsource": "MISC",
"url": "https://support.apple.com/HT211293"
},
{
"name": "https://support.apple.com/HT211294",
"refsource": "MISC",
"url": "https://support.apple.com/HT211294"
},
{
"name": "https://support.apple.com/HT211295",
"refsource": "MISC",
"url": "https://support.apple.com/HT211295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9862",
"datePublished": "2020-10-16T16:32:39.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9850 (GCVE-0-2020-9850)
Vulnerability from cvelistv5
Published
2020-06-09 16:18
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A remote attacker may be able to cause arbitrary code execution
Summary
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.5 and iPadOS 13.5 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.439Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.5 and iPadOS 13.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.7 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to cause arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:31:05.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.5 and iPadOS 13.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.5"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.7 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.2"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.19"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211168",
"refsource": "MISC",
"url": "https://support.apple.com/HT211168"
},
{
"name": "https://support.apple.com/HT211171",
"refsource": "MISC",
"url": "https://support.apple.com/HT211171"
},
{
"name": "https://support.apple.com/HT211175",
"refsource": "MISC",
"url": "https://support.apple.com/HT211175"
},
{
"name": "https://support.apple.com/HT211178",
"refsource": "MISC",
"url": "https://support.apple.com/HT211178"
},
{
"name": "https://support.apple.com/HT211179",
"refsource": "MISC",
"url": "https://support.apple.com/HT211179"
},
{
"name": "https://support.apple.com/HT211181",
"refsource": "MISC",
"url": "https://support.apple.com/HT211181"
},
{
"name": "https://support.apple.com/HT211177",
"refsource": "MISC",
"url": "https://support.apple.com/HT211177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9850",
"datePublished": "2020-06-09T16:18:37.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9843 (GCVE-0-2020-9843)
Vulnerability from cvelistv5
Published
2020-06-09 16:18
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing maliciously crafted web content may lead to a cross site scripting attack
Summary
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.5 and iPadOS 13.5 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.5 and iPadOS 13.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.7 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to a cross site scripting attack",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:30:29.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.5 and iPadOS 13.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.5"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.7 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.2"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.19"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to a cross site scripting attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211168",
"refsource": "MISC",
"url": "https://support.apple.com/HT211168"
},
{
"name": "https://support.apple.com/HT211171",
"refsource": "MISC",
"url": "https://support.apple.com/HT211171"
},
{
"name": "https://support.apple.com/HT211175",
"refsource": "MISC",
"url": "https://support.apple.com/HT211175"
},
{
"name": "https://support.apple.com/HT211178",
"refsource": "MISC",
"url": "https://support.apple.com/HT211178"
},
{
"name": "https://support.apple.com/HT211179",
"refsource": "MISC",
"url": "https://support.apple.com/HT211179"
},
{
"name": "https://support.apple.com/HT211181",
"refsource": "MISC",
"url": "https://support.apple.com/HT211181"
},
{
"name": "https://support.apple.com/HT211177",
"refsource": "MISC",
"url": "https://support.apple.com/HT211177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9843",
"datePublished": "2020-06-09T16:18:20.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9789 (GCVE-0-2020-9789)
Vulnerability from cvelistv5
Published
2020-06-09 16:12
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.5 and iPadOS 13.5 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:04.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211170"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211181"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.5 and iPadOS 13.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.7 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:12:49.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211170"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211181"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.5 and iPadOS 13.5"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.5"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.7 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.2"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.19"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211168",
"refsource": "MISC",
"url": "https://support.apple.com/HT211168"
},
{
"name": "https://support.apple.com/HT211170",
"refsource": "MISC",
"url": "https://support.apple.com/HT211170"
},
{
"name": "https://support.apple.com/HT211171",
"refsource": "MISC",
"url": "https://support.apple.com/HT211171"
},
{
"name": "https://support.apple.com/HT211175",
"refsource": "MISC",
"url": "https://support.apple.com/HT211175"
},
{
"name": "https://support.apple.com/HT211178",
"refsource": "MISC",
"url": "https://support.apple.com/HT211178"
},
{
"name": "https://support.apple.com/HT211179",
"refsource": "MISC",
"url": "https://support.apple.com/HT211179"
},
{
"name": "https://support.apple.com/HT211181",
"refsource": "MISC",
"url": "https://support.apple.com/HT211181"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9789",
"datePublished": "2020-06-09T16:12:50.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:04.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9790 (GCVE-0-2020-9790)
Vulnerability from cvelistv5
Published
2020-06-09 16:10
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Summary
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.5 and iPadOS 13.5 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:04.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211170"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211181"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.5 and iPadOS 13.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.7 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:11:50.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211170"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211181"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.5 and iPadOS 13.5"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Catalina 10.15.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.5"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.7 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.2"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.19"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211168",
"refsource": "MISC",
"url": "https://support.apple.com/HT211168"
},
{
"name": "https://support.apple.com/HT211170",
"refsource": "MISC",
