CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2020-36521
https://notcve.org/view.php?id=CVE-2020-36521
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema ha sido corregido en iCloud para Windows versión 11.4, iOS versión 14.0 y iPadOS versión 14.0, watchOS versión 7.0, tvOS versión 14.0, iCloud para Windows versión 7.21, iTunes para Windows versión 12.10.9. • https://support.apple.com/en-us/HT211843 https://support.apple.com/en-us/HT211844 https://support.apple.com/en-us/HT211846 https://support.apple.com/en-us/HT211847 https://support.apple.com/en-us/HT211850 https://support.apple.com/en-us/HT211952 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32782
https://notcve.org/view.php?id=CVE-2022-32782
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4. An app with root privileges may be able to access private information. Se abordó este problema al habilitar el tiempo de ejecución reforzado. Este problema ha sido corregido en macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213257 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26707
https://notcve.org/view.php?id=CVE-2022-26707
An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in macOS Monterey 12.4. A user may be able to view sensitive user information. Se abordó un problema en el manejo de las variables de entorno con una comprobación mejorada. Este problema ha sido corregido en macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213257 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0CVE-2022-32849
https://notcve.org/view.php?id=CVE-2022-32849
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information. Se abordó un problema de divulgación de información al eliminar el código vulnerable. Este problema ha sido corregido en iOS versión 15.6 y iPadOS versión 15.6, macOS Big Sur versión 11.6.8, tvOS versión 15.6, macOS Monterey versión 12.5, Security Update 2022-005 Catalina. • https://support.apple.com/en-us/HT213342 https://support.apple.com/en-us/HT213343 https://support.apple.com/en-us/HT213344 https://support.apple.com/en-us/HT213345 https://support.apple.com/en-us/HT213346 https://support.apple.com/kb/HT213488 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32880
https://notcve.org/view.php?id=CVE-2022-32880
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app may be able to access user-sensitive data. Se abordó este problema al habilitar el tiempo de ejecución reforzado. Este problema es corregido en macOS Monterey versión 12.5. • https://support.apple.com/en-us/HT213345 •