CVE-2019-8756

CVE Database · CVE-2019-8756

CVE-2019-8756

· CRITICALModified

CVSS v3.1

9.8

EPSS

1.48%

Published

Oct 27, 2020

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-787

Affected Products (6)

apple · icloud (up to 7.14)vulnerable

apple · icloud (up to 10.7)vulnerable

apple · itunes (up to 12.10.1)vulnerable

apple · mac_os_x (up to 10.15)vulnerable

apple · tvos (up to 13)vulnerable

apple · watchos (up to 6.0)vulnerable

References (16)