CVE-2019-8646
published 2019-12-18CVE-2019-8646: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWEXPLOIT
Exploited in the wild
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to leak memory.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | ios | >= unspecified < iOS 12.4 | iOS 12.4 |
| apple | iphone_os | < 12.4 | 12.4 |
| apple | mac_os_x | < 10.14.6 | 10.14.6 |
| apple | macos | >= unspecified < macOS Mojave 10.14.6 | macOS Mojave 10.14.6 |
| apple | macos_mojave_10.14.6_security_update_2019-004_high_sierra_security_update_2019-0 | — | — |
| apple | tvos | < 12.4 | 12.4 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < tvOS 12.4 | tvOS 12.4 |
| apple | watchos | < 5.3 | 5.3 |
| apple | watchos | — | — |
| apple | watchos | >= unspecified < watchOS 5.3 | watchOS 5.3 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vulncheck7.5HIGH