cbcvebase.
CVE-2019-8813
published 2019-12-18

CVE-2019-8813: A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows…

medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting.

Affected

18 ranges
VendorProductVersion rangeFixed in
appleicloud< 10.810.8
appleicloud_for_windows
appleicloud_for_windows>= unspecified < iCloud for Windows 11.0iCloud for Windows 11.0
appleios>= unspecified < iOS 13.2 and iPadOS 13.2iOS 13.2 and iPadOS 13.2
appleios_13.2_and_ipados
appleipados< 13.213.2
appleiphone_os< 13.213.2
appleitunes< 12.10.212.10.2
appleitunes_12.10.2_for_windows
appleitunes_for_windows>= unspecified < iTunes for Windows 12.10.2iTunes for Windows 12.10.2
applesafari< 13.0.313.0.3
applesafari
applesafari>= unspecified < Safari 13.0.3Safari 13.0.3
appletvos< 13.213.2
appletvos
appletvos>= unspecified < tvOS 13.2tvOS 13.2
debianwebkit2gtk< webkit2gtk 2.26.1-1 (bookworm)webkit2gtk 2.26.1-1 (bookworm)
webkitgtkwebkitgtk< 2.26.42.26.4

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv6.1MEDIUM