exploitDog

CVE-2019-7289

Опубликовано: 18 дек. 2019

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information.

Ссылки

https://support.apple.com/HT209522
Vendor Advisory
https://support.apple.com/HT209522
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apple:shortcuts:*:*:*:*:*:iphone_os:*:*

Версия до 2.1.3 (исключая)

EPSS

Процентиль: 32%

0.00121

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-8453-jjmp-9q2q

github

больше 3 лет назад

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information.

EPSS

Процентиль: 32%

0.00121

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-22