CVE-2020-27903
https://notcve.org/view.php?id=CVE-2020-27903
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to gain elevated privileges. Este problema se abordó al eliminar el código vulnerable. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 •
CVE-2020-27900
https://notcve.org/view.php?id=CVE-2020-27900
An issue existed in the handling of snapshots. The issue was resolved with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to preview files it does not have access to. Se presentó un problema en el manejo de snapshots. • http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 •
CVE-2020-27894
https://notcve.org/view.php?id=CVE-2020-27894
The issue was addressed with additional user controls. This issue is fixed in macOS Big Sur 11.0.1. Users may be unable to remove metadata indicating where files were downloaded from. Se abordó el problema con controles de usuario adicionales. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 •
CVE-2020-10014
https://notcve.org/view.php?id=CVE-2020-10014
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to break out of its sandbox. Se abordó un problema de análisis en el manejo de rutas de directorio con una comprobación de rutas mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2020-10012
https://notcve.org/view.php?id=CVE-2020-10012
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted document may lead to a cross site scripting attack. Se abordó un problema de acceso con unas restricciones de acceso mejoradas. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •