CVE-2020-10012
https://notcve.org/view.php?id=CVE-2020-10012
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted document may lead to a cross site scripting attack. Se abordó un problema de acceso con unas restricciones de acceso mejoradas. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-10009
https://notcve.org/view.php?id=CVE-2020-10009
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions. Se abordó un problema lógico con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 •
CVE-2020-10006
https://notcve.org/view.php?id=CVE-2020-10006
This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to access restricted files. Este problema es abordado con unos derechos mejorados. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 •
CVE-2020-9988
https://notcve.org/view.php?id=CVE-2020-9988
The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A local user may be able to discover a user’s deleted messages. Se abordó un problema con una eliminación mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1, iOS versión 14.0 y iPadOS versión 14.0. • http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211850 https://support.apple.com/en-us/HT211931 •
CVE-2020-9977
https://notcve.org/view.php?id=CVE-2020-9977
A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious application may be able to determine a user's open tabs in Safari. Se presentó un problema de comprobación en la verificación de derechos. • http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211850 https://support.apple.com/en-us/HT211931 • CWE-20: Improper Input Validation •