"url": "https://support.apple.com/HT211170"
},
{
"name": "https://support.apple.com/HT211171",
"refsource": "MISC",
"url": "https://support.apple.com/HT211171"
},
{
"name": "https://support.apple.com/HT211175",
"refsource": "MISC",
"url": "https://support.apple.com/HT211175"
},
{
"name": "https://support.apple.com/HT211178",
"refsource": "MISC",
"url": "https://support.apple.com/HT211178"
},
{
"name": "https://support.apple.com/HT211179",
"refsource": "MISC",
"url": "https://support.apple.com/HT211179"
},
{
"name": "https://support.apple.com/HT211181",
"refsource": "MISC",
"url": "https://support.apple.com/HT211181"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9790",
"datePublished": "2020-06-09T16:10:59.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:04.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9807 (GCVE-0-2020-9807)
Vulnerability from cvelistv5
Published
2020-06-09 16:08
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing maliciously crafted web content may lead to arbitrary code execution
Summary
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.5 and iPadOS 13.5 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.5 and iPadOS 13.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.7 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:15:52.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.5 and iPadOS 13.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.5"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.7 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.2"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.19"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211168",
"refsource": "MISC",
"url": "https://support.apple.com/HT211168"
},
{
"name": "https://support.apple.com/HT211171",
"refsource": "MISC",
"url": "https://support.apple.com/HT211171"
},
{
"name": "https://support.apple.com/HT211175",
"refsource": "MISC",
"url": "https://support.apple.com/HT211175"
},
{
"name": "https://support.apple.com/HT211178",
"refsource": "MISC",
"url": "https://support.apple.com/HT211178"
},
{
"name": "https://support.apple.com/HT211179",
"refsource": "MISC",
"url": "https://support.apple.com/HT211179"
},
{
"name": "https://support.apple.com/HT211181",
"refsource": "MISC",
"url": "https://support.apple.com/HT211181"
},
{
"name": "https://support.apple.com/HT211177",
"refsource": "MISC",
"url": "https://support.apple.com/HT211177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9807",
"datePublished": "2020-06-09T16:08:53.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9806 (GCVE-0-2020-9806)
Vulnerability from cvelistv5
Published
2020-06-09 16:07
Modified
2024-08-04 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing maliciously crafted web content may lead to arbitrary code execution
Summary
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.5 and iPadOS 13.5 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.5 and iPadOS 13.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.7 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:15:24.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.5 and iPadOS 13.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.5"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.7 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.2"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.19"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211168",
"refsource": "MISC",
"url": "https://support.apple.com/HT211168"
},
{
"name": "https://support.apple.com/HT211171",
"refsource": "MISC",
"url": "https://support.apple.com/HT211171"
},
{
"name": "https://support.apple.com/HT211175",
"refsource": "MISC",
"url": "https://support.apple.com/HT211175"
},
{
"name": "https://support.apple.com/HT211178",
"refsource": "MISC",
"url": "https://support.apple.com/HT211178"
},
{
"name": "https://support.apple.com/HT211179",
"refsource": "MISC",
"url": "https://support.apple.com/HT211179"
},
{
"name": "https://support.apple.com/HT211181",
"refsource": "MISC",
"url": "https://support.apple.com/HT211181"
},
{
"name": "https://support.apple.com/HT211177",
"refsource": "MISC",
"url": "https://support.apple.com/HT211177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9806",
"datePublished": "2020-06-09T16:07:46.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:43:05.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9802 (GCVE-0-2020-9802)
Vulnerability from cvelistv5
Published
2020-06-09 16:07
Modified
2025-05-05 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Processing maliciously crafted web content may lead to arbitrary code execution
Summary
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | iOS |
Version: unspecified < iOS 13.5 and iPadOS 13.5 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:43:05.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT211177"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-9802",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:32:41.514242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T17:03:49.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.5 and iPadOS 13.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 6.2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 13.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes 12.10.7 for Windows",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows (Legacy)",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T16:16:13.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211168"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211171"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211175"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211179"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211181"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT211177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2020-9802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 13.5 and iPadOS 13.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 13.4.5"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 6.2.5"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 13.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes 12.10.7 for Windows"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 11.2"
}
]
}
},
{
"product_name": "iCloud for Windows (Legacy)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.19"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT211168",
"refsource": "MISC",
"url": "https://support.apple.com/HT211168"
},
{
"name": "https://support.apple.com/HT211171",
"refsource": "MISC",
"url": "https://support.apple.com/HT211171"
},
{
"name": "https://support.apple.com/HT211175",
"refsource": "MISC",
"url": "https://support.apple.com/HT211175"
},
{
"name": "https://support.apple.com/HT211178",
"refsource": "MISC",
"url": "https://support.apple.com/HT211178"
},
{
"name": "https://support.apple.com/HT211179",
"refsource": "MISC",
"url": "https://support.apple.com/HT211179"
},
{
"name": "https://support.apple.com/HT211181",
"refsource": "MISC",
"url": "https://support.apple.com/HT211181"
},
{
"name": "https://support.apple.com/HT211177",
"refsource": "MISC",
"url": "https://support.apple.com/HT211177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2020-9802",
"datePublished": "2020-06-09T16:07:21.000Z",
"dateReserved": "2020-03-02T00:00:00.000Z",
"dateUpdated": "2025-05-05T17:03:49.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}