cbcvebase.
CVE-2019-8503
published 2019-12-18

CVE-2019-8503: A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows…

high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website.

Affected

16 ranges
VendorProductVersion rangeFixed in
appleicloud< 7.117.11
appleicloud_for_windows
appleicloud_for_windows>= unspecified < iCloud for Windows 7.11iCloud for Windows 7.11
appleios
appleios>= unspecified < iOS 12.2iOS 12.2
appleiphone_os< 12.212.2
appleitunes< 12.9.412.9.4
appleitunes_12.9.4_for_windows
appleitunes_for_windows>= unspecified < iTunes 12.9.4 for WindowsiTunes 12.9.4 for Windows
applesafari< 12.112.1
applesafari
applesafari>= unspecified < Safari 12.1Safari 12.1
appletvos< 12.212.2
appletvos
appletvos>= unspecified < tvOS 12.2tvOS 12.2
debianwebkit2gtk< webkit2gtk 2.24.1-1 (bookworm)webkit2gtk 2.24.1-1 (bookworm)

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH