CVE-2019-8840Out-of-bounds Read in Apple Xcode

CWE-125Out-of-bounds Read4 documents4 sources
Severity
8.8HIGHNVD
EPSS
1.0%
top 23.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Xcode
Timeline
PublishedOct 27
Latest updateMay 24

Description

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5apple/xcodeunspecified11.3
NVDapple/xcode< 11.3

🔴Vulnerability Details

2
GHSA
GHSA-2924-9cv7-3gpq: An out-of-bounds read was addressed with improved bounds checking2022-05-24
CVEList
CVE-2019-8840: An out-of-bounds read was addressed with improved bounds checking2020-10-27

📋Vendor Advisories

1
Apple
CVE-2019-8840: Xcode 11.32019-12-10
CVE-2019-8840 — Out-of-bounds Read in Apple Xcode | cvebase