CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-9934 – Apple iOS, iPadOS, and macOS Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2020-9934
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information. Se presentó un problema en el manejo de variables de entorno. • https://github.com/mattshockl/CVE-2020-9934 https://support.apple.com/HT211288 https://support.apple.com/HT211289 •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9852
https://notcve.org/view.php?id=CVE-2020-9852
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un desbordamiento de enteros por medio de una comprobación de entrada mejorada. Este problema es corregido en iOS versión 13.5 y iPadOS versión 13.5, macOS Catalina versión 10.15.5, tvOS versión 13.4.5, watchOS versión 6.2.5. • https://support.apple.com/HT211168 https://support.apple.com/HT211170 https://support.apple.com/HT211171 https://support.apple.com/HT211175 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9855
https://notcve.org/view.php?id=CVE-2020-9855
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.5. A local attacker may be able to elevate their privileges. Se presentó un problema de comprobación en el manejo de enlaces simbólicos. • https://support.apple.com/HT211170 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9851
https://notcve.org/view.php?id=CVE-2020-9851
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to modify protected parts of the file system. Se abordó un problema de acceso con restricciones de acceso mejoradas. Este problema es corregido en macOS Catalina versión 10.15.5. • https://support.apple.com/HT211170 •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9847
https://notcve.org/view.php?id=CVE-2020-9847
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to break out of its sandbox. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Catalina versión 10.15.5. • https://support.apple.com/HT211170 • CWE-125: Out-of-bounds Read •