CVE-2020-9780
https://notcve.org/view.php?id=CVE-2020-9780
The issue was resolved by clearing application previews when content is deleted. This issue is fixed in iOS 13.4 and iPadOS 13.4. A local user may be able to view deleted content in the app switcher. El problema se resolvió al borrar las vistas previas de la aplicación cuando el contenido es eliminado. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4. • https://support.apple.com/HT211102 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVE-2020-3910
https://notcve.org/view.php?id=CVE-2020-3910
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. Se abordó un desbordamiento del búfer con una comprobación de tamaño mejorada. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, macOS Catalina versión 10.15.4, tvOS versión 13.4, watchOS versión 6.2, iTunes para Windows versión 12.10.5, iCloud para Windows versión 10.9.3, iCloud para Windows versión 7.18. • https://support.apple.com/HT211100 https://support.apple.com/HT211101 https://support.apple.com/HT211102 https://support.apple.com/HT211103 https://support.apple.com/HT211105 https://support.apple.com/HT211106 https://support.apple.com/HT211107 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2020-9775
https://notcve.org/view.php?id=CVE-2020-9775
An issue existed in the handling of tabs displaying picture in picture video. The issue was corrected with improved state handling. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user's private browsing activity may be unexpectedly saved in Screen Time. Existía un problema en el manejo de las pestañas que mostraban la imagen en un video imagen. • https://support.apple.com/HT211102 https://support.apple.com/kb/HT211100 • CWE-665: Improper Initialization •
CVE-2020-3899 – webkitgtk: Memory consumption issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2020-3899
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. Se abordó un problema de consumo de memoria con un manejo de la memoria mejorado. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, tvOS versión 13.4, watchOS versión 6.2 Safari versión 13.1, iTunes para Windows versión 12.10.5, iCloud para Windows versión 10.9.3, iCloud para Windows versión 7.18. • https://support.apple.com/HT211101 https://support.apple.com/HT211102 https://support.apple.com/HT211104 https://support.apple.com/HT211105 https://support.apple.com/HT211106 https://support.apple.com/HT211107 https://access.redhat.com/security/cve/CVE-2020-3899 https://bugzilla.redhat.com/show_bug.cgi?id=1876470 •
CVE-2020-3891
https://notcve.org/view.php?id=CVE-2020-3891
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, watchOS 6.2. A person with physical access to a locked iOS device may be able to respond to messages even when replies are disabled. Se abordó un problema lógico con una gestión de estado mejorada. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4, watchOS versión 6.2. • https://support.apple.com/HT211102 https://support.apple.com/HT211103 •