CVE-2019-8568
published 2019-12-18CVE-2019-8568: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNIHAN
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | ios | >= unspecified < iOS 12.3 | iOS 12.3 |
| apple | iphone_os | < 12.3 | 12.3 |
| apple | mac_os_x | < 10.14.5 | 10.14.5 |
| apple | macos | >= unspecified < macOS Mojave 10.14.5 | macOS Mojave 10.14.5 |
| apple | macos_mojave_10.14.5_security_update_2019-003_high_sierra_security_update_2019-0 | — | — |
| apple | tvos | < 12.3 | 12.3 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < tvOS 12.3 | tvOS 12.3 |
| apple | watchos | < 5.2.1 | 5.2.1 |
| apple | watchos | — | — |
| apple | watchos | >= unspecified < watchOS 5.2.1 | watchOS 5.2.1 |
Apple
CVE-2019-8568: macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra
vendor_apple·2019-05-13·CVSS 5.5
CVE-2019-8568 [MEDIUM] CVE-2019-8568: macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra
Apple Security Update: About the security content of macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra
Product: macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra
CVE: CVE-2019-8568
Component: StreamingZip
Impact: A local user may be able to modify protected parts of the file system
Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.
Apple
CVE-2019-8568: tvOS 12.3
vendor_apple·2019-05-13·CVSS 5.5
CVE-2019-8568 [MEDIUM] CVE-2019-8568: tvOS 12.3
Apple Security Update: About the security content of tvOS 12.3
Product: tvOS
Version: 12.3
CVE: CVE-2019-8568
Component: MobileInstallation
Impact: A local user may be able to modify protected parts of the file system
Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.
Apple
CVE-2019-8568: iOS 12.3
vendor_apple·2019-05-13·CVSS 5.5
CVE-2019-8568 [MEDIUM] CVE-2019-8568: iOS 12.3
Apple Security Update: About the security content of iOS 12.3
Product: iOS
Version: 12.3
CVE: CVE-2019-8568
Component: MobileInstallation
Impact: A local user may be able to modify protected parts of the file system
Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.
Apple
CVE-2019-8568: watchOS 5.2.1
vendor_apple·2019-05-13·CVSS 5.5
CVE-2019-8568 [MEDIUM] CVE-2019-8568: watchOS 5.2.1
Apple Security Update: About the security content of watchOS 5.2.1
Product: watchOS
Version: 5.2.1
CVE: CVE-2019-8568
Component: MobileInstallation
Impact: A local user may be able to modify protected parts of the file system
Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.
GHSA
GHSA-q7gv-xfx9-7f68: A validation issue existed in the handling of symlinks
ghsa_unreviewed·2022-05-24
CVE-2019-8568 [LOW] GHSA-q7gv-xfx9-7f68: A validation issue existed in the handling of symlinks
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-12-18
Published