CVE-2020-9944

Опубликовано: 08 дек. 2020

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to read restricted memory.

Ссылки

http://seclists.org/fulldisclosure/2020/Dec/26
Mailing List
Third Party Advisory
http://seclists.org/fulldisclosure/2020/Dec/32
Mailing List
Third Party Advisory
https://support.apple.com/en-us/HT211843
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211844
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211850
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211931
Release Notes
Vendor Advisory
https://support.apple.com/kb/HT212011
Vendor Advisory
http://seclists.org/fulldisclosure/2020/Dec/26
Mailing List
Third Party Advisory
http://seclists.org/fulldisclosure/2020/Dec/32
Mailing List
Third Party Advisory
https://support.apple.com/en-us/HT211843
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211844
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211850
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211931
Release Notes
Vendor Advisory
https://support.apple.com/kb/HT212011
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Версия до 14.0 (исключая)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 14.0 (исключая)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия до 11.1 (исключая)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия от 10.14 (включая) до 10.14.6 (исключая)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия от 10.15 (включая) до 10.15.7 (исключая)

cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Версия до 14.0 (исключая)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Версия до 7.0 (исключая)

EPSS

Процентиль: 53%

0.00302

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-vj42-7xv9-r62v

CVSS3: 5.5

github

больше 3 лет назад

EPSS

Процентиль: 53%

0.00302

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125